Re: [Curdle] WGLC draft-schaad-curdle-oid-registry
Daniel Migault <daniel.migault@ericsson.com> Wed, 27 September 2017 19:08 UTC
Return-Path: <mglt.ietf@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F7DF134ED4 for <curdle@ietfa.amsl.com>; Wed, 27 Sep 2017 12:08:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.699
X-Spam-Level:
X-Spam-Status: No, score=-1.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fThzTP5k4x73 for <curdle@ietfa.amsl.com>; Wed, 27 Sep 2017 12:08:11 -0700 (PDT)
Received: from mail-wr0-x22d.google.com (mail-wr0-x22d.google.com [IPv6:2a00:1450:400c:c0c::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5178134BDA for <curdle@ietf.org>; Wed, 27 Sep 2017 12:08:10 -0700 (PDT)
Received: by mail-wr0-x22d.google.com with SMTP id m18so18179460wrm.2 for <curdle@ietf.org>; Wed, 27 Sep 2017 12:08:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=SApsk8yXjsaS1is9l2SHQZx4U+5BR8P+3EMKtlPbqbo=; b=pA0ii93N3pbujc+yL7ObqrM7a/NTO/szuwJufw91Gpea0x9tZPla1JkA0IFT85xTWw B+fKQJmbbN+fquuYV9trcF4rsBuxVdnV8sNao2XZK7tzOuahFqovcg9uJDRDiu8EgPKL B3b8KaGvLO06wEeGCPpv5EN9sAdsWcYjkU+useMKOIQ6GCpot00gNkFXm7ZYeBLn78C3 NqTOkhx+hrjlhmdPiT9Foxn2P+/R1+nTheRB5pAD1RYdXeguvDTg/Wef0MMhK8x6U18D uPbW4KlPMjz7ngs5pWIv5Tjxt+eVfRHYBQTSQ2LLrKBMkqMDvA36MgDFh96B+g2u5czy bNtg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=SApsk8yXjsaS1is9l2SHQZx4U+5BR8P+3EMKtlPbqbo=; b=NVNB1QGQaDWRlMsbhfWD+M+TjvZqEomdnqi7L1LsdA2VFKvEIABI4dUBVEw8ZFenSF Vog4iCeoGHg+vY8c+jlcgKeAgE83UlDOtPvDUsvJzeLE5sH7A0Il/GND6Jmjf3F82MR5 hUdgevkDhkAZ8+8QpwGfxt/hAvG7zZ8VgWWuPDi/x+h3otuq3CdSrzXnsKCDN0RqjaTO YVmCm6up09KCxHF4wmIClsWxT3PEjBVMRONt/PlC4y6S5DYWDiLasz6UKNG1aXF9qISK OXcij52LVQ2Pl5d0yQGcOJRpOWVIkmNQLLkxKAKw0wb+CCAg3ArHWUJwvNTWO14ac6Am 1Xww==
X-Gm-Message-State: AMCzsaXGIMKvYBJwCR64KayQH8AUbCwvuUHy6OVUJTayRljmLlyZZuR+ dAyK5/LbJaJPOYLxx7uEcsi6qEy5CMBRcJrT1pI=
X-Google-Smtp-Source: AOwi7QDqCPAa55Amii7d+9TMAaytmQcf/lE7h55JAF06/FgyMi5MzOtnrN+n+79R0SAMx2Bj/GKgraoPBZ3a2g9BDVQ=
X-Received: by 10.25.204.198 with SMTP id c189mr929040lfg.49.1506539289303; Wed, 27 Sep 2017 12:08:09 -0700 (PDT)
MIME-Version: 1.0
Sender: mglt.ietf@gmail.com
Received: by 10.46.97.25 with HTTP; Wed, 27 Sep 2017 12:08:08 -0700 (PDT)
In-Reply-To: <C881476C-9884-465B-9AAC-375EE0A22D77@vigilsec.com>
References: <CADZyTk=y_OJ3CsYtK6yBpXd5hrJtZ=HatuDVMCdCG1DTg7y1vg@mail.gmail.com> <3895FA29-6856-4024-955F-D8C0CBADF42A@sn3rd.com> <CADZyTk=ETS4XzBcA++gPUpWFskzREfWaEcrHLWZsXHdZ+mX1Nw@mail.gmail.com> <03af01d2e09f$518e7c40$f4ab74c0$@augustcellars.com> <CADZyTkkrx4AZWoOBQGmyDHCx1V42__ybNbtbt2tcGbK8R2D4eA@mail.gmail.com> <C881476C-9884-465B-9AAC-375EE0A22D77@vigilsec.com>
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Wed, 27 Sep 2017 15:08:08 -0400
X-Google-Sender-Auth: ConDiuabYE1_BlbeB_2S6FkF2ww
Message-ID: <CADZyTkkB2XpiaHNuv=w6cbojysWF6Ux4eRqrHYA3khNq4TRovg@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
Cc: Jim Schaad <ietf@augustcellars.com>, curdle <curdle@ietf.org>, Sean Turner <sean@sn3rd.com>
Content-Type: multipart/alternative; boundary="94eb2c1a07fe2dde8b055a3083ac"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/XhegRa-xGmNiakbiww6Gm4i3PAU>
Subject: Re: [Curdle] WGLC draft-schaad-curdle-oid-registry
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Sep 2017 19:08:14 -0000
Thanks. It is better to be explicit and complete.These have been addressed. Yours, Daniel On Wed, Sep 27, 2017 at 3:01 PM, Russ Housley <housley@vigilsec.com> wrote: > Daniel Migault is the document shepherd and Eric Rescorla is the responsible Area. > > s/Area/Area Director/ > > Some questions do not have answers: (8), (13), (15) > > Russ > > > On Sep 27, 2017, at 2:56 PM, Daniel Migault <daniel.migault@ericsson.com> > wrote: > > Hi, > > Please find the shepherd write up: > > https://datatracker.ietf.org/doc/draft-schaad-curdle-oid- > registry/shepherdwriteup/ > > Feel free to comment, by the end of the week. > > Yours, > Daniel > > Small comments: > a) > > [I-D.ietf-curdle-pkix <https://tools.ietf.org/html/draft-schaad-curdle-oid-registry-02#ref-I-D.ietf-curdle-pkix>] should also be added as normative and > [I-D.ietf-curdle-pkix <https://tools.ietf.org/html/draft-schaad-curdle-oid-registry-02#ref-I-D.ietf-curdle-pkix>-3] as informational. I think the normative comment is missing > > Maybe a note to the editor should be added. We need to avoid the RFC being in the informational reference ;-) > > b) the draft may be named ietf-curdle-oid-registry to reflect a WG