[DNSOP] Working Group Last Call for for draft-ietf-dnsop-rfc5011-security-considerations-12; was Publication has been requested for draft-ietf-dnsop-rfc5011-security-considerations-12
Michael StJohns <msj@nthpermutation.com> Tue, 10 July 2018 15:35 UTC
Return-Path: <msj@nthpermutation.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3EF36131029 for <dnsop@ietfa.amsl.com>; Tue, 10 Jul 2018 08:35:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q33peeNjJ-vM for <dnsop@ietfa.amsl.com>; Tue, 10 Jul 2018 08:35:50 -0700 (PDT)
Received: from mail-qt0-x234.google.com (mail-qt0-x234.google.com [IPv6:2607:f8b0:400d:c0d::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E1F4130FF6 for <dnsop@ietf.org>; Tue, 10 Jul 2018 08:35:50 -0700 (PDT)
Received: by mail-qt0-x234.google.com with SMTP id f1-v6so18675900qti.3 for <dnsop@ietf.org>; Tue, 10 Jul 2018 08:35:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=emKhcFUcWt0Nq48gJk76QPPczJVBlaeWMg/dmBX3470=; b=lf+wL/91bHdxvytykKS75GEChIIJacauIoHzFXNehvm4TmbUZxIivkaI58DzhxbrAu rFujbZ6icysx/lgLpI07u0PQbnsuahNyjxBhUcZ7vih48GkoHSDPp6G+pILoxiHYZivl OSi27hhsOH8UpKAYFHmhsjQtY6n9atZwCPy2JKw2ZUyHG9ZxdlMt5NI60QXAsoZLgFE2 1IYRDhcCf7QkQ2I5Wom79Qt8Ql78M8auK83eJsAxdqvjeM0p8et8tHkluJ743FXtH+A0 9XiZAfjb3KZiDPuw84/9DuFoyeJhZFaJe4v+Jy97/qHFRE5ibHiMN8cBQ1GD4p/6lZtV Qrqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=emKhcFUcWt0Nq48gJk76QPPczJVBlaeWMg/dmBX3470=; b=d9muDlR3Ifa+RaavezAXK/DqAB5z5YVZPhcSmPnDHKbWlPDWIowD1zTRtdijxWkfUW BapBvsKsKVfdu/3ukdqSMJAOO9gYLlKAyJq6G5v3Z+rue4cXmk4mZfHXwJ2A786aak2Z 5WRTPbRHgm0YK49yCDBCRCCDxWnHNLAtZrwH8NgTjraBE4eKDvLJowEdgG8btYGL7WVm wGFsGbHkg5WTD65W2dYbwXY7pGPh9qeSgiXrr3FSpUs3fSoet2WlBXFcN+x//7d1UZam O9KFVoBqmIlxthmDEjWfajw9Z3+b2QXgUg3Z9IXCEfZ+cy47Vg4xCQ9qzKUzfVBQuXpv NFLQ==
X-Gm-Message-State: APt69E218ty0C1WBsXaWSINgk+AeOioT9V8/aOoVR3Kwvfa4NHZ/LtCh FShY2lrDhmGpF/aBobnHw0TbCQ==
X-Google-Smtp-Source: AAOMgpczZ5XdIMHPuS+ZYrmY0GB951VOQYPMTR9c1WqPAGE3vOiLNOWHSgp3QEEsZkzr8EQ5+bN3qQ==
X-Received: by 2002:a0c:e885:: with SMTP id b5-v6mr22033233qvo.52.1531236949025; Tue, 10 Jul 2018 08:35:49 -0700 (PDT)
Received: from ?IPv6:2601:152:4400:4013:3194:825e:d3f8:7b8e? ([2601:152:4400:4013:3194:825e:d3f8:7b8e]) by smtp.gmail.com with ESMTPSA id q13-v6sm14356447qkl.97.2018.07.10.08.35.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Jul 2018 08:35:48 -0700 (PDT)
To: Tim Wicinski <tjw.ietf@gmail.com>
Cc: "dnsop@ietf.org" <dnsop@ietf.org>, dnsop-chairs <dnsop-chairs@ietf.org>
References: <153092238624.5315.17258755138091784954.idtracker@ietfa.amsl.com> <f233b9ed-a356-5124-e052-ce4833e25e43@nthpermutation.com> <468b0483-4e16-3042-a8e2-c6348126842b@nthpermutation.com> <CADyWQ+HKq1NoqMFDmGOuHK-9hDK=r28aUOsM=T=Lb=OvUCpVUA@mail.gmail.com>
From: Michael StJohns <msj@nthpermutation.com>
Message-ID: <6121b7c4-247b-7fca-ac03-c6c2196d12dd@nthpermutation.com>
Date: Tue, 10 Jul 2018 11:35:46 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.0
MIME-Version: 1.0
In-Reply-To: <CADyWQ+HKq1NoqMFDmGOuHK-9hDK=r28aUOsM=T=Lb=OvUCpVUA@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------E7F44952870FFA4B0FAA7E47"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/LXj9Lyz54LWgPRegkV1tAKumfgI>
Subject: [DNSOP] Working Group Last Call for for draft-ietf-dnsop-rfc5011-security-considerations-12; was Publication has been requested for draft-ietf-dnsop-rfc5011-security-considerations-12
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jul 2018 15:35:54 -0000
Thanks Tim - Note the changed subject line. And as you may have guessed I object to the publication of this document on the basis of quality for all the reasons previously stated. This version of the document is actually in worse shape than the one that failed last call back in October. I strongly object to the publication of this document as a Standards Track document. The appropriate status - if published - is Informational with or without a BCP tag on it. The document does not provide any implementable protocol, and by that I mean that the only protocol elements in this document must be executed by humans. There is no on-the-wire elements, nor any process that can be implemented by a DNS resolver or server. This is solely and only an operational practices document, and AFAICT, none of these have ever ended up as Standards Track. Or to put it more bluntly - humans are not protocol elements that can be standardized. Finally, this purports to update RFC7538 which is Informational. Mike On 