Re: [DNSOP] Expiration impending: <draft-jabley-dnssec-trust-anchor-11.txt>

"Joe Abley" <jabley@hopcount.ca> Mon, 05 October 2015 14:14 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FBFC1ACE1C for <dnsop@ietfa.amsl.com>; Mon, 5 Oct 2015 07:14:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bjE2kVCUf9DK for <dnsop@ietfa.amsl.com>; Mon, 5 Oct 2015 07:14:10 -0700 (PDT)
Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A27F1ACE15 for <dnsop@ietf.org>; Mon, 5 Oct 2015 07:14:10 -0700 (PDT)
Received: by ioiz6 with SMTP id z6so186298651ioi.2 for <dnsop@ietf.org>; Mon, 05 Oct 2015 07:14:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-type; bh=S4iQh9djN+wLD1Zxz63U2IyOepocdpU4RqfzRbReaXw=; b=WoTDqPt9VM3a37g+rUldlOx+ZiL/7CJN74HDODcJUiueJNzQVeSop3Boi/ja5a4y+b GXadSl4Ctntip6VK1FSw2B1OZ6yvRaU8YWv+tBeu94m9rvbp76LTxBAHx8x5hK9gr2hC imc+qfrZ7AvKhhDK5bcursw2kXn2NMwz2q4gM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-type; bh=S4iQh9djN+wLD1Zxz63U2IyOepocdpU4RqfzRbReaXw=; b=Uxe6i5K4UIY3tSxJZwPRpG5nYTTWU0Leju9llI2XVg54/yzW/XwwI5lN55stBc1DLE Nw1oGNA+tL0MLmGSoNmScVy/43ElaSCYtY5njSLdbU19DQrzoYDy0m05vKqUmkdMEPSY gaxo4YdEO8Ckb5K/88Z/SyRTxbCJYtnlv7zPnBqgZP1QOFKYH2bYmM6P4FkBV0yKrN1c Y3wzwiCBCF9bup01hK4SUGtopf/K3bHU6qT/8I4E/V9PHM6uf8vGLJBfsowPQoczH6JG uXRph1P0KIvtShxI96aBA2HnwfxnBEuYLa7uLpiX1YnIRyYpJuBU3Eh9unlyOnIh51io bOeA==
X-Gm-Message-State: ALoCoQnUnFwbZhpcwMN579/njaofXUTessxuxMqE3QLPMKXJytw/WftWp5Ue5sZ8PFxack1YhHNx
X-Received: by 10.107.170.37 with SMTP id t37mr28094056ioe.166.1444054449359; Mon, 05 Oct 2015 07:14:09 -0700 (PDT)
Received: from [199.212.92.18] (135-23-68-43.cpe.pppoe.ca. [135.23.68.43]) by smtp.gmail.com with ESMTPSA id j9sm4872666igx.3.2015.10.05.07.14.08 (version=TLSv1 cipher=RC4-SHA bits=128/128); Mon, 05 Oct 2015 07:14:08 -0700 (PDT)
From: Joe Abley <jabley@hopcount.ca>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Date: Mon, 05 Oct 2015 10:14:07 -0400
Message-ID: <9F52E6FC-E503-4E3A-9998-363BF514CC1A@hopcount.ca>
In-Reply-To: <F412CE02-C0BA-425E-BBF9-3A40B2B5FEA7@vpnc.org>
References: <20150928114202.823.19868.idtracker@ietfa.amsl.com> <0E4AA958-7740-4602-A3CF-D2E481DBC15E@hopcount.ca> <20150928155325.GA63874@gaon.net> <20150929095301.32c3e6a3@casual> <13F1D87F-1C07-40EB-86B0-564C4109C9B0@virtualized.org> <1973252D-924F-4EF1-A38F-5EC01AD331F6@gmail.com> <FDD04DCC-59C5-41F5-8CAF-1EF31CD65A34@virtualized.org> <63E1E01E-C172-4A0F-B434-F796546BB657@gmail.com> <C4FA9FA6-76E3-4FF3-862B-C5C0DF75C761@kirei.se> <D1C15986-603E-4932-B551-0497638D9849@vpnc.org> <02869F43-87A4-4797-8FD3-276C02DF665D@kirei.se> <EEA946B1-8BF3-4AB7-99D2-4C8CDCCF0EC0@vpnc.org> <F412CE02-C0BA-425E-BBF9-3A40B2B5FEA7@vpnc.org>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.2r5141)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/cIMXZldXWjxgeCKKE8Dsm1d9cKo>
Cc: dnsop WG <dnsop@ietf.org>
Subject: Re: [DNSOP] Expiration impending: <draft-jabley-dnssec-trust-anchor-11.txt>
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2015 14:14:11 -0000

Hi Paul,

On 5 Oct 2015, at 9:52, Paul Hoffman wrote:

> Given that the title and abstract of this document disagree with what 
> many people here have said they want the document to discuss, if the 
> WG adopts this work item, please adopt an exact description of what is 
> wanted with the expectation that this draft could be changed to fit 
> the description.
>
> I still believe the description of the document people want is best 
> done by ICANN because it is ICANN who can describe what the 
> publication process is today.

I think we're conflating a couple of things that could perhaps be better 
considered separately.

1. This document could be published by ICANN through the IETF if they 
want to make it part of the historical record (what we did in 2009/2010) 
and also provide a reference to current practice that is easier to find 
(and doesn't have DRAFT written all over it) than the current reference 
that I think is only buried within root-dnssec.org. There's precedent 
for this, see e.g. RFC 7108 which was published as an individual 
submission. If we followed the same path, we'd be looking at dnsop to 
review for clarity and accuracy, but we wouldn't be asking for adoption.

2. The current draft was originally written by me as ICANN staff and 
Jakob as an ICANN contractor. If there's a need to add current ICANN 
staff to the author list to make it look more official, surely we could 
do that (as we did with 7108, actually, which was published after I left 
ICANN).

3. If ICANN prefers not to see this draft published in the RFC series, 
then that's a good reason not to do it. The value in this document 
(wherever it is published) lies in it being real, which means we need 
ICANN's support, e.g. through references in the KSK maintainer's DPS. If 
that's the preference, let's hear so, clearly. Right now it's difficult 
to distinguish between individual contributors' opinions and the desires 
of the IANA Functions Operator.

4. If there are elements in the current text that don't match current 
practice, then let's hear what they are. So far comments to that effect 
are causing some alarm, but without details it's hard to know what to do 
with them.

I am not advocating for any particular direction -- I'd just like to 
move this draft *somewhere*, whether that's towards the IESG or towards 
the garbage can of history. Every time we rev the doc without just to 
stop it expiring, another kitten dies.


Joe