Re: [babel] WG adoption call for draft-do-babel-hmac (7/19 - 8/6)

[Denis Ovsienko <denis@ovsienko.info>]

Thank you for a detailed response Donald.

I have commented on the points that look the most pressing to me.

 ---- On Mon, 06 Aug 2018 21:24:28 +0100 Donald Eastlake <d3e3e3@gmail.com> wrote ---- 
 > Hi Denis, 
 >  
 > Thanks for responding to this WG draft adoption call. 
 >  
 > On Sun, Aug 5, 2018 at 5:59 PM, Denis Ovsienko <denis@ovsienko.info> wrote: 
 > >  ---- On Thu, 19 Jul 2018 13:46:37 +0100 Donald Eastlake <d3e3e3@gmail.com> wrote ---- 
 > >  > This message begins a WG adoption call for draft-do-babel-hmac. 
 > >  > Since this starts during an IETF meeting, it is running for a bit 
 > >  > longer than usual, through August 6th. Please indicate whether you 
 > >  > think this draft should be adopted. Comments on the draft also 
 > >  > welcome. 
 > > 
 > > I object to the adoption of this document for the following reasons, which should be well-known to anybody who has been on the Babel WG mailing list, but if it takes to rub it in to action, I will rub it in. 
 > > 
 > > 1. Questionable attribution of authorship. 
 > > 
 > > The document lists Clara Do as its first author. Clara Do has never ever sent a single message, at all, however short or long, to the Babel WG mailing list. She has never presented anything at a Babel WG meeting, whether in person or remotely. In other words, this person has never participated in this working group. 
 > > 
 > > The document lists Weronika Kolodziejak as its second author. Weronika had sent 1 (one) message to the Babel WG mailing list, but made no other contributions (in the IETF sense of the term). 
 >  
 > A person who has produced text with the intent that it end up in a 
 > Babel Internet Draft and that actually ends up in such an Internet 
 > Draft, even if in an edited form, is a contributor to the WG and a 
 > participant in the WG. 
 >  
 > > The document lists Juliusz Chroboczek as its third author. Juliusz in the past couple months had sent an incredible amount of messages to the Babel WG mailing list. Most of those were related to the HMAC-based method of Babel security, 
 >  
 > I'll take the above statements as true although I haven't actually 
 > checked who posted how often. 
 >  
 > >                   which the Babel WG had already decided it will not use. Despite the obvious fact, Juliusz kept bringing the matter up again and again and again and again, most of the text in the proposed document has been committed by him, and at IETF-102 he proposed to adopt this draft shortly after it was first created. 
 >  
 > I don't think that the Babel WG has decided it will not use HMAC-based 
 > Babel security. It also seems reasonable that, considering how long 
 > previous documents have been available and how much discussion has 
 > been held on the topic, that a new HMAC-based Babel security document 
 > could be considered fairly quickly. 
 >  
 > > This way, the document looks mainly a product of very recent efforts of Juliusz Chroboczek. Hence when Juliusz at IETF-102 in his HMAC slides stated "I am just the janitor here", that statement was false. 
 >  
 > I'm not sure what being "the janitor" means. Also, while there is some 
 > correlation, I don't think how much someone has contributed to a 
 > document can be determined by how often they posted to the mailing 
 > list or did commits. It seems reasonable that someone could produce 
 > major contributions to a document by reading previous documents and 
 > reading the comments on the mailing list. To the extent that "janitor" 
 > means someone who cleans things up, it seems reasonable that such 
 > contributions might go through someone who cleaned up some minor 
 > formatting or language issued before merging the contribution into a 
 > document -- but, of course, I don't actually know what the work flow 
 > was and I don't think you do either. So I just don't see any 
 > foundation for your claim that Juliusz's statement was false and I 
 > think that statement was inappropriate. 


I am sorry that you do not like the language I have to use, but I do not currently see better means to get to the point: who is the actual author(s) of draft-do-babel-hmac?

This question is both appropriate and relevant. An author is the person responsible for the technical contents of the document. Who exactly is responsible for the technical contents of this routing protocol security mechanism proposed to be adopted for Standards Track work? Who exactly has the responsibility to answer the question in point 2 of this objection?

Are you saying it is Juliusz? I have already asked him and got no sound technical answer.

Are you saying it is Clara or Weronika? I am looking forward to study any comments they make, if they do.

I appreciate your willingness to discuss what other participants could mean, but on this occasion I do not see other means to achieve clarity other than the participants speaking for themselves, rather than someone making interpretations on their behalf.


 > > Juliusz Chroboczek had previously commented that Clara Do and Weronika Kolodziejak are his interns. I understand this as they are not independent in their actions, so as a minimum it would be fair to let them speak freely for themselves and to confirm the reasons for appearing on the list of authors for a document that was written mostly by another person. 
 >  
 > If they want to post something to the mailing list, they are welcome 
 > to do so, but there is no requirement for them to. Until the draft is 
 > adopted by the WG, the WG has no authority over the author list shown 
 > on the title page. 
 >  
 > > It would also be very useful to hear about their experience in the areas of network protocols design, implementation and security, and how much time they plan to spend on this project, as this is a Standards Track work and it may be very demanding regardless of what other plans people have in life. 
 >  
 > Well, I don't recall anyone else posting a resume to the list. I know I haven't. 
 >  
 > > 2. What problem does this document solve that has not been solved before? 
 > > 
 > > The Babel WG has already had an opportunity to adopt a HMAC-based solution to fulfill the requirements of its charter, and the WG decided not to adopt. This decision was not rooted in the technical merits of the proposed solution. As far as the WG adoption call materials go, draft-ovsienko-babel-rfc7298bis was good enough and had no unaddressed technical issues, I had already clarified this before. 
 >  
 > Adoption of the draft was determined not to have consensus due to 
 > insufficient support and one objection. 
 >  
 > > I had asked, twice, Juliusz Chroboczek about the technical merits of his new HMAC project, and, unfortunately, he had not provided an answer that would be sound and true. Given this input, I have to conclude this document does _not_ solve a problem that would not be solved already. 
 >  
 > The WG has the right to choose which draft will be the starting point 
 > for the WG draft efforts. 


Thank you for providing the above comments, but they do not answer the question, so let me get back to the point again.

Juliusz Chroboczek maintains that draft-do-babel-hmac addresses unresolved problems of my Babel security contributions. This statement is false by omission (Juliusz keeps comparing with RFC 7298, whereas he has seen that the input I had contributed during the adoption call of 7298bis I-D had addressed all known issues). Hence the two requests below.

* I take repeated false statements about the quality of my contributions to the Babel WG as ongoing deliberate annoyance. I accept the chairs may be unaware because of not following the WG mailing list, but I do not see it as a valid reason for this annoyance to continue. Now I am asking the working group chairs to acknowledge this statement and to handle this annoyance within the scope of their powers and duties in IETF.

* I am asking the person(s) responsible for the technical contents of draft-do-babel-hmac to answer the same crucial question. Which specific technical problems does this document solve that have not been solved before?

-- 
    Denis Ovsienko