7/10/2018 1:38 AM, Tim Wicinski wrote: > Michael > > We talked it over and if there was a process fail, it's easier to fix > now then later. I already reached out to the AD who is stepping in for > Warren to hold off for now. > > Let this be a Working Group Last Call on > draft-ietf-dnsop-rfc5011-security-considerations. This will go from > now until the end of the IETF next Friday. > > The Current Intended Status is: Standards Track > > We will be take comments on the changes now, and as well as during the > session on Wednesday. > > > Tim > > On Mon, Jul 9, 2018 at 12:05 PM, Michael StJohns > <msj@nthpermutation.com <mailto:msj@nthpermutation.com>> wrote: > > Tim/Suzanne - > > Please cancel the request for publication until you complete the > WGLC for this document. > > The last WGLC for the document was October of last year - it > failed on 28 October > https://www.ietf.org/mail-archive/web/dnsop/current/msg21225.html > <https://www.ietf.org/mail-archive/web/dnsop/current/msg21225.html>. > No WGLC has been made since then. > > The consensus referenced in the shepherd's report was meeting > consensus - not mailing list consensus AFAICT. Specifically, I'd > like to see if Ed's removed his objections. I don't have a > problem with the WGLC being used to judge consensus - but that's > not what happened here. > > Later, Mike > > > > On 7/6/2018 9:08 PM, Michael StJohns wrote: > > On 7/6/2018 8:13 PM, Tim Wicinski wrote: > > Tim Wicinski has requested publication of > draft-ietf-dnsop-rfc5011-security-considerations-12 as > Proposed Standard on behalf of the DNSOP working group. > > Please verify the document's state at > https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc5011-security-considerations/ > <https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc5011-security-considerations/> > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org <mailto:DNSOP@ietf.org> > https://www.ietf.org/mailman/listinfo/dnsop > <https://www.ietf.org/mailman/listinfo/dnsop> > > > *sigh* > > Point of order: Did I miss the final WGLC on this after this > last version was published? I can't actually find anything in > the DNSOP archives and I don't remember seeing the call. So > I'm suggesting that we've missed a required stage. > > With respect to the shepher's writeup: > > 1) The first reference in the shepherd's write-up is wrong - > its pointing to a whole other set of discussions related to > Joe Abley's ideas. > 2) The second reference isn't representative of the actual > discussion, but only shows the point at which I got worn down. > Please include a reference that actually shows the attempts to > try and resolve my issues. > 3) This document should not be a Proposed Standard as it > documents nothing implementable (that is nothing implementable > in a computer), but is operational guidance for the > publication process. > 4) Is it usual for the WG chair to write the shepherd's > report? Specifically, it seems a conflict of interest for > items (3) -(6). > 5) The technical summary is misleading. This is not an update > to 5011, but guidance to the zone publisher who may have not > understood the implications of operational choices (e.g. > steady state single trust anchor vs 5011s recommendation of > multiple trust anchors). E.g. "RFC5011 DNSSEC Key Rollover > Strategy" isn't a document referenced by this document, and > that would be the document that would be in need of an update. > 6) Same comment - it's not an update to the 5011 timers, but > to the understanding of the publishers of such zones that use > 5011. > 7) Please include references of the emails of the "root server > community" review - AFAICT, Ed Lewis was the only one to > comment on the list and the last comment was last year. > > Mike > > > Mike > > > > > > > >
- Re: [DNSOP] Publication has been requested for dr… Tim Wicinski
- Re: [DNSOP] Publication has been requested for dr… Michael StJohns
- Re: [DNSOP] Publication has been requested for dr… Michael StJohns
- [DNSOP] Publication has been requested for draft-… Tim Wicinski
- [DNSOP] Working Group Last Call for for draft-iet… Michael StJohns
- Re: [DNSOP] Working Group Last Call for for draft… Paul Hoffman
- Re: [DNSOP] Working Group Last Call for for draft… Michael StJohns
- Re: [DNSOP] Working Group Last Call for for draft… Wes Hardaker
- Re: [DNSOP] Working Group Last Call for for draft… Paul Hoffman
- Re: [DNSOP] Working Group Last Call for for draft… Warren Kumari