IETF Logo Mail Archive

Re: [DNSOP] Publication has been requested for draft-ietf-dnsop-rfc5011-security-considerations-12

Michael StJohns <msj@nthpermutation.com> Mon, 09 July 2018 16:05 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5200130E48 for <dnsop@ietfa.amsl.com>; Mon, 9 Jul 2018 09:05:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zyzuuLVG_DSG for <dnsop@ietfa.amsl.com>; Mon, 9 Jul 2018 09:05:21 -0700 (PDT)
Received: from mail-yb0-x241.google.com (mail-yb0-x241.google.com [IPv6:2607:f8b0:4002:c09::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25D76130E31 for <dnsop@ietf.org>; Mon, 9 Jul 2018 09:05:21 -0700 (PDT)
Received: by mail-yb0-x241.google.com with SMTP id s14-v6so7387731ybp.13 for <dnsop@ietf.org>; Mon, 09 Jul 2018 09:05:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20150623.gappssmtp.com; s=20150623; h=subject:from:to:references:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=XlJdwznXyYhPRKiwc6TVQJ39tLIL3oPnK/6q7fkqSz4=; b=nKMzOB3ZC3JCdT7Jf1rV4KQFqGKhNpD9Tt+x9E2tDPCAtgKngxzfrJOSyvM7C5c7af p7b9ejYNfuihOYyxGo6jHZszwFJRpJ8vjDe5Z3f0jKgLU85v5g+oC0VRo4SN4/o6MtJn J0vKfDjDP/9aUihm1nelCpYT/xye5oHWcQJOECT8AtwKnXq37sITzrXzqQ1Dp/vCWwwm YQfMpVNEt0sNOMxdLjdKnpsHdvDEXY4rBZSYnWcoDR9GJ7YSerJ0MLxN76I/VR/u5J6f Y4k20LjLYFJ7GEL3um3f+0U2MqkiuMiQjfpPN06s6mVI0BIYrpGQ1qsjPlmtfpiORMI/ afyA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:references:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=XlJdwznXyYhPRKiwc6TVQJ39tLIL3oPnK/6q7fkqSz4=; b=IOBK+gyYEXiuGh3WLBK44IrtMdzfPPZHNADmpgMGeel/Ezg6DT86LaVkDxHvpbKd99 kYwTXgHljEHtC23gxKaGZDY12Zq0mGKotDTcgM+a0Va+81uGCeYULCvrxZ0BPyORVb7A o7ncXjZHXJIDfTUR5fTCxEN5+o9k6qPXhRU44lbEemtzRrJREBeiaiVw7fdkfNH5b87A cvT1bdfTp9WasO/4w0slOfWZnJBClJK1xqbiNbjt9d67SMVRAxGb1wEQYn+c2NAxRZhm KkkdLLjyNu4pqTu1I6Zqq2ijOCjHq8ctP7PB4JGahjuIvE2VyfCNMMqKAf+DekXcNaaN 4S7Q==
X-Gm-Message-State: APt69E33DYjgwypWhg/Q+hMOP6n60RXZTOtzoK53coz9wjX8F+7i0pWk dTvQI0tDyK3esy7y2r/hx0fzkg==
X-Google-Smtp-Source: AAOMgpfedXZEdbWwwCv99x/PSbbwDVYlB/YD5UWt8+YF8YOtChucZoIgifitpprdPXdlfK2OTWE0PQ==
X-Received: by 2002:a25:4a85:: with SMTP id x127-v6mr10954923yba.135.1531152320071; Mon, 09 Jul 2018 09:05:20 -0700 (PDT)
Received: from ?IPv6:2601:152:4400:4013:e15c:4f61:42fa:338e? ([2601:152:4400:4013:e15c:4f61:42fa:338e]) by smtp.gmail.com with ESMTPSA id q3-v6sm6391216ywe.56.2018.07.09.09.05.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 09 Jul 2018 09:05:19 -0700 (PDT)
From: Michael StJohns <msj@nthpermutation.com>
To: Tim Wicinski <tjw.ietf@gmail.com>, "dnsop@ietf.org" <dnsop@ietf.org>, "suzworldwide@gmail.com" <suzworldwide@gmail.com>
References: <153092238624.5315.17258755138091784954.idtracker@ietfa.amsl.com> <f233b9ed-a356-5124-e052-ce4833e25e43@nthpermutation.com>
Message-ID: <468b0483-4e16-3042-a8e2-c6348126842b@nthpermutation.com>
Date: Mon, 09 Jul 2018 12:05:15 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.0
MIME-Version: 1.0
In-Reply-To: <f233b9ed-a356-5124-e052-ce4833e25e43@nthpermutation.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/NoM5yoKil0jVkcQbwmrIrewzkJQ>
Subject: Re: [DNSOP] Publication has been requested for draft-ietf-dnsop-rfc5011-security-considerations-12
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2018 16:05:23 -0000

Tim/Suzanne -

Please cancel the request for publication until you complete the WGLC 
for this document.

The last WGLC for the document was October of last year - it failed on 
28 October 
https://www.ietf.org/mail-archive/web/dnsop/current/msg21225.html. No 
WGLC has been made since then.

The consensus referenced in the shepherd's report was meeting consensus 
- not mailing list consensus AFAICT.  Specifically, I'd like to see if 
Ed's removed his objections.  I don't have a problem with the WGLC being 
used to judge consensus - but that's not what happened here.

Later, Mike


On 7/6/2018 9:08 PM, Michael StJohns wrote:
> On 7/6/2018 8:13 PM, Tim Wicinski wrote:
>> Tim Wicinski has requested publication of 
>> draft-ietf-dnsop-rfc5011-security-considerations-12 as Proposed 
>> Standard on behalf of the DNSOP working group.
>>
>> Please verify the document's state at 
>> https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc5011-security-considerations/
>>
>> _______________________________________________
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
>
> *sigh*
>
> Point of order:  Did I miss the final WGLC on this after this last 
> version was published?  I can't actually find anything in the DNSOP 
> archives and I don't remember seeing the call.   So I'm suggesting 
> that we've missed a required stage.
>
> With respect to the shepher's writeup:
>
> 1) The first reference in the shepherd's write-up  is wrong - its 
> pointing to a whole other set of discussions related to Joe Abley's 
> ideas.
> 2) The second reference isn't representative of the actual discussion, 
> but only shows the point at which I got worn down. Please include a 
> reference that actually shows the attempts to try and resolve my issues.
> 3) This document should not be a Proposed Standard as it documents 
> nothing implementable (that is nothing implementable in a computer), 
> but is operational guidance for the publication process.
> 4) Is it usual for the WG chair to write the shepherd's report? 
> Specifically, it seems a conflict of interest for items (3) -(6).
> 5) The technical summary is misleading.  This is not an update to 
> 5011, but guidance to the zone publisher who may have not understood 
> the implications of operational choices (e.g. steady state single 
> trust anchor vs 5011s recommendation of multiple trust anchors). E.g. 
> "RFC5011 DNSSEC Key Rollover Strategy" isn't a document referenced by 
> this document, and that would be the document that would be in need of 
> an update.
> 6) Same comment - it's not an update to the 5011 timers, but to the 
> understanding of the publishers of such zones that use 5011.
> 7) Please include references of the emails of the "root server 
> community" review - AFAICT, Ed Lewis was the only one to comment on 
> the list and the last comment was last year.
>
> Mike
>
>
> Mike
>
>
>
>
>
>

v2.23.0 | Report a Bug | By Email