Re: [auth48] [IAB] AUTH48: RFC-to-be 9490 <draft-iab-m-ten-workshop-02> for your review

[Tommy Pauly <tpauly@apple.com>]

> On Oct 9, 2023, at 2:31 PM, Jean Mahoney <jmahoney@amsl.com> wrote:
> 
> Tommy,
> 
> Thank you for your response. We have updated the document accordingly:
> 
>   https://www.rfc-editor.org/authors/rfc9490.txt
>   https://www.rfc-editor.org/authors/rfc9490.pdf
>   https://www.rfc-editor.org/authors/rfc9490.html
>   https://www.rfc-editor.org/authors/rfc9490.xml
> 
>   https://www.rfc-editor.org/authors/rfc9490-diff.html
>      (comprehensive diff)
>   https://www.rfc-editor.org/authors/rfc9490-rfcdiff.html
>      (side-by-side comprehensive diff)
>   https://www.rfc-editor.org/authors/rfc9490-auth48diff.html
>      (diff of updates made during AUTH48)
>   https://www.rfc-editor.org/authors/rfc9490-auth48rfcdiff.html
>      (side-by-side diff of updates made during AUTH48)
> 
> We have a question on 9). Please see below.
> 
> 
> On 10/6/23 6:51 PM, Tommy Pauly wrote:
>> Hi RFC Editor,
>> Thanks for you work on this! Responses are inline.
>> Best,
>> Tommy
>>> On Oct 5, 2023, at 1:21 PM, rfc-editor@rfc-editor.org wrote:
>>> 
>>> Authors,
>>> 
>>> While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the XML file.
>>> 
>>> 1) <!--[rfced] Please review the guidance found at
>>> <https://www.rfc-editor.org/materials/iab-format.txt> and let us know
>>> if any changes are needed.
>>> -->
>>> 
>>> 
>>> 2) <!--[rfced] This document had the consensus attribute set to true, but also
>>> says the following. Shall the consensus attribute be set to false?
>>> 
>>> Original:
>>>   The views and positions documented in this report are
>>>   those of the expressed during the workshop by participants and do not
>>>   necessarily reflect IAB views and positions.
>>> and
>>>   Thus, the content of this
>>>   report follows the flow and dialog of the workshop but does not
>>>   attempt to capture a consensus.
>>> -->
>> I believe consensus should be left set to “true”. This document has consensus of the IAB as a report of what occurred at the workshop.
>>> 
>>> 3) <!--[rfced] Section 2.2.1. Please let us know how we can clarify the following
>>> sentence. Is the collaboration between the intermediary services or the
>>> support they provide?
>>> 
>>> Original:
>>>   Instead of encrypted communication between only two ends and passive
>>>   observation by all on-path elements, intermediate relays could be
>>>   trusted parties with limited information for the purposes of
>>>   collaboration between in-network intermediary services' support.
>>> -->
>> I suggest saying the following (the other authors should check):
>> Instead of encrypting communication between only two ends with passive observation by all on-path elements, intermediate relays could be introduced as trusted parties that get to see limited information for the purpose of collaboration between in-network intermediary services.
>>> 
>>> 
>>> 4) <!--[rfced] Section 2.2.3. The following sentence appears to be missing one
>>> or more words between "local transmission" and "end-to-end transmission".
>>> Please let us know how to update this:
>>> 
>>> Original:
>>>   E.g. side car information can contain additional
>>>   acknowledgements to enable in-network local retransmission faster
>>>   end-to-end retransmission by reducing the signaling round trip time.
>>> -->
>>> 
>> I suggest this should be “or”:
>> "to enable in-network local retransmission or faster end-to-end retransmission"
>>> 
>>> 
>>> 5) <!--[rfced] Section 2.3.1. Please help us make the following sentence
>>> clearer. Does "categorized into an envelope" mean "comprises"?
