Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-drip-rid-37> for your review
Sandy Ginoza <sginoza@amsl.com> Mon, 06 March 2023 22:25 UTC
Return-Path: <sginoza@amsl.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF72EC152F11; Mon, 6 Mar 2023 14:25:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.197
X-Spam-Level:
X-Spam-Status: No, score=-4.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hEA3A6NFLXqm; Mon, 6 Mar 2023 14:25:39 -0800 (PST)
Received: from c8a.amsl.com (c8a.amsl.com [4.31.198.40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C38E9C14EB1C; Mon, 6 Mar 2023 14:25:39 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by c8a.amsl.com (Postfix) with ESMTP id A5BFB424FFF2; Mon, 6 Mar 2023 14:25:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from c8a.amsl.com ([127.0.0.1]) by localhost (c8a.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BpRQgzKXewOc; Mon, 6 Mar 2023 14:25:39 -0800 (PST)
Received: from smtpclient.apple (2603-8000-9603-b513-554a-8c45-54c8-1900.res6.spectrum.com [IPv6:2603:8000:9603:b513:554a:8c45:54c8:1900]) by c8a.amsl.com (Postfix) with ESMTPSA id BA0C4424FFF0; Mon, 6 Mar 2023 14:25:38 -0800 (PST)
From: Sandy Ginoza <sginoza@amsl.com>
Message-Id: <2E4C9565-9F7C-4BA8-B6F0-4612C8245FDF@amsl.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_D84CF328-0A99-46EA-84A1-CE4006796905"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Date: Mon, 06 Mar 2023 14:24:17 -0800
In-Reply-To: <64b0d53f-c9a0-dedf-7752-8092dabb58fb@labs.htt-consult.com>
Cc: RFC Editor <rfc-editor@rfc-editor.org>, Stu Card <stu.card@axenterprize.com>, Adam Wiethuechter <adam.wiethuechter@axenterprize.com>, gurtov@acm.org, drip-ads@ietf.org, drip-chairs@ietf.org, "<mohamed.boucadair@orange.com>" <mohamed.boucadair@orange.com>, Eric Vyncke <evyncke@cisco.com>, auth48archive@rfc-editor.org
To: Robert Moskowitz <rgm@labs.htt-consult.com>
References: <20230226235951.6AFDE84D2D@rfcpa.amsl.com> <5c95d06e-5b89-f4ec-579f-25901ca28820@labs.htt-consult.com> <65123B4F-29D3-4828-B619-CAF04E25D8AA@amsl.com> <64b0d53f-c9a0-dedf-7752-8092dabb58fb@labs.htt-consult.com>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/z6CK4xwTKYo_wdoSQ0sL_ON6knQ>
Subject: Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-drip-rid-37> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Mar 2023 22:25:44 -0000
Greetings all, Thank you for your quick review. The updated files are available here: https://www.rfc-editor.org/authors/rfc9374.txt https://www.rfc-editor.org/authors/rfc9374.pdf https://www.rfc-editor.org/authors/rfc9374.html https://www.rfc-editor.org/authors/rfc9374.xml Diffs of the most recent updates only: https://www.rfc-editor.org/authors/rfc9374-lastdiff.html https://www.rfc-editor.org/authors/rfc9374-lastrfcdiff.html (side by side) AUTH48 diff: https://www.rfc-editor.org/authors/rfc9374-auth48diff.html Comprehensive diff: https://www.rfc-editor.org/authors/rfc9374-diff.html https://www.rfc-editor.org/authors/rfc9374-rfcdiff.html (side by side) Please see comments in-line. In addition, please review the updated files and let know if any changes are needed. This still applies: > [note that resolved issues have been snipped] >>>> 20) <!-- [rfced] We are having trouble parsing "88-byte self-proof >>>> evidence". If possible, please clarify. >>>> >>>> Original: >>>> The EdDSA25519 HI (Section 3.4) underlying the DET can be used in an >>>> 88-byte self-proof evidence (timestamp, HHIT, and signature of these) >>>> to provide proof to Observers of Remote ID ownership (GEN-1 in >>>> [RFC9153]). >>>> --> >>> The term "evidence" (and "endorsement") are defined in drip-arch and are from RATS rfc 9334. Sec 2.3 says to look in drip-arch for terms. We had quite a debate on the list about where terms are defined in our documents. >>> >>> Perhaps first time "evidence" and "endorsement" are used point to rfc9334? >>> >>> These terms/concepts are really important in DRIP and heavily used in drip-auth. >> >> [rfced] We have not made any changes, but we wonder if “self-proving evidence” is meant? > > I can see that is a better way to express the concept. I see "self-proof evidence" used earlier in the para. Use that. > > Don't change self-claims or self-endorsement as those are different beasts. Please note that I don't fully understand what is meant by "self-proof evidence”, but I have left the phrase as it is based this discussion. In addition, it appears you wanted the other instance of “self-evidence” to be “self-proof evidence”. We have updated this sentence as shown below. Please let us know if any updates are needed. Original: In practice, the Wrapper and Manifest authentication formats (Sections 6.3.3 and 6.3.4 of [drip-authentication]) implicitly provide this self-evidence. Current: In practice, the Wrapper and Manifest authentication formats (Sections 6.3.3 and 6.3.4 of [DRIP-AUTH]) implicitly provide this self-proof evidence. > >> >>>> 45) <!