Re: [babel] WG adoption call for draft-do-babel-hmac (7/19 - 8/6)

Denis Ovsienko <denis@ovsienko.info> Thu, 09 August 2018 10:48 UTC

Return-Path: <denis@ovsienko.info>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9D8E130E06; Thu, 9 Aug 2018 03:48:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ovsienko.info
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bQuEpfwF8UgU; Thu, 9 Aug 2018 03:48:11 -0700 (PDT)
Received: from sender-of-o51.zoho.com (sender-of-o51.zoho.com [135.84.80.216]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C48461286E3; Thu, 9 Aug 2018 03:48:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1533811686; s=zohomail; d=ovsienko.info; i=denis@ovsienko.info; h=Date:From:To:Message-ID:In-Reply-To:References:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding; l=12689; bh=89YxzSygcaZwr94zZUzwJ5ATSAlYfLzmZLG+6AI5MmI=; b=vkErgs0q2sMy/6uq28CppA8QwN0jq+jczia3OhotkSqijQQEJ3T+1HQ4TliIFidn EXRP+jFE1ugDHwhMK3qoOOozseL2zk4cPcGzRFHP4m20JyKi1WtllKDqDFv6KVBUCBD Z9LPoVehqOvN9Q1anyVnp8VU/5LwLneplFSwt0zg=
Received: from mail.zoho.com by mx.zohomail.com with SMTP id 1533811685948703.1824195505956; Thu, 9 Aug 2018 03:48:05 -0700 (PDT)
Date: Thu, 09 Aug 2018 11:48:05 +0100
From: Denis Ovsienko <denis@ovsienko.info>
To: babel-chairs@ietf.org, Babel at IETF <babel@ietf.org>
Message-ID: <1651e4cfa39.f57f2903302423.8784413720731649807@ovsienko.info>
In-Reply-To: <CAF4+nEFm4X-L9JHtrEsH_SgFS=r87jPKWirVx-K+6MS9MqeQMg@mail.gmail.com>
References: <CAF4+nEEubyH7dHmPpdO3P-G-ma3GtVynpGm6=iy_44Ef5wCM_w@mail.gmail.com> <1650c1a8ddf.dcee3d8c318053.6862501659664757597@ovsienko.info> <CAF4+nEFWhG_Tm2dS4tTpk0fx34UgdErCiQrg_i=gzgRp4uOPdg@mail.gmail.com> <165140abe3b.cf1cc955191064.7082979724932704408@ovsienko.info> <CAF4+nEFm4X-L9JHtrEsH_SgFS=r87jPKWirVx-K+6MS9MqeQMg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Priority: Medium
User-Agent: Zoho Mail
X-Mailer: Zoho Mail
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/s-pDktw1XFqfTFAUDHnbuRO9KOs>
Subject: Re: [babel] WG adoption call for draft-do-babel-hmac (7/19 - 8/6)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Aug 2018 10:48:14 -0000

Hello Donald.

Please find more comments below. I am sorry, but I am still unhappy about how my request to the WG chairs was handled. Having provided the information you asked for, I consider you in a position to review it again.


