IETF Logo Mail Archive

Re: [DNSOP] Publication has been requested for draft-ietf-dnsop-rfc5011-security-considerations-12

Tim Wicinski <tjw.ietf@gmail.com> Tue, 10 July 2018 05:38 UTC

Return-Path: <tjw.ietf@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14C70130E0E; Mon, 9 Jul 2018 22:38:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Do6MBu9hCcAP; Mon, 9 Jul 2018 22:38:24 -0700 (PDT)
Received: from mail-wr1-x42a.google.com (mail-wr1-x42a.google.com [IPv6:2a00:1450:4864:20::42a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D83D1129C6B; Mon, 9 Jul 2018 22:38:23 -0700 (PDT)
Received: by mail-wr1-x42a.google.com with SMTP id a3-v6so3912476wrt.2; Mon, 09 Jul 2018 22:38:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=42mvlubbJXo/utJHeRwHg7jsnrWhunjrcLStPGwavBY=; b=mrs5xj2QKfvjDHjszrm0wILQlq9GjA5MELms4dd/O3lv3A8DEegv+21exTib63Ol0V gyFtq+iHpBElQpn2EVFZsrs0bV8MlcPkW8G4IrwSTYovszSQx+UrgxW62mjdOo0cmtea JxoYqLIqeVz7vzLPdQlb/WdLXeB9/767ufol1bo0UBuxz8t4xoeq4VrQ6/n0JaCtoFcs KGPcM7CrBYXgTQMVD3AFcd39HwOIBFmeqoNH1YB4SLp4Q6hm016SkNf5BgbGieDsEoIx AX2gF1gVpmYnWcFkMkCXB3MiOl3PgGe5mlDj6duH4kmaik6Ti1Y8SCMwPcNVQmEW4nQ8 XBog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=42mvlubbJXo/utJHeRwHg7jsnrWhunjrcLStPGwavBY=; b=Xs7McnhxDDLU2YV4M/zQx8LrOwZ4wwXutWhmwmKcNmwftI9MTwkaNHdlYi9raMt47/ XJvJUAZNkZd6gejckkPzD0gv6UjePWkJ9iOYLnK+webFlB0p0wKInk07k8OTq9hOBjvX h2LqS20sHWmZnXiFOdtfjqviT9/ik5rtykSKSxnFNR8ju3e8sA15OV2i6lbml6469k+o yx0UsnQ1bzxfKOoWf7ZrLaeXSekVeZVuBKJpBKRk9cJpzRY14csC4f8Bj7kOTYIahDP1 C6RXa2pPf6uU86upyn7yXx+GmknQqMLxbX8+OjQ/SSFemH4WFO3siyzN98oqdMmm0mR+ xtfw==
X-Gm-Message-State: AOUpUlGCcfuk4jQKUL+y4uRMULH095XWqHKUOvQjKySVF+eugrvLC41x jZBMb4Daf6ymrfXjdQOs1xA4YWjVSUr+8cm1V54=
X-Google-Smtp-Source: AAOMgpcD4UTsFfO23aLka9yiepX7Ynvi9XdheCwhaJ5yibz5XShhnXdJ5tJSRnbBVVa5Y9/98cSRsoPgP38rvJxCE+o=
X-Received: by 2002:adf:c554:: with SMTP id s20-v6mr447099wrf.46.1531201102458; Mon, 09 Jul 2018 22:38:22 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:adf:a414:0:0:0:0:0 with HTTP; Mon, 9 Jul 2018 22:38:22 -0700 (PDT)
In-Reply-To: <468b0483-4e16-3042-a8e2-c6348126842b@nthpermutation.com>
References: <153092238624.5315.17258755138091784954.idtracker@ietfa.amsl.com> <f233b9ed-a356-5124-e052-ce4833e25e43@nthpermutation.com> <468b0483-4e16-3042-a8e2-c6348126842b@nthpermutation.com>
From: Tim Wicinski <tjw.ietf@gmail.com>
Date: Tue, 10 Jul 2018 01:38:22 -0400
Message-ID: <CADyWQ+HKq1NoqMFDmGOuHK-9hDK=r28aUOsM=T=Lb=OvUCpVUA@mail.gmail.com>
To: Michael StJohns <msj@nthpermutation.com>
Cc: "dnsop@ietf.org" <dnsop@ietf.org>, dnsop-chairs <dnsop-chairs@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cab15505709e89a5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/TOW1hboOjRbjcQ9v04wmrVAd-Dk>
Subject: Re: [DNSOP] Publication has been requested for draft-ietf-dnsop-rfc5011-security-considerations-12
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jul 2018 05:38:28 -0000