>>> 
>>> Original:
>>>   The proposed contract solution is to define a collection of
>>>   acceptable behaviors categorized into an envelope of different states
>>>   that might include IP addresses, domain names, and indicators of
>>>   compromise.
>>> 
>>> Perhaps:
>>>   The proposed contract solution is to define a collection of
>>>   acceptable behaviors that comprises different states
>>>   that might include IP addresses, domain names, and indicators of
>>>   compromise.
>>> -->
>> That seems correct to me.
>>> 
>>> 
>>> 6) <!--[rfced] Section 2.3.3. Is there a phrase missing in this sentence? Is the
>>> compromise between the "tension" and something else? Or is the compromise
>>> between services that offer privacy and services that offer protection?
>>> 
>>> Original:
>>>   These collaborative solutions may be
>>>   the best compromise between the tension of privacy vs protection
>>>   based services [PAULY].
>>> 
>>> Perhaps:
>>>   These collaborative solutions may be the
>>>   best compromise on services that balance privacy and protection [PAULY].
>>> -->
>> How about:
>>   These collaborative solutions may be
>>   the best compromise to resolve the the tension between privacy and
>>   protection-based services [PAULY].
>>> 
>>> 
>>> 7) <!--[rfced] Section 3. In the following sentence, it is not clear what kind
>>> of technologies the operators are being asked to allow into their
>>> environments. In addition, is the phrase "environment requirements"
>>> correct? Please let us know how to clarify this sentence.
>>> 
>>> Original:
>>>   *  There is an unanswered question of whether or not network
>>>      operators be willing to participate and allow technologies into
>>>      their environment requirements in exchange for technologies that
>>>      prove their clients are being good net-citizens.
>>> -->
>> I’ll ask Wes to help answer this one, as I believed he had written that section.
>>> 
>>> 
>>> 8) <!--[rfced] We found alternate sources for both the [GRUBBS] and [KUEHLEWIND]
>>> references. Would you like to update these references?
>>> 
>>> [GRUBBS] https://www.usenix.org/conference/usenixsecurity22/presentation/grubbs
>>> [KUEHLEWIND] https://www.ericsson.com/en/blog/2022/6/relays-and-online-user-privacy
>>> 
>>> Original:
>>>   [GRUBBS]   Grubbs, P., Arun, A., Zhang, Y., Bonneau, J., and M.
>>>              Walfish, "Zero-Knowledge Middleboxes", August 2022,
>>>              <https://github.com/intarchboard/workshop-m-
>>>              ten/blob/main/papers/Grubbs-Zero-
>>>              Knowledge%20Middleboxes.pdf>.
>>> 
>>>   [KUEHLEWIND]
>>>              Kühlewind, M., Westerlund, M., Sarker, Z., and M. Ihlar,
>>>              "Relying on Relays", August 2022,
>>>              <https://github.com/intarchboard/workshop-m-
>>>              ten/blob/main/papers/Kuehlewind-Relying-on-Relays.pdf>.
>>> -->
>> For consistency, it might be best to have all of the references be to GitHub?
>>> 
>>> 
>>> 9) <!--[rfced] The [KNODEL] reference is an introduction to the pearg
>>> Internet-Draft [I-D.irtf-pearg-safe-internet-measurement].
>>> 
>>> Original:
>>>   [I-D.irtf-pearg-safe-internet-measurement]
>>>              Learmonth, I. R., Grover, G., and M. Knodel, "Guidelines
>>>              for Performing Safe Measurement on the Internet", Work in
>>>              Progress, Internet-Draft, draft-irtf-pearg-safe-internet-
>>>              measurement-08, 10 July 2023,
>>>              <https://datatracker.ietf.org/doc/html/draft-irtf-pearg-
>>>              safe-internet-measurement-08>.
>>> 
>>>   [KNODEL]   Knodel, M., "Guidelines for Performing Safe Measurement on
>>>              the Internet", August 2022,
>>>              <https://github.com/intarchboard/workshop-m-
>>>              ten/blob/main/papers/Knodel-Guidelines-for-Performing-
>>>              Safe-Measurement-on-the-Internet.pdf>.
