IETF Logo Mail Archive

Re: [auth48] [AD] AUTH48: RFC-to-be 9399 <draft-ietf-lamps-rfc3709bis-10> for your review

Russ Housley <housley@vigilsec.com> Wed, 26 April 2023 14:10 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 460D8C14CF1E; Wed, 26 Apr 2023 07:10:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EZ4taoIWmpRm; Wed, 26 Apr 2023 07:09:56 -0700 (PDT)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E4E3C1519A0; Wed, 26 Apr 2023 07:09:56 -0700 (PDT)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id 30FC913A6DF; Wed, 26 Apr 2023 10:09:55 -0400 (EDT)
Received: from [192.168.1.161] (unknown [96.241.2.243]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id 0283C13A568; Wed, 26 Apr 2023 10:09:54 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <B866202C-3073-41AE-BD03-57AD0323503A@amsl.com>
Date: Wed, 26 Apr 2023 10:09:54 -0400
Cc: Carsten Bormann <cabo@tzi.org>, Stefan Santesson <sts@aaa-sec.com>, "Roman D. Danyliw" <rdd@cert.org>, Trevor Freeman <frtrevor@amazon.com>, Leonard Rosenthol <lrosenth@adobe.com>, lamps-ads@ietf.org, LAMPS Chairs <lamps-chairs@ietf.org>, Tim Hollebeek <tim.hollebeek@digicert.com>, auth48archive@rfc-editor.org, RFC Editor <rfc-editor@rfc-editor.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <3D83710C-0B6F-4B4F-ACF6-8DAA0743C13E@vigilsec.com>
References: <20230407181524.E739B7FDC0@rfcpa.amsl.com> <F90558EB-F03B-4461-9EE5-1C220530D488@tzi.org> <dee8a7d7-c023-f07a-4776-ac3c395ee553@aaa-sec.com> <3F480C86-C862-4A47-8CE6-C3A6A069B574@tzi.org> <9CFDA284-E444-492A-8D21-8406B12DA6F3@vigilsec.com> <9ABA86A8-7F07-42F8-BF84-A0BF0124B1A0@tzi.org> <D087B817-E5E5-4D4D-814E-6096526523E2@vigilsec.com> <ACE9B926-FB1B-4ED2-973F-13B61E25AC59@tzi.org> <4C588A9B-A63E-447E-BA32-4FBED6B00A52@vigilsec.com> <EEF19E07-F362-412D-A9BC-BA7B94411B30@tzi.org> <D16DC362-9EBB-43CA-935E-A12FEF84F64C@vigilsec.com> <16BA8E25-8ACF-4DF5-8D24-773E2796D989@tzi.org> <0A24F906-7F87-43A9-8B5C-4049839FD969@vigilsec.com> <B624C581-49CB-473B-9133-89109C82741D@tzi.org> <D772A5DF-3C30-4596-A748-53CF04702BCE@vigilsec.com> <D21F6756-C2AD-4BD3-A483-A9E9A10E6158@tzi.org> <B866202C-3073-41AE-BD03-57AD0323503A@amsl.com>
To: Alanna Paloma <apaloma@amsl.com>
X-Mailer: Apple Mail (2.3445.104.21)
X-Scanned-By: mailmunge 3.11 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/MZ5TLbCBRVxcPXL0hjGB3Zvbb1M>
Subject: Re: [auth48] [AD] AUTH48: RFC-to-be 9399 <draft-ietf-lamps-rfc3709bis-10> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2023 14:10:00 -0000


> On Apr 21, 2023, at 3:48 PM, Alanna Paloma <apaloma@amsl.com> wrote:
> 
> Hi Russ, Stefan, Carsten, and Roman*,
> 
> *Roman - As the AD, please review and approve of the updates in Section 4.1 and in Appendices A.2, B.3, and B.4, as well as the removal of RFC 6838 as a normative reference in the diff file below.
> https://www.rfc-editor.org/authors/rfc9399-auth48diff.html
> 
> All - We do not believe that our query regarding ABNF in Section 4.3 has been addressed (see below). Please review and let us know how to proceed with this.
> 
>> Russ - We have an additional question. You indicated that the sourcecode in Section 4.3 is ABNF:
>> 
>>> Section 4.1: the type is ASN.1
>>> Section 4.3: the type is ABNF
>>> Section 4.4: the type is ASN.1
>>> Section:4.4.2: the type is ASN.1
>>> Section 4.4.3: the type is ASN.1
>> 
>> We see that this sourcecode is copied directly from RFC 2397 (which does not mention ABNF) and has a verified erratum report against it (see https://www.rfc-editor.org/errata/eid2045). In addition, when we tried to parse it using the tool at https://author-tools.ietf.org/abnf, we got a number of errors. Should we remove type=“abnf” and take any further actions per the erratum? Please let us know how to proceed. 
> 
> We have updated the files per mail from Russ. Please review the updates carefully and let us know if any further updates are needed. 
> 
> The files have been posted here (please refresh):
> https://www.rfc-editor.org/authors/rfc9399.xml 
> https://www.rfc-editor.org/authors/rfc9399.txt
> https://www.rfc-editor.org/authors/rfc9399.html
> https://www.rfc-editor.org/authors/rfc9399.pdf
> 
> The relevant diff files have been posted here:
> https://www.rfc-editor.org/authors/rfc9399-diff.html (comprehensive diff)
> https://www.rfc-editor.org/authors/rfc9399-auth48diff.html (AUTH48 changes)
> https://www.rfc-editor.org/authors/rfc9399-lastdiff.html (last version to this one)
> 
> For the AUTH48 status of this document, please see:
> https://www.rfc-editor.org/auth48/rfc9399
> 
> Thank you,
> RFC Editor/ap
> 
>> On Apr 20, 2023, at 7:19 AM, Carsten Bormann <cabo@tzi.org> wrote:
>> 
>> On 2023-04-20, at 16:03, Russ Housley <housley@vigilsec.com> wrote:
>>> 
>>> Let's stop going in circles.
>> 
>> OK, thank you for your repeated explanations.
>> I’ll shut up until I see what you are actually proposing.
>> 
>> Grüße, Carsten
>> 
>

v2.23.0 | Report a Bug | By Email