 ---- On Wed, 08 Aug 2018 05:58:15 +0100 Donald Eastlake <d3e3e3@gmail.com> wrote ---- 
 > Hi Denis, 
 >  
 > On Tue, Aug 7, 2018 at 6:59 AM, Denis Ovsienko <denis@ovsienko.info> wrote: 
 > > Thank you for a detailed response Donald. 
 > > 
 > > I have commented on the points that look the most pressing to me. 
 > > 
 > >  ---- On Mon, 06 Aug 2018 21:24:28 +0100 Donald Eastlake <d3e3e3@gmail.com> wrote ---- 
 > >  > Hi Denis, 
 > >  > 
 > >  > Thanks for responding to this WG draft adoption call. 
 > >  > 
 > >  > On Sun, Aug 5, 2018 at 5:59 PM, Denis Ovsienko <denis@ovsienko.info> wrote: 
 > >  > >  ---- On Thu, 19 Jul 2018 13:46:37 +0100 Donald Eastlake <d3e3e3@gmail.com> wrote ---- 
 > >  > >  > This message begins a WG adoption call for draft-do-babel-hmac. 
 > >  > >  > Since this starts during an IETF meeting, it is running for a bit 
 > >  > >  > longer than usual, through August 6th. Please indicate whether you 
 > >  > >  > think this draft should be adopted. Comments on the draft also 
 > >  > >  > welcome. 
 > >  > > 
 > >  > > I object to the adoption of this document for the following reasons, which should be well-known to anybody who has been on the Babel WG mailing list, but if it takes to rub it in to action, I will rub it in. 
 > >  > > 
 > >  > > 1. Questionable attribution of authorship. 
 > >  > > 
 > >  > > The document lists Clara Do as its first author. Clara Do has never ever sent a single message, at all, however short or long, to the Babel WG mailing list. She has never presented anything at a Babel WG meeting, whether in person or remotely. In other words, this person has never participated in this working group. 
 > >  > > 
 > >  > > The document lists Weronika Kolodziejak as its second author. Weronika had sent 1 (one) message to the Babel WG mailing list, but made no other contributions (in the IETF sense of the term). 
 > >  > 
 > >  > A person who has produced text with the intent that it end up in a 
 > >  > Babel Internet Draft and that actually ends up in such an Internet 
 > >  > Draft, even if in an edited form, is a contributor to the WG and a 
 > >  > participant in the WG. 
 > >  > 
 > >  > > The document lists Juliusz Chroboczek as its third author. Juliusz in the past couple months had sent an incredible amount of messages to the Babel WG mailing list. Most of those were related to the HMAC-based method of Babel security, 
 > >  > 
 > >  > I'll take the above statements as true although I haven't actually 
 > >  > checked who posted how often. 
 > >  > 
 > >  > >                   which the Babel WG had already decided it will not use. Despite the obvious fact, Juliusz kept bringing the matter up again and again and again and again, most of the text in the proposed document has been committed by him, and at IETF-102 he proposed to adopt this draft shortly after it was first created. 
 > >  > 
 > >  > I don't think that the Babel WG has decided it will not use HMAC-based 
 > >  > Babel security. It also seems reasonable that, considering how long 
 > >  > previous documents have been available and how much discussion has 
 > >  > been held on the topic, that a new HMAC-based Babel security document 
 > >  > could be considered fairly quickly. 
 > >  > 
 > >  > > This way, the document looks mainly a product of very recent efforts of Juliusz Chroboczek. Hence when Juliusz at IETF-102 in his HMAC slides stated "I am just the janitor here", that statement was false. 
 > >  > 
 > >  > I'm not sure what being "the janitor" means. Also, while there is some 
 > >  > correlation, I don't think how much someone has contributed to a 
 > >  > document can be determined by how often they posted to the mailing 
 > >  > list or did commits. It seems reasonable that someone could produce 
 > >  > major contributions to a document by reading previous documents and 
 > >  > reading the comments on the mailing list. To the extent that "janitor" 
 > >  > means someone who cleans things up, it seems reasonable that such 
 > >  > contributions might go through someone who cleaned up some minor 
 > >  > formatting or language issued before merging the contribution into a 
 > >  > document -- but, of course, I don't actually know what the work flow 
 > >  > was and I don't think you do either. So I just don't see any 
 > >  > foundation for your claim that Juliusz's statement was false and I 
 > >  > think that statement was inappropriate. 
 > > 
 > > I am sorry that you do not like the language I have to use, but I do not currently see better means to get to the point: who is the actual author(s) of draft-do-babel-hmac? 
 > > 
 > > This question is both appropriate and relevant. An author is the person responsible for the technical contents of the document. Who exactly is responsible for the technical contents of this routing protocol security mechanism proposed to be adopted for Standards Track work? Who exactly has the responsibility to answer the question in point 2 of this objection? 
 > > 
 > > Are you saying it is Juliusz? I have already asked him and got no sound technical answer. 
 > > 
 > > Are you saying it is Clara or Weronika? I am looking forward to study any comments they make, if they do. 
 > > 
 > > I appreciate your willingness to discuss what other participants could mean, but on this occasion I do not see other means to achieve clarity other than the participants speaking for themselves, rather than someone making interpretations on their behalf. 
 >  
 > Those listed on the title page are asserting that they are the 
 > authors. Juliusz in a separate answer has confirmed they are the 
 > authors. You have not, in my opinion, as I have previously stated, 
 > cited any good evidence that any of those listed on the title page are 
 > not authors. Yet you are attacking their integrity and honest. 


Donald, when somebody else attacked my integrity and honesty on the list first, both you and Russ White were fine with that. Hence I am asking you not to discriminate.

I raise the same questions about this document:

1. Who exactly is responsible for the technical contents of this routing protocol security mechanism proposed to be adopted for Standards Track work?
2. Which specific technical problems does this document solve that have not been solved before?

If participants find those questions inconvenient and do not answer them clearly, this is not a problem of the messenger.


