IETF Logo Mail Archive

Re: [auth48] [AD] AUTH48: RFC-to-be 9472 <draft-ietf-opsawg-sbom-access-18> for your review

"Rob Wilton (rwilton)" <rwilton@cisco.com> Wed, 27 September 2023 10:33 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E0C9C151542; Wed, 27 Sep 2023 03:33:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.605
X-Spam-Level:
X-Spam-Status: No, score=-14.605 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b="DpI176RH"; dkim=pass (1024-bit key) header.d=cisco.com header.b="EmAF/7Fq"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EXjaaLPNgblz; Wed, 27 Sep 2023 03:32:57 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D999C151092; Wed, 27 Sep 2023 03:32:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=30696; q=dns/txt; s=iport; t=1695810777; x=1697020377; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=pKDsDH79JuocJbahINgh2wBOlhcmesnTXHV0soHwjec=; b=DpI176RHe09NjzzsZlvQNsm3pDLVTe4fJepsgdlNmK0UQ2DT1uzavmTH q14Rr9TXdIKGjFZY7BPRr5oGd0ASFYMwwgUfh/hGdBvKYdHAxZRFVW91t EQpYiNmicJzm+Ddph6Bm61HkZYGrlhn6qBH+BZbzoGTJtxT+J0L3IPvtJ 8=;
X-CSE-ConnectionGUID: y/HpxSP8Q8u2vOK/SV332g==
X-CSE-MsgGUID: sU+omX6lSoSQmUFDf8ezKg==
X-IPAS-Result: A0AFAADyAxRlmJpdJa1XAxoBAQEBAQEBAQEBAwEBAQESAQEBAQICAQEBAUAlgRYFAQEBAQsBgWRSdwJZKhJHA4RPg0wDhE5fiGMDkTqJMIMSFIERA1YPAQEBDQEBOQsEAQGFBwIWhnICJjQJDgECAgIBAQEBAwIDAQEBAQEBAQIBAQUBAQECAQcEFAEBAQEBAQEBHhkFDhAnhWgNhkkBAQEBAQEBEggJBA0MAQE3AQQHBAIBBgIOAwQBAQECAiYCAgIwFQgIAgQBDQUIGoJcAYI7IwMBEAY/lUWPTQGBQAKKKHp/M4EBggkBAQYEBYFOQbBdCYEaLgGHbxoBaE0bg2kYgxaBHycbgUlEgRVDeYFvPoJiAgEBAYEoAQwGASMKCwomgxQ5gi+FK4QZgnUogV0HDi4HMoELDAmBBoJ7OCeLEwkhgQgIXYFqPQINVAsLXYERgkQCAhE5FEdwGwMHA4EEECsHBDIbBwYJFi0lBlEELSQJExI+BIFngVEKgQY/EQ4RgkUiAgc2NhlLgl4JFQw0TnYQKwQUF20oBGoFGhUeNxESFw0DCHYdAhEjPAMFAwQ2ChUNCyEFFEMDRwZMCwMCHAUDAwSBNgUPHgIQGgYOKQMDGU4CEBQDPgMDBgMLMgMwV1QDRB1AAwttPRQhFBsFBDspWQWhVQM8MS2BQxBbBgIPBhQTJgQNGgEHAQIfAQEUDHAICC0RAQkaBgsBDwk8D5JBEYMJR4s+jXSTOIEtCoQMjACVPBeEAYFWixgEhmqGOoQxg2mCTWKXNnkggi+LEpR1KwQchH0CBAIEBQIOAQEGgTIxOmtwcBU7gmcJCUAZD4EbjQUMDQkWg0CFFIpldgIBCi4CBwEKAQEDCYhvgloBAQ
IronPort-PHdr: A9a23:uj1xyhdWJGxSsPDCvN4iZjzmlGM/foqcDmcuAtIPgrZKdOGk55v9e RCZ7vR2h1iPVoLeuLpIiOvT5rjpQndIoY2Av3YLbIFWWlcbhN8XkQ0tDI/NCUDyIPPwKS1vN M9DT1RiuXq8NBsdA97wMmXbuWb69jsOAlP6PAtxKP7yH9vIkMWzy+e005bSeA5PwjG6ZOA6I BC/tw6ErsANmsMiMvMo1xLTq31UeuJbjW9pPgeVmBDxp4+8qZVi6C9X/fkm8qZ9
IronPort-Data: A9a23:B2uqD6IDj8FCvFQbFE+R4ZUlxSXFcZb7ZxGr2PjKsXjdYENS0DNSz mdLUGHTaP7fMWf8LdlwbIyy/R5TvJWHzoRgGwcd+CA2RRqmiyZq6fd1j6vUF3nPRiEWZBs/t 63yUvGZcYZsCCea/0/xWlTYhSEU/bmSQbbhA/LzNCl0RAt1IA8skhsLd9QR2uaEuvDnRVvW0 T/Oi5eHYgT9imQrajt8B5+r8XuDgtyj4Fv0gXRmDRx7lAe2v2UYCpsZOZawIxPQKmWDNrfnL wpr5OjRElLxp3/BOPv8+lrIWhFirorpAOS7oiE+t55OLfR1jndaPq4TbJLwYKrM4tmDt4gZJ N5l7fRcReq1V0HBsLx1bvVWL81xFbwB2KfXGkDviJyOlVPhUDzX/a41Vk5jaOX0+s4vaY1P3 eYTJDZIZReZiqfthrm6UeJrwM8kKaEHPqtG5Somlm6fXK1gGM2fK0nJzYcwMDMYnN9PGerZY eISaCFka1LLZBgn1lI/Ucxuzbbz2CWiG9FegEmo5q0y0zbX9wtK6b3QHvbbKtGYZsoAyy50o UqfrzimXXn2Lue3wCeZ8i78j/XEnSLlVaoIGrb9+/JrnFqJgGsJB3U+T1Ww5PS1i1K5QfpFJ UdR9yYvsa8oskuxQbHAswaQunWIuFsXXMBdVrZ84wCWwa2S6AGcboQZctJfQM1hlNcmfgR67 w+Uxc3OJntUjubOE33Io994sgiOESQSKGYDYwoNQg0E/8TvrekPYvTnE4sL/Emd04CdJN3g/ 9yZhHNh2OhL3Kbnw43+rA+X2Wv9znTcZldtvl2/Y46z0u9uiGeYi2GA81PX67NLK5yUCwLHt 3kfkM/Y5+cLZX1sqMBvaLtVdF1Kz6/VWNE5vbKJN8Jwn9hK0yX8Fb28GBkkeC9U3j8sIFcFm nP7twJL/4N0N3C3d6JxaI/ZI510nPW/SI+9Da6IMIImjn1NmOmvonkGiam4gTiFraTQufpX1 WqzKJz1Vi9KVcyLMhLvGr1HuVPU+szO7TqDGc+kp/hW+bGff3WSAawUK0eDa/tR0U93iFu9z jqrDOPTk083eLSnOkH/qNdPRXhUdiJTLc6t9KRqmhurf1AO9JcJUaGBmNvMuuVNwsxoqws/1 i/sABIBmASj1BUq62yiMxheVV8mZr4mxVoTNi03NlHu0H8mCbtDJo9FH3frVdHLLNBe8MM=