Michael

We talked it over and if there was a process fail, it's easier to fix now
then later. I already reached out to the AD who is stepping in for Warren
to hold off for now.

Let this be a Working Group Last Call on
draft-ietf-dnsop-rfc5011-security-considerations.
This will go from now until the end of the IETF next Friday.

The Current Intended Status is: Standards Track

We will be take comments on the changes now, and as well as during the
session on Wednesday.


Tim

On Mon, Jul 9, 2018 at 12:05 PM, Michael StJohns <msj@nthpermutation.com>
wrote:

> Tim/Suzanne -
>
> Please cancel the request for publication until you complete the WGLC for
> this document.
>
> The last WGLC for the document was October of last year - it failed on 28
> October https://www.ietf.org/mail-archive/web/dnsop/current/msg21225.html.
> No WGLC has been made since then.
>
> The consensus referenced in the shepherd's report was meeting consensus -
> not mailing list consensus AFAICT.  Specifically, I'd like to see if Ed's
> removed his objections.  I don't have a problem with the WGLC being used to
> judge consensus - but that's not what happened here.
>
> Later, Mike
>
>
>
> On 7/6/2018 9:08 PM, Michael StJohns wrote:
>
>> On 7/6/2018 8:13 PM, Tim Wicinski wrote:
>>
>>> Tim Wicinski has requested publication of draft-ietf-dnsop-rfc5011-security-considerations-12
>>> as Proposed Standard on behalf of the DNSOP working group.
>>>
>>> Please verify the document's state at https://datatracker.ietf.org/d
>>> oc/draft-ietf-dnsop-rfc5011-security-considerations/
>>>
>>> _______________________________________________
>>> DNSOP mailing list
>>> DNSOP@ietf.org
>>> https://www.ietf.org/mailman/listinfo/dnsop
>>>
>>
>> *sigh*
>>
>> Point of order:  Did I miss the final WGLC on this after this last
>> version was published?  I can't actually find anything in the DNSOP
>> archives and I don't remember seeing the call.   So I'm suggesting that
>> we've missed a required stage.
>>
>> With respect to the shepher's writeup:
>>
>> 1) The first reference in the shepherd's write-up  is wrong - its
>> pointing to a whole other set of discussions related to Joe Abley's ideas.
>> 2) The second reference isn't representative of the actual discussion,
>> but only shows the point at which I got worn down. Please include a
>> reference that actually shows the attempts to try and resolve my issues.
>> 3) This document should not be a Proposed Standard as it documents
>> nothing implementable (that is nothing implementable in a computer), but is
>> operational guidance for the publication process.
>> 4) Is it usual for the WG chair to write the shepherd's report?
>> Specifically, it seems a conflict of interest for items (3) -(6).
>> 5) The technical summary is misleading.  This is not an update to 5011,
>> but guidance to the zone publisher who may have not understood the
>> implications of operational choices (e.g. steady state single trust anchor
>> vs 5011s recommendation of multiple trust anchors). E.g. "RFC5011 DNSSEC
>> Key Rollover Strategy" isn't a document referenced by this document, and
>> that would be the document that would be in need of an update.
>> 6) Same comment - it's not an update to the 5011 timers, but to the
>> understanding of the publishers of such zones that use 5011.
>> 7) Please include references of the emails of the "root server community"
>> review - AFAICT, Ed Lewis was the only one to comment on the list and the
>> last comment was last year.
>>
>> Mike
>>
>>
>> Mike
>>
>>
>>
>>
>>
>>
>>
>

v2.23.0 | Report a Bug | By Email