>>> 
>>> Appendix A lists the following:
>>> 
>>>   Iain R.  Learmonth, Gurshabad Grover, Mallory Knodel. “Guidelines for
>>>   Performing Safe Measurement on the Internet.” (Additional rationale)
>>>   [KNODEL]
>>> 
>>> Perhaps [KNODEL] should be listed in the Informative References as the following:
>>> 
>>>   [KNODEL]   Knodel, M., "Additional rationale for 'Guidelines for
>>>              Performing Safe Measurement on the Internet'", August 2022,
>>>              <https://github.com/intarchboard/workshop-m-
>>>              ten/blob/main/papers/Knodel-Guidelines-for-Performing-
>>>              Safe-Measurement-on-the-Internet.pdf>.
>>> 
>>> And Appendix A be updated to show the following:
>>> 
>>>   Iain R. Learmonth, Gurshabad Grover, Mallory Knodel. “Guidelines for
>>>   Performing Safe Measurement on the Internet.” [LEARMONTH]
>>> 
>>>   Mallory Knodel. "Additional rationale for 'Guidelines for
>>>   Performing Safe Measurement on the Internet'" [KNODEL]
>>> -->
>> Yes, these updates seem generally good. I don’t know if it should say “(Additional rationale)”; perhaps “(Introduction)” or “(Summary)”?
> 
> [JM] Do you prefer the following construction for the reference?
> 
>   [KNODEL]   Knodel, M., "(Introduction) 'Guidelines for
>              Performing Safe Measurement on the Internet'",
>              August 2022,
>              <https://github.com/intarchboard/workshop-m-
>              ten/blob/main/papers/Knodel-Guidelines-for-Performing-
>              Safe-Measurement-on-the-Internet.pdf>.
> 
> And Appendix A be updated to show the following?
> 
>   Mallory Knodel. "(Introduction) 'Guidelines for
>   Performing Safe Measurement on the Internet'" [KNODEL]

That construction looks good to me, for both places.
> 
> 
> We will await further word from you and your coauthor(s) regarding other AUTH48 changes and/or approval.

Great! I’ll let the others reply before giving my approval here.

Thanks,
Tommy
> 
> Best regards,
> RFC Editor/jm
> 
> 
>>> 
>>> 
>>> 10) <!--[rfced] On the [KUEHLEWIND] paper
>>> (https://github.com/intarchboard/workshop-m-ten/blob/main/papers/Kuehlewind-Relying-on-Relays.pdf),
>>> it is unclear to us whether "ANM" is part of Zaheduzzaman Sarker's name
>>> or is an honorific. This may impact the initial used in the Informative
>>> References section (currently Z.) and the name provided in Appendix A.3
>>> (Currently Zaheduzzaman Sarker).
>>> -->
>> This is probably best a question for Zahed, added to the thread.
>>> 
>>> 
>>> 11) <!--[rfced] The original URL provided for [DITTO] does not work:
>>> 
>>>   [DITTO]    Meier, R., Lenders, V., and L. Vanbever, "Ditto - WAN
>>>              Traffic Obfuscation at Line Rate", April 2022,
>>>              <https://nsg.ee.ethz.ch/fileadmin/user_upload/
>>>              publications/ditto_final_ndss22.pdf>.
>>> 
>>> We have found the following:
>>> A landing page for the paper: https://www.ndss-symposium.org/ndss-paper/auto-draft-195/
>>> And also a DOI URL, which displays the PDF directly: https://doi.org/10.14722/ndss.2022.24056
>>> 
>>> Perhaps:
>>>   [DITTO]    Meier, R., Lenders, V., and L. Vanbever, "Ditto: WAN
>>>              Traffic Obfuscation at Line Rate", Network and Distributed
>>>              Systems Security (NDSS) Symposium, April 2022,
>>>              <https://doi.org/10.14722/ndss.2022.24056>.