IronPort-HdrOrdr: A9a23:39OsW6sz6tyaptY7rc5pi2fJ7skCM4Aji2hC6mlwRA09TyXGrb HMoB1L73/JYWgqOU3IwerwSZVoIUmxyXZ0ibNhRItKLzOWyFdAS7sSo7cKogeQVBEWk9Qtt5 uIHJIOdeEYYWIK6voSpTPIberIo+P3sZxA592us0uFJDsCA8oPnmIJbjpzUHcGOzWubqBJbK Z0k/A33QZIDk5nFfhTaEN1OdTrlpngrr6jSxgAABIs9QmJih2VyJOSKXKl9yZbeQlihZM5/0 b4syGR3MieWveApSP05iv21dB7idHhwtxMCIinkc4OMAjhjQ6uecBIR6CClCpdmpDt1H8a1P 335zswNcV67H3cOkuvpwH25gXm2DEyr1f/1F6jh2f5q8CRfkN5NyMBv/MdTvLq0TtmgDhO6t MM44tfjesPMfr0plW42zEPbWAzqqP7mwt4rQdZtQ0tbWJXUs4ikWVYxjIULH/FdxiKtbzO14 JVfZvhzecTflWAY3/DuG5zhNSqQ3QoBx+DBlMPo8qPzlFt7TpEJmYjtYQid007hdkAYogB4/ 6BPrVjlblIQMNTZaVhBP0ZSc/yDmDWWxrDPG+bPFyiTcg8Sj7wgo+y5K9w6PCheZQOwpd3kJ PdUElAvWp3f071E8WB0JBC7xiISmSgWjbmzN1Y+vFCy/DBbauuNTfGREElksOmrflaCsrHW+ yrMJYTGPPnJXuGI/cB4+Q/YeglFZAzarxjhj9gYSP6niviEPyfitDm
X-Talos-CUID: 9a23:VljuYWPBL7bQq+5DSW5H7F4vIpAcImCH0lDzZHSGUj0zR+jA
X-Talos-MUID: 9a23:4DaNFAwzL1vuRY/ETo4QqNcdBKeaqL+TS0cIocsCgM6/DClNFRuT3DmlYYByfw==
X-IronPort-Anti-Spam-Filtered: true
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by alln-iport-1.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Sep 2023 10:32:56 +0000
Received: from alln-opgw-4.cisco.com (alln-opgw-4.cisco.com [173.37.147.252]) by rcdn-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id 38RAWuX5014516 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 27 Sep 2023 10:32:56 GMT
X-CSE-ConnectionGUID: mvryN6+ORrmkpkE6/J0skQ==
X-CSE-MsgGUID: HPv7Iii6QbSg2XJ5RukZhw==
Authentication-Results: alln-opgw-4.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=rwilton@cisco.com; dmarc=pass (p=quarantine dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="6.03,179,1694736000"; d="scan'208";a="2914148"
Received: from mail-co1nam11lp2168.outbound.protection.outlook.com (HELO NAM11-CO1-obe.outbound.protection.outlook.com) ([104.47.56.168]) by alln-opgw-4.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Sep 2023 10:32:55 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d+f5XHy6ZI6lduMswn3pE65FB7Stn6uV/XZQkl5EszqgfJIJcxJkLVVmG+uw7/vZRxn4Nm9bwEtApB9J6PnFYSmMJ8pzMTOhpccD9M1wVbo5jx48K6ZtQUpamGA2tIpIKFIHI4rMWaParGLuR/8GSUgv9GhUpY49EXlAcGaIgKNUZj2ukGk+UlgIX9oP9iUwW05trfkLYiycyEhjuTFMCY2qMIPQhPrmkPs+qAGwbTjDtq0yKV+FEHuNJSptGoar+TNSNcs5lbyPQyllapxYIegA5aE+zkgYqDfyvHnX0TWGWsiZGhJ/2lk5sco2+fTRZF6U3z7JXH220x/5URrgkg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pKDsDH79JuocJbahINgh2wBOlhcmesnTXHV0soHwjec=; b=mMmIyPl/LG5tiC30sRwExnnlntN+58lbo1gvaRwSye6le5WLt8MQyDSd3JsnbQNZxWrbH5VJuBCKECvc2Z5wy2aIeAijCqO14XzGNkr3B//ogp6jptPdHe5cGjKI1Yvmk1VyiEBRku1ZpTg1dNDOcD2Vy+qnDTlNxTM9WS84MSa5JSSgUkEbVulo+/R9zEchwNUR1iyvHGEl7rbjFzinTGWJn5ocn3zIfCIdjUw14NuwALqlzpTyrH5T9A9T/0M0LrSl0Guf9JCx7PGq/d+sYWjz0Ncq3BWu+0Zk/cWQaLanmnvvo8ofEk/Uo38qacj8U58X2m2NJxGHpxBnMyrkRQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pKDsDH79JuocJbahINgh2wBOlhcmesnTXHV0soHwjec=; b=EmAF/7FqldH2C5PMCWrj4sKDG/O9XJwAcKstmkB+cAT4MqO4dWmo1BAAPOSaH9wjzX/alMz8WzQwEJZHTJoi4wB9ur+Tq8uvrz2dGNp0jLAqkX1fgJ9BHm/PKpceSNJgIoSwGL4gcCnQ3ICq92LCymNo+o2D9zFClLmNkTFUUDQ=
Received: from BY5PR11MB4196.namprd11.prod.outlook.com (2603:10b6:a03:1ce::13) by SJ2PR11MB7476.namprd11.prod.outlook.com (2603:10b6:a03:4c4::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6813.28; Wed, 27 Sep 2023 10:32:53 +0000
Received: from BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::b2b2:e22e:3d6c:14de]) by BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::b2b2:e22e:3d6c:14de%7]) with mapi id 15.20.6813.027; Wed, 27 Sep 2023 10:32:53 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Sarah Tarrant <starrant@amsl.com>, Eliot Lear <lear@cisco.com>