 > >  > > Juliusz Chroboczek had previously commented that Clara Do and Weronika Kolodziejak are his interns. I understand this as they are not independent in their actions, so as a minimum it would be fair to let them speak freely for themselves and to confirm the reasons for appearing on the list of authors for a document that was written mostly by another person. 
 > >  > 
 > >  > If they want to post something to the mailing list, they are welcome 
 > >  > to do so, but there is no requirement for them to. Until the draft is 
 > >  > adopted by the WG, the WG has no authority over the author list shown 
 > >  > on the title page. 
 > >  > 
 > >  > > It would also be very useful to hear about their experience in the areas of network protocols design, implementation and security, and how much time they plan to spend on this project, as this is a Standards Track work and it may be very demanding regardless of what other plans people have in life. 
 > >  > 
 > >  > Well, I don't recall anyone else posting a resume to the list. I know I haven't. 
 > >  > 
 > >  > > 2. What problem does this document solve that has not been solved before? 
 > >  > > 
 > >  > > The Babel WG has already had an opportunity to adopt a HMAC-based solution to fulfill the requirements of its charter, and the WG decided not to adopt. This decision was not rooted in the technical merits of the proposed solution. As far as the WG adoption call materials go, draft-ovsienko-babel-rfc7298bis was good enough and had no unaddressed technical issues, I had already clarified this before. 
 > >  > 
 > >  > Adoption of the draft was determined not to have consensus due to 
 > >  > insufficient support and one objection. 
 > >  > 
 > >  > > I had asked, twice, Juliusz Chroboczek about the technical merits of his new HMAC project, and, unfortunately, he had not provided an answer that would be sound and true. Given this input, I have to conclude this document does _not_ solve a problem that would not be solved already. 
 > >  > 
 > >  > The WG has the right to choose which draft will be the starting point 
 > >  > for the WG draft efforts. 
 > > 
 > > 
 > > Thank you for providing the above comments, but they do not answer the question, so let me get back to the point again. 
 > > 
 > > Juliusz Chroboczek maintains that draft-do-babel-hmac addresses unresolved problems of my Babel security contributions. This statement is false by omission (Juliusz keeps comparing with RFC 7298, whereas he has seen that the input I had contributed during the adoption call of 7298bis I-D had addressed all known issues). Hence the two requests below. 
 >  
 > See Juliusz response and the WG mailing list. There is clearly a 
 > difference of opinion here. You are entitled to your opinion that 
 > 7298bis addressed all known issues. Those who disagree with you are 
 > also entitled to their opinion. 


I have seen that response, and it repeats what Juliusz had stated before (on the mailing list and at IETF-102), and that is what I take as a deliberate personal insult. I am asking you to mind where you direct me.


 > > * I take repeated false statements about the quality of my contributions to the Babel WG as ongoing deliberate annoyance. I accept the chairs may be unaware because of not following the WG mailing list, but I do not see it as a valid reason for this annoyance to continue. Now I am asking the working group chairs to acknowledge this statement and to handle this annoyance within the scope of their powers and duties in IETF. 
 >  
 > "Quality" is a subjective judgement about which people can reasonably 
 > differ. It has many dimensions. If you are going to complaint about 
 > "repeated false statements", you need to provide pointers to the 
 > specific statements. 


Fine, let me explain one more time and spell the details to make it portable for any required escalation.

One of the contributions I have made to the Babel WG in 2018 started at IETF-101, where I proposed my I-D for the WG adoption. The contribution consisted of draft-ovsienko-babel-rfc7298bis-00 and related in-depth discussion on the mailing list during the I-D adoption call, which lasted for more than 2 months. Although the I-D was not adopted by the WG, to the best of my knowledge this contribution (the I-D and the mailing list discussion) had addressed all the questions and problems raised before and during the call.

Juliusz Chroboczek, a participant to the Babel WG, about the time of the WG decision about my I-D started a very similar work, which ended up as draft-do-babel-hmac. Juliusz keeps claiming that his work solves design problems in my contribution, specifically, in RFC 7298 (published in 2014) or in 7298bis (-00 published on 5 March 2018) or the attack described in his message to the list dated 10 May 2018.

I take that statement as false by deliberate omission. The discussion about the 7298bis adoption lasted up to 28 May 2018. Among other things, the problem stated by Juliusz on 10 May was discussed with him on the list on 11 May, 13 May, 15 May, and eventually I published the solution on 23 May. Juluisz had seen the message with the solution and replied to it, and referred to that solution later on the list.

I have done a lot of work to deliver what I have delivered. I accept that other IETF participants may have no interest in my work. I do not accept another IETF participant again and again deliberately presenting my work as if it had a "fatal flaw" (sic) and using that as the only ground to endorse their own document. I take it as a deliberate personal insult, and I am asking you to stop this.


 > > * I am asking the person(s) responsible for the technical contents of draft-do-babel-hmac to answer the same crucial question. Which specific technical problems does this document solve that have not been solved before? 
 >  
 > See Juliusz response the WG mailing list. 
 >  
 > In any case, there was no consensus to adopt 7298bis but there is 
 > consensus to adopt do-babel-hmac. 


I have seen the participants voting.

-- 
    Denis Ovsienko