>>> -->
>> This seems good to me.
>>> 
>>> 
>>> 12) <!--[rfced] Appendix A.2. The following paper does not have a reference.
>>> Would you like to add one?
>>> 
>>>   Wes Hardaker. "Network Flow Management by Probability."
>>> -->
>> Wes?
>>> 
>>> 
>>> 13) <!--[rfced] Appendix B.
>>> a) The list of participants includes a duplication: "Michael Ackermann" and
>>> "Mike Ackermann". Which should be used?
>>> b) While we understand that some participants may wish to provide only partial
>>> names, is "Qiufang" actually "Qiufang Ma"?
>>> 
>>> Please review the participant list and let us know if any updates are needed.
>>> -->
>> Since Mike Ackermann lists himself as “Mike” on the paper, we can probably use that.
>> And yes, Qiufang is Qiufang Ma.
>>> 
>>> 
>>> 14) <!--[rfced] FYI, we have removed the Acknowledgments section because it was
>>> empty. Please let us know if any further updates are necessary.
>>> -->
>> Thank you, that should be fine.
>>> 
>>> 
>>> 15) <!--[rfced] Please review the "Inclusive Language" portion of the online Style Guide
>>> <https://www.rfc-editor.org/styleguide/part2/#inclusive_language> and let us know
>>> if any changes are needed.
>>> 
>>> Please consider whether "tradition" should be updated for clarity.  While the NIST website
>>> <https://www.nist.gov/nist-research-library/nist-technical-series-publications-author-instructions#table1>
>>> indicates that this term is potentially biased, it is also ambiguous.
>>> "Tradition" is a subjective term, as it is not the same for everyone.
>>> -->
>> Since this refers to a “tradition” in network management, I personally think this use is appropriate.
>>> 
>>> 
>>> Thank you.
>>> 
>>> RFC Editor/jm/ar
>>> 
>>> 
>>> On Oct 5, 2023, rfc-editor@rfc-editor.org wrote:
>>> 
>>> *****IMPORTANT*****
>>> 
>>> Updated 2023/10/05
>>> 
>>> RFC Author(s):
>>> --------------
>>> 
>>> Instructions for Completing AUTH48
>>> 
>>> Your document has now entered AUTH48.  Once it has been reviewed and
>>> approved by you and all coauthors, it will be published as an RFC.
>>> If an author is no longer available, there are several remedies
>>> available as listed in the FAQ (https://www.rfc-editor.org/faq/).
>>> 
>>> You and you coauthors are responsible for engaging other parties
>>> (e.g., Contributors or Working Group) as necessary before providing
>>> your approval.
>>> 
>>> Planning your review
>>> ---------------------
>>> 
>>> Please review the following aspects of your document:
>>> 
>>> *  RFC Editor questions
>>> 
>>>  Please review and resolve any questions raised by the RFC Editor
>>>  that have been included in the XML file as comments marked as
>>>  follows:
>>> 
>>>  <!-- [rfced] ... -->
>>> 
>>>  These questions will also be sent in a subsequent email.
>>> 
>>> *  Changes submitted by coauthors
>>> 
>>>  Please ensure that you review any changes submitted by your
>>>  coauthors.  We assume that if you do not speak up that you
>>>  agree to changes submitted by your coauthors.
>>> 
>>> *  Content
>>> 
>>>  Please review the full content of the document, as this cannot
>>>  change once the RFC is published.  Please pay particular attention to:
>>>  - IANA considerations updates (if applicable)
>>>  - contact information
>>>  - references
>>> 
>>> *  Copyright notices and legends
>>> 
>>>  Please review the copyright notice and legends as defined in
>>>  RFC 5378 and the Trust Legal Provisions
>>>  (TLP – https://trustee.ietf.org/license-info/).
>>> 
>>> *  Semantic markup
>>> 
>>>  Please review the markup in the XML file to ensure that elements of
>>>  content are correctly tagged.  For example, ensure that <sourcecode>
>>>  and <artwork> are set correctly.  See details at
>>>  <https://authors.ietf.org/rfcxml-vocabulary>.