CC: "Rose, Scott W. (Fed)" <scott.rose@nist.gov>, RFC Editor <rfc-editor@rfc-editor.org>, "opsawg-ads@ietf.org" <opsawg-ads@ietf.org>, "opsawg-chairs@ietf.org" <opsawg-chairs@ietf.org>, "bill.wu@huawei.com" <bill.wu@huawei.com>, "auth48archive@rfc-editor.org" <auth48archive@rfc-editor.org>
Thread-Topic: [AD] AUTH48: RFC-to-be 9472 <draft-ietf-opsawg-sbom-access-18> for your review
Thread-Index: AQHZ5NSybSekSgrQ6kuaNpw/6MgwuLAXim8AgADQAwCAAGQ6AIAAew8AgARKBoCAA3DSAIAAud+AgAKSiwCAAKA8AIACE40AgAeb2EA=
Date: Wed, 27 Sep 2023 10:32:53 +0000
Message-ID: <BY5PR11MB419611B1FE3E5481D270D3C3B5C2A@BY5PR11MB4196.namprd11.prod.outlook.com>
References: <20230908232621.2FE7CE5EA7@rfcpa.amsl.com> <BE129746-6B47-4FA8-A918-44B728F347C3@nist.gov> <2F1A389E-ABED-4C37-B41A-79A9E15D59CA@amsl.com> <1D2F40E4-3276-49E3-B70C-D6FC5FAC0430@cisco.com> <621E366B-9EC0-4783-B075-8EAD78A75CD6@nist.gov> <96C191BF-2D68-47CF-9672-9DD33EACB4C0@amsl.com> <4F18F944-A918-4AFE-B56D-606E48497E32@cisco.com> <6ED283CE-8A6F-4AF3-BF24-86EC4F088DA2@amsl.com> <7E392C5B-CA0D-440A-9C10-9668D7AD4F79@cisco.com> <0A4B2338-BBB0-41B0-8DA9-BC76B0CE5666@amsl.com> <93975E7A-00F5-4F8C-99DB-D1BD27868B0B@cisco.com> <C862785F-B36C-4CB8-84EA-F86EE7C099B3@amsl.com>
In-Reply-To: <C862785F-B36C-4CB8-84EA-F86EE7C099B3@amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BY5PR11MB4196:EE_|SJ2PR11MB7476:EE_
x-ms-office365-filtering-correlation-id: 11ae6532-c7de-4157-76db-08dbbf451b12
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: FxgqAPfYH+5rDweHlh3aD/dmOMt6GoMwNDDOsU8Ymd692Uva9wa6JD6O03m6UmvFC72AIuWKySbXYf2AF/czXkUcmrRCMUbbQ7ect14KsMM8C/wvyU2wD1k4AjeWMH4FnHsh9gUvphpGpmxG/VtvBPLCcAZe0nsZd8QL4CCFpkdtpEe+Nn98kzypao+gwDWusv9NC4vLBR93suaBlsdctYWZfkzJe1p249nFkhk2jApcyqPTzcnhWF+g7J3DHZeKi8mKt38gqpu56mv5TWn5LxYj0nyz773jLr5JlMZ315UgQWokhP8Yvbv3binMa9gW9gdlVQlpJOC7PzopNo/Tz990EU9sOVvyvtAQJJYUiwCnz91+D6XYDZq4sPT0qxbSj0SHU/2NcNoBUzNAwKVveZHX9uAH1VkKPH1u8TUSukfAms04gVXBLsMmxIWE2OTAz0Xwcptsnj4VcOCgkHuBxko8n+n6AsbDztNmr3vSL4EemhOeAcvb5B024p1kQJH+7uDRovd5UFtiVSNO+0ofXHooP04G6ARmFnEKetBsfjOq5ExAgYIyI+LpBqsy7P4shFG1cXFqNLSdJ8trPpReysH5smc5+/FlWkGgpxzE0NFL7ogoNbmHGrW+lSqcG4eOnFZt07JJgPrPNuAE84qh74ki63RnvJSi9lQk0NHwEq4G6xY2rqkF3XD9s7e7o0l14QbcrMkVcSM/sH7dxvaI2g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4196.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(376002)(39860400002)(136003)(396003)(346002)(366004)(230922051799003)(1800799009)(186009)(451199024)(7696005)(6506007)(53546011)(9686003)(38070700005)(38100700002)(33656002)(55016003)(40140700001)(66574015)(41300700001)(316002)(122000001)(86362001)(83380400001)(8936002)(6636002)(8676002)(4326008)(66946007)(66446008)(66556008)(54906003)(66476007)(5660300002)(110136005)(52536014)(76116006)(30864003)(2906002)(71200400001)(64756008)(966005)(478600001)(562404015)(579004)(19607625013); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: XL4aqDU2ah6SR5atcUVPdusB1mmAH0+FcFnue5tezh5qWnlacNTVDZJkfjpCca3cd5vYWB3f1UTPXSEUUOUUgfcCeB+c2+xo7Xegpl+ixsrgLQ7fH1Zz+8/kBSNBe7i0lQ3YIhVMBZsytqPSTl7kFQdIo1v5aFj2PgIZnuZwufxUOdMfMSVuQO8qYqp96dOXJzHbU6+8P6PMHTbPmX3bT6qHHdZhTNekmF1JUgM/ZOW5/J6jdYe8H4SPLvm5xsUsqiplcSd3gq213rT47Jo45un42zr2UpwmKZ9hATH5lEsps+GbnOTMSwHdppoaway4/I3ONqQQH7DYjmSPpIna1hsW7js9TaZW89AsP9wz+2OKitsD79jVaKFy/ZwvYuEHF541hkYxhsbJOC0OdO39XzQXD+M73YM+cuz9G8YwdBY3LPRjq9XoDn5TtBk/a5uuXV2bBSYxaPIXyUMKmXCm3qZQnsUQwy8Pe9SBbD/cxKYkOIzgptmDDK2p7x4UGJ+LPsXoeTkUbnbh1B8xUgUgIeh7mLpgVlx4+/VsLHNcs3fPUh/vHcM5HeOx1hJePy2BLjF810jSw/HQlsh4TL9sUDiOFaB7hwRUXdWt0PqnHemljIsMFKcXL4C3XcJtsZpLxqJp5EQItSWpyI6NLIQ66IE/EkaAXxeDr8N8gk8aczQ7bHlqLpNvLhNAoGWISYJ7cmM9AiarJ/9d61tuV0xUezv3OMu1TqapJKLhX