document > > c) title of section 2.1 may be removed and all its content placed in section 2 > > d) If that is possible would it be possible to indicate the exact location where the > table is expected to be added. Currently my understanding is that it is not possible, > but once the table will be added you will be 1) more specific and 2) add a link as an > informal reference. > > > On Thu, Jun 8, 2017 at 5:36 PM, Jim Schaad <ietf@augustcellars.com> wrote: > >> >> >> >> >> *From:* Curdle [mailto:curdle-bounces@ietf.org] *On Behalf Of *Daniel >> Migault >> *Sent:* Thursday, June 8, 2017 12:55 PM >> *To:* Sean Turner <sean@sn3rd.com> >> *Cc:* curdle <curdle@ietf.org> >> *Subject:* Re: [Curdle] WGLC draft-schaad-curdle-oid-registry >> >> >> >> Hi, >> >> Thank you for updating the draft Jim and Rick. While reviewing the draft >> for the shepherd -write up I came with a few comments/questions. Please >> find my comments below. >> >> Yours, >> >> Daniel >> >> >> >> COMMENT A) >> >> The type of the draft is currently "informational". According to RFC 2026 >> I am more incline to consider that BCP would be more appropriated. Any >> thoughts on that ? >> >> The draft does not discuss any technical content. The draft describes the >> set of OIDs that have been donated. In some ways, it also assigns OIDs that >> have not been assigned by any other RFCs ( but only version-03 of the pkix >> draft). It also describes the creation of an IANA registry table, as well >> as update procedure for adding new entries which includes, parameters to >> provide, the review process to follow and the way the arc can be extended. >> >> In that sense according to RFC2026 the document is essentially >> documenting IETF operations and so BCP seems the appropriated type. >> >> [JLS] I am not sure how you would presume that this could be a BCP? What >> practices are we recommending that be followed? I think that this makes >> far more sense as informational. There is nothing that says that an >> informational draft be technical. Lots of informational drafts are about >> procedures or about thought processes. I would keep this where it is. >> >> >> >> COMMENT B) >> >> It might my fault as I commented on the earlier version the references [ >> I-D.ietf-curdle-pkix >> <https://tools.ietf.org/html/draft-schaad-curdle-oid-registry-01#ref-I-D.ietf-curdle-pkix>] >> for id-EdDSA25516-ph and id-EdDSA448-ph. It looks confusing to have OIDs >> reserved for a specific Description while not being assigned. As we have >> the intention to keep these OIDs, I think you opened a better path to have >> a RFC as a reference than having an old version of a draft. >> >> I interpret the the following text as explaining why we ended up with >> id-EdDSA25516-ph and id-EdDSA448-ph. >> >> """ >> >> After those registrations were >> >> done, there were still some unused values that can be used for other >> >> security groups, there were still some unused values. >> """ >> >> >> Placing the current document as the Reference would clarify, in my >> opinion, the status of these OIDs. It may be useful to add some text that >> provides more explication with an reference to [I-D.ietf-curdle-pkix >> <https://tools.ietf.org/html/draft-schaad-curdle-oid-registry-01#ref-I-D.ietf-curdle-pkix>]-03. >> As the RFC editor will probably replace [I-D.ietf-curdle-pkix >> <https://tools.ietf.org/html/draft-schaad-curdle-oid-registry-01#ref-I-D.ietf-curdle-pkix>] >> with the RFC number, It might also be better to have a specific >> informational reference. >> >> [JLS] There is a request in the XML that the RFC editor make sure that >> this specific reference point to the version of the ID and not the RFC. >> However, it gets messy if you have [draft] and [draft-3] I the same >> document as well. Visually, it is currently a hard thing to do. >> >> COMMENT C) >> >> The draft says: >> >> """ >> >> IANA is asked to create one new registry table. >> >> 2.1 >> <https://tools.ietf.org/html/draft-schaad-curdle-oid-registry-01#section-2.1>. >> "SMI Security for Cryptographic Algorithms" Registry >> >> >> >> Within the SMI-numbers registry, add an "SMI Security for >> >> Cryptographic Algorithms" table with the three columns: >> >> """ >> >> Maybe we should also specify that the SMI Security for Cryptographic >> Algorithm registry is a sub-item of the "SMI Security Codes Registries". >> >> >> I believe it would be useful to have an URL as an informational reference >> for both the "SMI-numbers registry" as well as for "SMI Security Codes >> Registries". >> >> https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml >> https://www.iana.org/assignments/smi-numbers/smi-numbers. >> xhtml#smi-numbers-26 >> >> Although I am not aware of a registration procedure for these tables and >> the current, I believe it would be useful to specify explicitly all fields >> associated to the table. >> >> - Registration: Procedure Although it can be inferred from the >> current text. I believe it is helpful to the IANA to have the exact filed >> value associated to all fields. >> >> - Description: The description is usually the arc ID, maybe in our >> case we should add the range of provided OIDs. >> >> - Reference: It seems to me that the current document would be >> appropriated. >> >> - Expert: The Registration Procedure mentions Expert review. I am not >> sure experts should be listed in the in the RFC RFC5226 appointed by >> IESG. >> >> >> >> [JLS] This is really a bit of a mess, because it does not really belong >> under the SMI Security Codes section if one were being string. It is not >> prefixed with the OID defined for that section. It is unfortunate that >> Russ had all of the PKIX and S/MIME registries placed below that section. >> However using the registry template associated with that would not really >> be correct. I may talk to IANA during the process of final registration to >> see if we can create a new header and move all of the registries into that >> new header but I don’t want to do that as part of this document as it >> probably would be messy to state. This type of decision is normally made >> on the fly during the registration process and is not normally called out >> explicitly. >> >> >> >> Experts are normally suggested by the authors, chairs or shepherds of the >> document during the IESG review process at the request of the AD. >> >> >> >> We will end up with an entry that looks like >> https://www.iana.org/assignments/smi-numbers/smi-numbers. >> xhtml#security-smime-3 which provides a template of what is defined here. >> >> >> >> jim >> >> >> >> >> >> >> >> On Sat, Jun 3, 2017 at 9:48 AM, Sean Turner <sean@sn3rd.com> wrote: >> >> I hadn’t read it before, but it does what it says it’s going to do and >> it’s pretty darn short and straight forward. Ship it! >> >> spt >> >> >> > On Jun 2, 2017, at 16:39, Daniel Migault <daniel.migault@ericsson.com> >> wrote: >> > >> > Hi, >> > >> > This email starts a WGLC for draft-schaad-curdle-oid-registry[1]. The >> draft received significant comments during the WG adoption and is expected >> to be close to its final version. Please provide your feed backs by June 16. >> > >> > Yours, >> > Rich and Daniel >> > >> > [1] https://datatracker.ietf.org/doc/draft-schaad-curdle-oid-registry/ >> >> > _______________________________________________ >> > Curdle mailing list >> > Curdle@ietf.org >> > https://www.ietf.org/mailman/listinfo/curdle >> >> _______________________________________________ >> Curdle mailing list >> Curdle@ietf.org >> https://www.ietf.org/mailman/listinfo/curdle >> >> >> >> _______________________________________________ >> Curdle mailing list >> Curdle@ietf.org >> https://www.ietf.org/mailman/listinfo/curdle >> >> > _______________________________________________ > Curdle mailing list > Curdle@ietf.org > https://www.ietf.org/mailman/listinfo/curdle > > > > _______________________________________________ > Curdle mailing list > Curdle@ietf.org > https://www.ietf.org/mailman/listinfo/curdle > >
- [Curdle] WGLC draft-schaad-curdle-oid-registry Daniel Migault
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Russ Housley
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Mark D. Baushke
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Sean Turner
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Daniel Migault
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Jim Schaad
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Daniel Migault
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Russ Housley
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Daniel Migault
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Jim Schaad
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Daniel Migault
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Jim Schaad
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Daniel Migault
- Re: [Curdle] WGLC draft-schaad-curdle-oid-registry Jim Schaad