-- [rfced] Would you like to make use of <sup> for superscript >>>> in this document? You can see how it looks here: >>>> >>>> https://www.rfc-editor.org/authors/rfc9374-sup.html >>>> https://www.rfc-editor.org/authors/rfc9374-sup.pdf >>>> https://www.rfc-editor.org/authors/rfc9374-sup.txt >>>> >>>> Note: In the HTML and PDF, it appears as superscript. >>>> In the text output, <sup> generates a^b. >>>> --> >>> I did not even consider what would work here for .txt and .pdf and .html. >>> >>> So please do what works best! Maybe I will learn something for future use! >> >> [rfced] We have updated the document to use superscript. Please review. In particular, please review this instance in the text and html output (at minimum) to ensure the groupings are correct: >> >> Original: >> p = 1 - e^{-k^2/(2n)} >> >> TXT: >> p = 1 - e^({-k^2/(2n)}) >> >> HTML: >> https://www.rfc-editor.org/authors/rfc9374.html#appendix-D > > Both changes are fine. Just as a comment, in pure math precedence rules the added set of parens is not needed. > > I do see that you also changed table 15 for superscripts and that is fine too. The added parens around {-k^2/(2n)} is being added by xml2rfc. This is what currently appears in the XML: <t>p = 1 - e<sup>{-k<sup>2</sup>/(2n)}</sup></t> If you prefer the parens be removed, please let us know and we will discuss the issue with the tools team. > > >> >>>> 46) <!-- [rfced] Please review the following regarding terminology: >>>> >>>> a) Throughout the text, the following term appears to be used >>>> inconsistently. Please review these occurrences and let us know if/how they >>>> may be made consistent. >>>> >>>> authentication message vs Authentication Message >>>> >>>> b) Note that instances of "IPV6" have been updated to "IPv6" (lowercase v). >>>> >>>> c) In addition, note that we have used the following articles. Please let us know if any corrections are needed. >>>> >>>> an HI (read "hy") >>>> an HDA (read as letters, i.e., an eche dee aye) >>>> a HIP (read as the word hip) >>>> a HIT (read as the word hit) >>>> a HHIT - how is this read? >>>> --> >>> We were very careful where we capitalized authentication message vs Authentication Message >>> >>> Are we talking about the actual ASTM Authentication Message (msg type 0x2) or speaking about an authentication message. So please the case alone. Lots of reviews on this usage. >>> >>> b) thank you. >>> >>> HI should probably be "a HI" as you allude? >>> HDA, HIP, and HIT are right above. >>> >>> HHIT is read by letter or "H HIT". So that seems it should be an HHIT. >> <atw> >> in conference with Stu, user may not understand this subtle distinction! Perhaps text is needed the terminology section to enlighten that capitalization means F3411 specifically and uncapitalized is generic. >> <atw> >> >> >> [rfced] We have not made any changes - please let me know if any corrections are needed. > > All "an HHIT" should be changed to "a HHIT", as we always say the "H": "H HIT" or "H H I T". As I believe "a" is used for the the letter "H". As the first H is being read as a letter, “an” is the correct article (i.e., an āCH-hit). > I prefer to leave the mixed writing of "authentication message" and "Authentication Message". Ok - we have not made any changes. >> - [rfced] New questions regarding Section 4.5: DRIP Entity Tag (DET) Registry >> >> a) Apologies if I am missing something obvious here, but to what registry does this refer? This document uses "DET Registry” and Section 4.5 is entitled "DRIP Entity Tag (DET) Registry”. Section 4.5 references draft-ietf-drip-registries. I expected draft-ietf-drip-registries to create a DET registry, but it refers back to this document, which creates the "Drone Remote ID Protocol” Registry. Is it correct that DET Registry refers to the DRIP Registry <https://www.iana.org/assignments/drip/drip.xhtml>? Can this text be clarified? > > In sec 4.5 the registries for DETs that will be maintained by HDAs is discussed with pointer to drip-registries where the process and some of these registries (public and private) are defined. This section does not reference any IANA registries. > >> b) Is [DRIP-REG] being referred to here because it defines the registration process? If so, where are these procedures defined? > > In drip-reg which is not complete and so referencing any sections in it would be problematic. We have not made any changes. Is there a registry name or some other way to identify the registry to help the reader? Thank you, RFC Editor/sg
- [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-drip-… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… mohamed.boucadair
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Stu Card
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… mohamed.boucadair
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Adam Wiethuechter
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Adam Wiethuechter
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Stu Card
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Stu Card
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Stu Card
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… mohamed.boucadair
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Robert Moskowitz
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Adam Wiethuechter
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Andrei Gurtov
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Sandy Ginoza
- Re: [auth48] AUTH48: RFC-to-be 9374 <draft-ietf-d… Sandy Ginoza
- [auth48] [IANA #1268454] Re: AUTH48: RFC-to-be 93… Sabrina Tanamal via RT
- Re: [auth48] [IANA #1268454] AUTH48: RFC-to-be 93… Sandy Ginoza
- [auth48] final questions - Re: AUTH48: RFC-to-be … Alice Russo
- Re: [auth48] final questions - Re: AUTH48: RFC-to… Robert Moskowitz
- Re: [auth48] final questions - Re: AUTH48: RFC-to… Alice Russo
- Re: [auth48] final questions - Re: AUTH48: RFC-to… mohamed.boucadair
- Re: [auth48] final questions - Re: AUTH48: RFC-to… Alice Russo