2bH3ARMAUjVWcFeOgjDL+FcIo2JWrw3hQGxhFogAW9YvZNHTesZWLN1neiRhg44tUxQLFi+vmSdMuQ8dKYbZnOfG9uFZ88rgEdByppvvQNcZPYJv3uvZ3hnbAQOqsT+WXz9M3kURS/1XbulpArsSEJs97j0ZY2WwJ2oeM5N2dvOVh2ItDG7Lvp6mvZ5AAgZDT3XNp+qRlmBBnvqIoKCvasvCjBUnsrD+x7ANP3fIFXiEetRaFaO8urpZS5spEz+e29ulYOoZp1eSySlWmWC+mf2Oi1tzKZOGblwA95GQTxw2xH+JcN/uuKh77tLe3gasR9+cJ2Zw4R9oZ+eNOpIXQee+kMlpdM5VbaChuL/6epCI0qxBOoWJw8qoNrfidtcHFpEXC2KE1qit5IrJur9BU1aadDc5UeWMdTnVoxkElJgCcaay5LXT6rlq2XjC14XYJoJR+JaTh9bbvKVn9ncWqpcRUxjferoEbtWuKpP8n/gjW2YUjWsfLETwQmbv9EtuPq5ZlvOgCrrZEjOi6FKrv9PACG38XZAWbzP0MP/bQHuTLwxqe8nkS2p/jWhM/p5vh3VaHn0QhEUAMJu1WIejpCL0x9k32C2YRmKqlGjVTq+FQa567WaGrHi3P2kWoVbSyli/ZK+JaKdovYgdJ7RhYi3e/1iLyqBsrwkbMZDkSd8uHrQwquKGPXou3f6d+oOtp9aZ9mSIAS80F1HtRYKW+OAujLIUyTqg7bEWEAOFVia5cRp0JdLubcVprcPJzVMVLedp2/1THojGjM5o7HZHwcePWKFFK8xoJGbjIDDODywnloP+l4wiDwZ45X17cA2dDmtQ9LFrWaW1mMBGGXIlPDmgPuypXQaOlFCm9BUXU4ec/Q4HpJBbJ/ycpm58P7JEY+CyvU=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4196.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 11ae6532-c7de-4157-76db-08dbbf451b12
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2023 10:32:53.0674 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: I5VvXfRZ2+HK8qoANzyj/T6qRxHnnldFHWjD/g+CIT6z8EULi7PsnhweyZMqwnW5JH/tGmLIBhIMo4jEHJiOKw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR11MB7476
X-Outbound-SMTP-Client: 173.37.147.252, alln-opgw-4.cisco.com
X-Outbound-Node: rcdn-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/8sSjDxeTeOCPvpK8uXSrhBppDzM>
Subject: Re: [auth48] [AD] AUTH48: RFC-to-be 9472 <draft-ietf-opsawg-sbom-access-18> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Sep 2023 10:33:02 -0000

Hi Sarah, Eliot,

Sorry for the delay.

Regarding the changes in 5.1 and 5.3:

Rather than outdenting, did we consider leveraging RFC 8792?  E.g., to cite a random specific example, see the end of section 2.2.2 of https://datatracker.ietf.org/doc/draft-ietf-netconf-crypto-types/

Example:
   =============== NOTE: '\' line wrapping per RFC 8792 ================

   <rpc-reply message-id="101"
     xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
     <p10-csr xmlns="http://example.com/ns/example-crypto-types-usage">\
   BASE64VALUE=</p10-csr>
   </rpc-reply>

The advantage of this is that tooling can extract the example from the RFC and still give a completely normal properly indented example.  I'm not sure how many recent YANG RFCs have started to do this, but I think that this is what I'm starting to more commonly see.

Thanks,
Rob


> -----Original Message-----
> From: Sarah Tarrant <starrant@amsl.com>
> Sent: Friday, September 22, 2023 3:15 PM
> To: Eliot Lear <lear@cisco.com>
> Cc: Rob Wilton (rwilton) <rwilton@cisco.com>; Rose, Scott W. (Fed)
> <scott.rose@nist.gov>; RFC Editor <rfc-editor@rfc-editor.org>; opsawg-
> ads@ietf.org; opsawg-chairs@ietf.org; bill.wu@huawei.com;
> auth48archive@rfc-editor.org
> Subject: Re: [AD] AUTH48: RFC-to-be 9472 <draft-ietf-opsawg-sbom-access-18>
> for your review
> 
> Hi Eliot,
> 
> Thank you for your reply. We have marked your approval on the AUTH48 status
> page for this document (see https://www.rfc-editor.org/auth48/rfc9472).
> 
> IANA has completed the update to the “YANG Module Names” registry.
> 
> We will move this document forward in the publication process once we receive
> approval from Rob on the changes to the sourcecode in Sections 5.1 and 5.3.
> 
> Thank you,
> RFC Editor/st
> 
> > On Sep 21, 2023, at 1:32 AM, Eliot Lear <lear@cisco.com> wrote:
> >
> > Hi Sarah,
> >
> > I approve publication.  Thanks to you and the RPC for your work on this
> document.
