Re: [Curdle] Time to Review IANA SSH Registries Policies?

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 05 February 2021 00:18 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A28103A19DF for <curdle@ietfa.amsl.com>; Thu, 4 Feb 2021 16:18:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id is3m5cdnf0kk for <curdle@ietfa.amsl.com>; Thu, 4 Feb 2021 16:18:27 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D32A3A0C3B for <curdle@ietf.org>; Thu, 4 Feb 2021 16:18:27 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 5D9C8BE2E; Fri, 5 Feb 2021 00:18:25 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EtQxlpskVIOz; Fri, 5 Feb 2021 00:18:23 +0000 (GMT)
Received: from [10.244.2.119] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 12CDABE24; Fri, 5 Feb 2021 00:18:23 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1612484303; bh=T9o931bcTrvOrjWb6V7nuOPyXiIL9qrD6oiDlAGX9cM=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=1WjclWxWgN1m3UcK0DLrmhI7RyOpTgdgPtUWlDltEMnNVy32JVdWeiVUL0WxNtRjU Ip7vetj2UX6ku6Dgj2RtDrM/6TeVMj9hQXPuXrnTOOLxDAskD8pF+CFvPsxAKKB+VD 3dtFNGQwjLe0T1MDeyVutiZAz15w4XA+yNaeZ3Fc=
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, Phillip Hallam-Baker <phill@hallambaker.com>, "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
Cc: Curdle List <curdle@ietf.org>, Sean Turner <sean@sn3rd.com>
References: <A77E7858-C4ED-4DA0-8015-5E67EB921144@sn3rd.com> <02E82091-15F9-4C36-96AD-1F88CC2E5594@akamai.com> <CAMm+LwgUPBiZ6FoiBir9ByFPFxgcWtMGVKC4LPNVM7EdCaVoDQ@mail.gmail.com> <1612482228184.63328@cs.auckland.ac.nz>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <90021377-b6fd-8e6b-eef2-03a337e23859@cs.tcd.ie>
Date: Fri, 5 Feb 2021 00:18:22 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1
MIME-Version: 1.0
In-Reply-To: <1612482228184.63328@cs.auckland.ac.nz>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="wMrO00yYY9Pe4Ircw2MhAY04u6TfEYWeK"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/10gC59MYOVl2bGkbh1L1fygqvuk>
Subject: Re: [Curdle] Time to Review IANA SSH Registries Policies?
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Feb 2021 00:18:30 -0000

Hi Peter,

On 04/02/2021 23:43, Peter Gutmann wrote:
> Phillip Hallam-Baker <phill@hallambaker.com> writes:
> 
>> Restrictive registration requirements contradict the principle of
>> 'permissionless innovation'. If the IETF is the place you go to get
>> permission to innovate, we are doing it wrong.
> 
> +1.  To give a real-world experience of "expert review", when I tried to go
> through the process on $unnamed-wg 

It's not like you to be shy like that:-)

> there was an experts group that you
> couldn't contact who had a non-public mailing list where decisions were made
> in secret, but that didn't matter since there was no way to contact them.
> Eventually it got sorted out by one or two people involved in the process
> going out of their way to help, but when done as it should have been the
> process was more reminiscent of Kafka than the IETF.

I think that's a reasonable point. From the POV of the IESG
and I guess the DEs, handling things more informally likely
seems easier, but I agree that may well make the process look
Kafkaesque to someone wanting a codepoint.

Maybe we ought try up our game the next time we do one of
these "re-work IANA" things for some protocol. Just as we
now have the "recommended" column for TLS ciphersuites, (and
I think that makes things better overall and can be copied
for other registries), it might be a good idea to have an
open mailing list for each registry or set of DEs or some
such. (IIRC, the URI schemes registry does have such a list,
and the magic incantation one must learn is to try get people
discussing your proposed scheme on that list, without too
much scorn, before you can hope for success with the DEs:-)

Cheers,
S.


> 
> Peter.
> 
> 
> 
> 
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle
>