>>> 
>>> *  Formatted output
>>> 
>>>  Please review the PDF, HTML, and TXT files to ensure that the
>>>  formatted output, as generated from the markup in the XML file, is
>>>  reasonable.  Please note that the TXT will have formatting
>>>  limitations compared to the PDF and HTML.
>>> 
>>> 
>>> Submitting changes
>>> ------------------
>>> 
>>> To submit changes, please reply to this email using ‘REPLY ALL’ as all
>>> the parties CCed on this message need to see your changes. The parties
>>> include:
>>> 
>>>  *  your coauthors
>>> 
>>>  *  rfc-editor@rfc-editor.org (the RPC team)
>>> 
>>>  *  other document participants, depending on the stream (e.g.,
>>>     IETF Stream participants are your working group chairs, the
>>>     responsible ADs, and the document shepherd).
>>> 
>>>  *  auth48archive@rfc-editor.org, which is a new archival mailing list
>>>     to preserve AUTH48 conversations; it is not an active discussion
>>>     list:
>>> 
>>>    *  More info:
>>>       https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc
>>> 
>>>    *  The archive itself:
>>>       https://mailarchive.ietf.org/arch/browse/auth48archive/
>>> 
>>>    *  Note: If only absolutely necessary, you may temporarily opt out
>>>       of the archiving of messages (e.g., to discuss a sensitive matter).
>>>       If needed, please add a note at the top of the message that you
>>>       have dropped the address. When the discussion is concluded,
>>>       auth48archive@rfc-editor.org will be re-added to the CC list and
>>>       its addition will be noted at the top of the message.
>>> 
>>> You may submit your changes in one of two ways:
>>> 
>>> An update to the provided XML file
>>> — OR —
>>> An explicit list of changes in this format
>>> 
>>> Section # (or indicate Global)
>>> 
>>> OLD:
>>> old text
>>> 
>>> NEW:
>>> new text
>>> 
>>> You do not need to reply with both an updated XML file and an explicit
>>> list of changes, as either form is sufficient.
>>> 
>>> We will ask a stream manager to review and approve any changes that seem
>>> beyond editorial in nature, e.g., addition of new text, deletion of text,
>>> and technical changes.  Information about stream managers can be found in
>>> the FAQ.  Editorial changes do not require approval from a stream manager.
>>> 
>>> 
>>> Approving for publication
>>> --------------------------
>>> 
>>> To approve your RFC for publication, please reply to this email stating
>>> that you approve this RFC for publication.  Please use ‘REPLY ALL’,
>>> as all the parties CCed on this message need to see your approval.
>>> 
>>> 
>>> Files
>>> -----
>>> 
>>> The files are available here:
>>>  https://www.rfc-editor.org/authors/rfc9490.xml
>>>  https://www.rfc-editor.org/authors/rfc9490.html
>>>  https://www.rfc-editor.org/authors/rfc9490.pdf
>>>  https://www.rfc-editor.org/authors/rfc9490.txt
>>> 
>>> Diff file of the text:
>>>  https://www.rfc-editor.org/authors/rfc9490-diff.html
>>>  https://www.rfc-editor.org/authors/rfc9490-rfcdiff.html (side by side)
>>> 
>>> 
>>> Tracking progress
>>> -----------------
>>> 
>>> The details of the AUTH48 status of your document are here:
>>>  https://www.rfc-editor.org/auth48/rfc9490
>>> 
>>> Please let us know if you have any questions.
>>> 
>>> Thank you for your cooperation,
>>> 
>>> RFC Editor
>>> 
>>> --------------------------------------
>>> RFC9490 (draft-iab-m-ten-workshop-02)
>>> 
>>> Title            : Report from the IAB Workshop on Management Techniques in Encrypted Networks (M-TEN)
>>> Author(s)        : M. Knodel, W. Hardaker, T. Pauly
>