> >
> > Eliot
> >
> >> On 20 Sep 2023, at 22:59, Sarah Tarrant <starrant@amsl.com> wrote:
> >>
> >> Hi Eliot,
> >>
> >> Thank you for spotting the issue with Section 7.2 and the IANA registry. We
> agree that "ietf-mud” should be updated to "ietf-mud-transparency” in Section
> 7.2 and have made that change. In a separate email, we will request that IANA
> update the “YANG Module Names” registry accordingly.
> >>
> >> Updated XML file:
> >> http://www.rfc-editor.org/authors/rfc9472.xml
> >>
> >> Updated output files:
> >> https://www.rfc-editor.org/authors/rfc9472.html
> >> https://www.rfc-editor.org/authors/rfc9472.txt
> >> https://www.rfc-editor.org/authors/rfc9472.pdf
> >>
> >> Diff file showing all changes made during AUTH48:
> >> https://www.rfc-editor.org/authors/rfc9472-auth48diff.html
> >>
> >> Diff files showing all changes:
> >> https://www.rfc-editor.org/authors/rfc9472-diff.html
> >> https://www.rfc-editor.org/authors/rfc9472-rfcdiff.html (side-by-side diff)
> >>
> >> Note that it may be necessary for you to refresh your browser to view the
> most recent version.
> >>
> >> For the AUTH48 status of this document, please see:
> >> https://www.rfc-editor.org/auth48/rfc9472
> >>
> >> Thank you,
> >> RFC Editor/st
> >>
> >>> On Sep 19, 2023, at 12:42 AM, Eliot Lear <lear@cisco.com> wrote:
> >>>
> >>> Hi Sarah,
> >>>
> >>> I think I’ve caught one more small issue, but this is with the IANA registry.
> Could you please check with them on the following:
> >>>
> >>> In 7.2, I think the name field is supposed to be ietf-mud-transparency and
> not ietf-mud.
> >>>
> >>> After this matter is resolved, I can approve publication.
> >>>
> >>> Thanks,
> >>>
> >>> Eliot
> >>>
> >>>
> >>>> On 18 Sep 2023, at 20:37, Sarah Tarrant <starrant@amsl.com> wrote:
> >>>>
> >>>> Hello Eliot and Rob*,
> >>>>
> >>>> Elliot, thank you for your reply. We have updated the document
> accordingly.
> >>>>
> >>>> *Rob, as AD, please review and approve the changes to the sourcecode in
> Sections 5.1 and 5.3. These changes are best viewed in this diff file:
> https://www.rfc-editor.org/authors/rfc9472-auth48diff.html.
> >>>>
> >>>> We will await approvals from each of the parties listed above prior to
> moving this document forward in the publication process.
> >>>>
> >>>> Updated XML file:
> >>>> http://www.rfc-editor.org/authors/rfc9472.xml
> >>>>
> >>>> Updated output files:
> >>>> https://www.rfc-editor.org/authors/rfc9472.html
> >>>> https://www.rfc-editor.org/authors/rfc9472.txt
> >>>> https://www.rfc-editor.org/authors/rfc9472.pdf
> >>>>
> >>>> Diff file showing all changes made during AUTH48:
> >>>> https://www.rfc-editor.org/authors/rfc9472-auth48diff.html
> >>>>
> >>>> Diff files showing all changes:
> >>>> https://www.rfc-editor.org/authors/rfc9472-diff.html
> >>>> https://www.rfc-editor.org/authors/rfc9472-rfcdiff.html (side-by-side diff)
> >>>>
> >>>> Note that it may be necessary for you to refresh your browser to view the
> most recent version.
> >>>>
> >>>> For the AUTH48 status of this document, please see:
> >>>> https://www.rfc-editor.org/auth48/rfc9472
> >>>>
> >>>> Thank you,
> >>>>
> >>>> RFC Editor/st
> >>>>
> >>>>> On Sep 16, 2023, at 9:04 AM, Eliot Lear <lear@cisco.com> wrote:
> >>>>>
> >>>>> Sarah,
> >>>>>
> >>>>> I believe that I have found several errors in the examples.  There are two
> problems:
> >>>>>
> >>>>> 1.  sbom-url should appear as part of an array of objects, and is not.
> >>>>> 2.  There is one case where mudtx wasn’t used where it should have
> been.
> >>>>> @Rob, please check me on this.  This should correspond to "list sboms”
> in the model.
> >>>>>
> >>>>> In Section 5.1, first example, the change is adding the sboms array:
> >>>>>
> >>>>> OLD:
> >>>>> {
> >>>>> "ietf-mud:mud": {
> >>>>> "mud-version": 1,
> >>>>> "extensions": [
> >>>>> "transparency"
> >>>>> ],
> >>>>> "mudtx:transparency": {
> >>>>> "sbom-url": "https://iot.example.com/info/modelX/sbom.json",
> >>>>> "vuln-url" : [
> >>>>> "https://iotd.example.com/info/modelX/csaf.json"
> >>>>> ]
> >>>>> },
> >>>>> "mud-url": "https://iot.example.com/modelX.json",
> >>>>> "mud-signature": "https://iot.example.com/modelX.p7s",
> >>>>> "last-update": "2022-01-05T13:29:12+00:00",
> >>>>> "cache-validity": 48,
> >>>>> "is-supported": true,
> >>>>> "systeminfo": "retrieving vuln and SBOM info via a cloud service",
> >>>>> "mfg-name": "Example, Inc.",
> >>>>> "documentation": "https://iot.example.com/doc/modelX",
> >>>>> "model-name": "modelX"
> >>>>> }
> >>>>> }
> >>>>> NEW:
> >>>>> {
> >>>>> "ietf-mud:mud": {
> >>>>> "mud-version": 1,
> >>>>> "extensions": [
> >>>>> "transparency"
> >>>>> ],
> >>>>> "mudtx:transparency": {
> >>>>> sboms: [ {
> >>>>> "version-info": "1.2",
> >>>>> "sbom-url": "https://iot.example.com/info/modelX/sbom.json"
> >>>>> } ],
> >>>>> "vuln-url" : [
> >>>>> "https://iotd.example.com/info/modelX/csaf.json"
> >>>>> ]
> >>>>> },
> >>>>> "mud-url": "https://iot.example.com/modelX.json",
> >>>>> "mud-signature": "https://iot.example.com/modelX.p7s",
> >>>>> "last-update": "2022-01-05T13:29:12+00:00",
> >>>>> "cache-validity": 48,
> >>>>> "is-supported": true,
> >>>>> "systeminfo": "retrieving vuln and SBOM info via a cloud service",
> >>>>> "mfg-name": "Example, Inc.",
> >>>>> "documentation": "https://iot.example.com/doc/modelX",
> >>>>> "model-name": "modelX"
> >>>>> }
> >>>>> }
> >>>>>
> >>>>> Section 5.1, 2nd Example, same change:
> >>>>>
> >>>>>
> >>>>> OLD:
> >>>>>
> >>>>> {
> >>>>> "ietf-mud:mud": {
> >>>>> "mud-version": 1,
> >>>>> "extensions": [
> >>>>> "transparency"
> >>>>> ],
> >>>>> "mudtx:transparency": {
> >>>>> "sbom-url": "https://iot.example.com/info/modelX/sbom.json"
> >>>>> },
> >>>>> "mud-url": "https://iot.example.com/modelX.json",
> >>>>> "mud-signature": "https://iot.example.com/modelX.p7s",
> >>>>> "last-update": "2022-01-05T13:29:12+00:00",
> >>>>> "cache-validity": 48,
> >>>>> "is-supported": true,
> >>>>> "systeminfo": "retrieving only SBOM info via a cloud service",
> >>>>> "mfg-name": "Example, Inc.",
> >>>>> "documentation": "https://iot.example.com/doc/modelX",
> >>>>> "model-name": "modelX"
> >>>>> }
> >>>>> }
> >>>>> NEW:
> >>>>> {
> >>>>> "ietf-mud:mud": {
> >>>>> "mud-version": 1,
> >>>>> "extensions": [
> >>>>> "transparency"
> >>>>> ],
> >>>>> "mudtx:transparency": {
> >>>>> sboms: [ {
> >>>>> "version-info": "1.2",
> >>>>> "sbom-url": "https://iot.example.com/info/modelX/sbom.json"
> >>>>> } ],
> >>>>> },
> >>>>> "mud-url": "https://iot.example.com/modelX.json",
> >>>>> "mud-signature": "https://iot.example.com/modelX.p7s",
> >>>>> "last-update": "2022-01-05T13:29:12+00:00",
> >>>>> "cache-validity": 48,
> >>>>> "is-supported": true,
> >>>>> "systeminfo": "retrieving vuln and SBOM info via a cloud service",
> >>>>> "mfg-name": "Example, Inc.",
> >>>>> "documentation": "https://iot.example.com/doc/modelX",
> >>>>> "model-name": "modelX"
> >>>>> }
> >>>>> }
> >>>>>
> >>>>> Section 5.3:
> >>>>>
> >>>>> OLD:
> >>>>> {
> >>>>> "ietf-mud:mud": {
> >>>>> "mud-version": 1,
> >>>>> "extensions": [
> >>>>> "transparency"
> >>>>> ],
> >>>>> "ietf-mud-transparency:transparency": {
> >>>>> "contact-info": "https://iot-device.example.com/contact-info.html",
> >>>>> "vuln-url" : [
> >>>>> "https://iotd.example.com/info/modelX/csaf.json"
> >>>>> ]
> >>>>> },
> >>>>> "mud-url": "https://iot-device.example.com/modelX.json",
> >>>>> "mud-signature": "https://iot-device.example.com/modelX.p7s",
> >>>>> "last-update": "2021-07-09T06:16:42+00:00",
> >>>>> "cache-validity": 48,
> >>>>> "is-supported": true,
> >>>>> "systeminfo": "retrieving vuln and SBOM info via a cloud service",
> >>>>> "mfg-name": "Example, Inc.",
> >>>>> "documentation": "https://iot-device.example.com/doc/modelX",
> >>>>> "model-name": "modelX"
> >>>>> }
> >>>>> }
> >>>>> NEW:
> >>>>> {
> >>>>> "ietf-mud:mud": {
> >>>>> "mud-version": 1,
> >>>>> "extensions": [
> >>>>> "transparency"
> >>>>> ],
> >>>>> "mudtx:transparency": {
> >>>>> "contact-info": "https://iot-device.example.com/contact-info.html",
> >>>>> "vuln-url" : [
> >>>>> "https://iotd.example.com/info/modelX/csaf.json"
> >>>>> ]
> >>>>> },
> >>>>> "mud-url": "https://iot-device.example.com/modelX.json",
> >>>>> "mud-signature": "https://iot-device.example.com/modelX.p7s",
> >>>>> "last-update": "2021-07-09T06:16:42+00:00",
> >>>>> "cache-validity": 48,
> >>>>> "is-supported": true,
> >>>>> "systeminfo": "retrieving vuln and SBOM info via a cloud service",
> >>>>> "mfg-name": "Example, Inc.",
> >>>>> "documentation": "https://iot-device.example.com/doc/modelX",
> >>>>> "model-name": "modelX"
> >>>>> }
> >>>>> }
> >>>>> Eliot
> >>>>>> On 13 Sep 2023, at 22:34, Sarah Tarrant <starrant@amsl.com> wrote:
> >>>>>>
> >>>>>> Hello Eliot and Scott,
> >>>>>>
> >>>>>> Thank you for your replies. We have updated the document accordingly,
> and all of our questions for the authors have been addressed.
> >>>>>>
> >>>>>> Please review the document carefully to ensure satisfaction as we do
> not make changes once it has been published as an RFC. Contact us with any
> further updates or with your approval of the document in its current form. We
> will await approvals from each author prior to moving forward in the
> publication process. We also need Rob’s AD approval of the change in Section
> 1.3 and review of question #10 prior to moving forward.
> >>>>>>
> >>>>>> Updated XML file:
> >>>>>> http://www.rfc-editor.org/authors/rfc9472.xml
> >>>>>>
> >>>>>> Updated output files:
> >>>>>> https://www.rfc-editor.org/authors/rfc9472.html
> >>>>>> https://www.rfc-editor.org/authors/rfc9472.txt
> >>>>>> https://www.rfc-editor.org/authors/rfc9472.pdf
> >>>>>>
> >>>>>> Diff file showing all changes made during AUTH48:
> >>>>>> https://www.rfc-editor.org/authors/rfc9472-auth48diff.html
> >>>>>>
> >>>>>> Diff files showing all changes:
> >>>>>> https://www.rfc-editor.org/authors/rfc9472-diff.html
> >>>>>> https://www.rfc-editor.org/authors/rfc9472-rfcdiff.html (side-by-side
> diff)
> >>>>>>
> >>>>>> Note that it may be necessary for you to refresh your browser to view
> the most recent version.
> >>>>>>
> >>>>>> For the AUTH48 status of this document, please see:
> >>>>>> https://www.rfc-editor.org/auth48/rfc9472
> >>>>>>
> >>>>>> Thank you,
> >>>>>>
> >>>>>> RFC Editor/st
> >>>>>>
> >>>>>>> On Sep 13, 2023, at 8:14 AM, Rose, Scott W. (Fed)
> <scott.rose@nist.gov> wrote:
> >>>>>>>
> >>>>>>> Sarah,
> >>>>>>> I am generally fine with the changes, specific replies below:
> >>>>>>>
> >>>>>>> Thanks,
> >>>>>>> Scott
> >>>>>>>
> >>>>>>> On 13 Sep 2023, at 3:15, Eliot Lear wrote:
> >>>>>>>
> >>>>>>>> Hi Sarah and thanks!  Please see below.
> >>>>>>>>
> >>>>>>>>> On 12 Sep 2023, at 20:50, Sarah Tarrant <starrant@amsl.com>
> wrote:
> >>>>>>>>>
> >>>>>>>>> Hello Eliot, Scott, and Rob*,
> >>>>>>>>>
> >>>>>>>>> *Rob, as AD, please review the change in the last paragraph of
> Section 1.3 and let us know if you approve. The change is best viewed in this diff
> file: https://www.rfc-editor.org/authors/rfc9472-auth48diff.html. Also, please let
> us know your thoughts on this question (note that RFCs 6242, 8341, and 8446
> are included in the template at https://trac.ietf.org/trac/ops/wiki/yang-security-
> guidelines):
> >>>>>>>>>
> >>>>>>>>>> 10) <!-- [rfced] *[AD] Section 6: The Security Considerations
> section does not
> >>>>>>>>>> follow the requirements listed on
> >>>>>>>>>> https://trac.ietf.org/trac/ops/wiki/yang-security-guidelines, which
> says
> >>>>>>>>>> "This section MUST be patterned after the latest approved
> template."
> >>>>>>>>>> Please confirm if the current text is acceptable per the context of
> the
> >>>>>>>>>> document or if any further updates are needed in order to follow
> the
> >>>>>>>>>> template.
> >>>>>>>>>>
> >>>>>>>>>> Also, please confirm if it is acceptable that RFCs 6242, 8341, and
> >>>>>>>>>> 8446 are not listed in the Normative References section or if they
> >>>>>>>>>> should be added.
> >>>>>>>>>> —>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> Eliot and Scott, thank you for your replies; we have updated the
> document accordingly. We have a few followup questions:
> >>>>>>>>>
> >>>>>>>>> 1) We added the sentence in ii) per your reply to this question. We
> also added RFC 7231 as a normative reference. Please confirm that this is
> correct. Or should it be informative instead?
> >>>>>>>>
> >>>>>>>> That’s correct.
> >>>>>>>>
> >>>>>>>>>
> >>>>>>>>>>> e) We note that RFCs 6991 and 7231 are only referenced in the
> YANG
> >>>>>>>>>>> module and not in the running text. In order to have a 1:1
> matchup
> >>>>>>>>>>> between the references section and the text, may we add an
> introductory
> >>>>>>>>>>> sentence before the YANG module that includes these citations
> (option i)?
> >>>>>>>>>>> Alternatively, you may reference all of the RFCs that are
> mentioned
> >>>>>>>>>>> (option ii). Please let us know your preference.
> >>>>>>>>>>>
> >>>>>>>>>>> Perhaps:
> >>>>>>>>>>> i)  This YANG module references [RFC6991] and [RFC7231].
> >>>>>>>>>>> or
> >>>>>>>>>>> ii) This YANG module references [RFC6991], [RFC7231],
> [RFC7252],
> >>>>>>>>>>> [RFC8520], and [RFC9110].
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> ii seems complete.
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> 2) Regarding this question:
> >>>>>>>>>
> >>>>>>>>>>> 11) <!--[rfced] Is this sentence intended to be an ordered list
> (option A)
> >>>>>>>>>>> or are "any change in a URL" and "any change to the authority
> >>>>>>>>>>> section" the 2 risks that are being referred to (option B)?
> >>>>>>>>>>>
> >>>>>>>>>>> Original:
> >>>>>>>>>>> To address either risk, any change in a URL, and in particular to
> the
> >>>>>>>>>>> authority section, two approaches may be used:
> >>>>>>>>>>>
> >>>>>>>>>>> Perhaps:
> >>>>>>>>>>> A) To address either risk, any change in a URL, and particularly
> any change
> >>>>>>>>>>> to the authority section, two approaches may be used:
> >>>>>>>>>>>
> >>>>>>>>>>> or
> >>>>>>>>>>>
> >>>>>>>>>>> B) To address either risk, i.e., any change in a URL and, in
> particular, to
> >>>>>>>>>>> the authority section, two approaches may be used:
> >>>>>>>>>>> -->
> >>>>>>>>>>
> >>>>>>>>>> How about:
> >>>>>>>>>>
> >>>>>>>>>>> (C)  To address either risk, any change in a URL, and in particular
> to the
> >>>>>>>>>>> authority section; two approaches may be used:
> >>>>>>>>>>
> >>>>>>>>>> ?
> >>>>>>>>>
> >>>>>>>>> We are still having trouble understanding this sentence. (Note that
> the text before the semicolon in (C) is not a complete sentence.) Would
> something like the following work?
> >>>>>>>>>
> >>>>>>>>> Perhaps:
> >>>>>>>>> Two approaches may be used to address these risks and any change
> in a URL (particularly in the
> >>>>>>>>> authority section):
> >>>>>>>>>
> >>>>>>>>
> >>>>>>>> Ok, having re-read the context, the authority section phrase is
> redundant, so we can say:
> >>>>>>>>
> >>>>>>>>> To address either of these risks or any tampering of a URL:
> >>>>>>>>
> >>>>>>>
> >>>>>>> This seems fine.
> >>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>
> >>>>>>>>> 3) Regarding this question:
> >>>>>>>>>
> >>>>>>>>>>> 15) <!-- [rfced] The following lines exceed the 72-character limit
> for
> >>>>>>>>>>> sourcecode. Please let us know how these lines can be modified.
> >>>>>>>>>>>
> >>>>>>>>>>> Section 5.1 (1 character over):
> >>>>>>>>>>> "systeminfo": "retrieving vuln and SBOM info via a cloud service",
> >>>>>>>>>>>
> >>>>>>>>>>> Section 5.2 (1 character over):
> >>>>>>>>>>> "systeminfo": "mixed example: SBOM on device, vuln info in
> cloud",
> >>>>>>>>>>>
> >>>>>>>>>>> Section 5.3 (2 characters over):
> >>>>>>>>>>> "contact-info": "https://iot-device.example.com/contact-
> info.html",
> >>>>>>>>>>>
> >>>>>>>>>>> Section 5.3 (1 character over):
> >>>>>>>>>>> "systeminfo": "retrieving vuln and SBOM info via a cloud service",
> >>>>>>>>>>> -->
> >>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> Would you mind out-denting these lines?
> >>>>>>>>>
> >>>>>>>>> Please confirm that we updated these correctly. We moved the lines
> in each example mentioned above one or two spaces (as appropriate) to the
> left to meet the character limit, though we couldn’t not move the “{“ at the
> beginning and end of each example as these were already at the left margin.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> That’s okay.
> >>>>>>>>
> >>>>>>>> Aside: this 72 character limit was VERY important when printers
> could only print 80 columns, but that was on its way out even when *I* was a
> student in the 80s (I never saw an actual line printer after college).
> >>>>>>>>
> >>>>>>>> Regards,
> >>>>>>>>
> >>>>>>>> Eliot
> >>>>>>>>
> >>>>>>>>>
> >>>>>>>>> ______________
> >>>>>>>>>
> >>>>>>>>> Updated XML file:
> >>>>>>>>> http://www.rfc-editor.org/authors/rfc9472.xml
> >>>>>>>>>
> >>>>>>>>> Updated output files:
> >>>>>>>>> https://www.rfc-editor.org/authors/rfc9472.html
> >>>>>>>>> https://www.rfc-editor.org/authors/rfc9472.txt
> >>>>>>>>> https://www.rfc-editor.org/authors/rfc9472.pdf
> >>>>>>>>>
> >>>>>>>>> Diff file showing all changes made during AUTH48:
> >>>>>>>>> https://www.rfc-editor.org/authors/rfc9472-auth48diff.html
> >>>>>>>>>
> >>>>>>>>> Diff files showing all changes:
> >>>>>>>>> https://www.rfc-editor.org/authors/rfc9472-diff.html
> >>>>>>>>> https://www.rfc-editor.org/authors/rfc9472-rfcdiff.html (side-by-
> side diff)
> >>>>>>>>>
> >>>>>>>>> Note that it may be necessary for you to refresh your browser to
> view the most recent version.
> >>>>>>>>>
> >>>>>>>>> For the AUTH48 status of this document, please see:
> >>>>>>>>> https://www.rfc-editor.org/auth48/rfc9472
> >>>>>>>>>
> >>>>>>>>> Thank you,
> >>>>>>>>>
> >>>>>>>>> RFC Editor/st
> >>>>>>>>>
> >>>>>>>>>> On Sep 11, 2023, at 12:23 PM, Rose, Scott W. (Fed)
> <scott.rose=40nist.gov@dmarc.ietf.org> wrote:
> >>>>>>>>>>
> >>>>>>>>>> On 8 Sep 2023, at 19:26, rfc-editor@rfc-editor.org wrote:
> >>>>>>>>>>
> >>>>>>>>>>> Authors and *AD,
> >>>>>>>>>>>
> >>>>>>>>>>> While reviewing this document during AUTH48, please resolve (as
> necessary) the following questions, which are also in the XML file.
> >>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> 17) <!-- [rfced] FYI: We have added expansions for the following
> abbreviations
> >>>>>>>>>>> per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please review
> each
> >>>>>>>>>>> expansion in the document carefully to ensure correctness.
> >>>>>>>>>>>
> >>>>>>>>>>> Access Control Lists (ACLs)
> >>>>>>>>>>> Constrained Application Protocol (CoAP)
> >>>>>>>>>>> Internet of Things (IoT)
> >>>>>>>>>>> -->
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> 18) <!-- [rfced] Please review the "Inclusive Language" portion of
> the online
> >>>>>>>>>>> Style Guide <https://www.rfc-
> editor.org/styleguide/part2/#inclusive_language>
> >>>>>>>>>>> and let us know if any changes are needed.
> >>>>>>>>>>>
> >>>>>>>>>>> Note that our script did not flag any words in particular, but this
> should
> >>>>>>>>>>> still be reviewed as a best practice.
> >>>>>>>>>>> -->
> >>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> FWIW, I did a pass through to match against the NIST inclusive
> language guidance and did not find anything that needed to be addressed.
> Future changes may change that (not likely, but maybe).
> >>>>>>>>>>
> >>>>>>>>>> Thanks
> >>>>>>>>>> Scott
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> ==================================
> >>>>>>>>>> Scott Rose NIST/CTL
> >>>>>>>>>> scott.rose@nist.gov
> >>>>>>>>>> ph: +1-301-975-8439 (w)
> >>>>>>>>>> +1-571-249-3761 (GoogleVoice)
> >>>>>>>>>> ==================================
> >>>>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> ==================================
> >>>>>>> Scott Rose NIST/CTL
> >>>>>>> scott.rose@nist.gov
> >>>>>>> ph: +1-301-975-8439 (w)
> >>>>>>> +1-571-249-3761 (GoogleVoice)
> >>>>>>> ==================================
> >>>>>>
> >>>>>>
> >>>>>
> >>>>
> >>>
> >>
> >

v2.23.0 | Report a Bug | By Email