Re: [Gen-art] Gen-art LC2/Telechat review of draft-ietf-insipid-session-id-24

"Gonzalo Salgueiro (gsalguei)" <> Mon, 15 August 2016 21:58 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D34B212D1B9; Mon, 15 Aug 2016 14:58:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -15.768
X-Spam-Status: No, score=-15.768 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.247, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id WlYHNuoj3h93; Mon, 15 Aug 2016 14:58:32 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 29A6D12B020; Mon, 15 Aug 2016 14:58:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=6414; q=dns/txt; s=iport; t=1471298312; x=1472507912; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=XlxkLVPMnLEoR+tyTlP1eU7Z0BgrI937WpQse9KZL/M=; b=MANv0qL1Zzay0VkY5Yr6CZmWR1/qsEZCilR27mGZP6bjQGAH3wZDJHP9 saIPxueyLyw7Vdnm3nKinJTfScFZl3wh4CZeQ+MajFfuLYhgIpFMhUvX+ a7I6q9ZhyXzRZHrFPNMgGl2uo4Mf/fNV3no1iSywMI96pXewyPQds+I5q s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.28,527,1464652800"; d="scan'208";a="136143205"
Received: from ([]) by with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Aug 2016 21:58:31 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id u7FLwVm3000352 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 15 Aug 2016 21:58:31 GMT
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1210.3; Mon, 15 Aug 2016 16:58:30 -0500
Received: from ([]) by ([]) with mapi id 15.00.1210.000; Mon, 15 Aug 2016 16:58:30 -0500
From: "Gonzalo Salgueiro (gsalguei)" <>
To: Ben Campbell <>
Thread-Topic: Gen-art LC2/Telechat review of draft-ietf-insipid-session-id-24
Thread-Index: AQHR9O9AFG3Jb5FqJ0aZOBQE9qJauaBK1qOAgAATn4A=
Date: Mon, 15 Aug 2016 21:58:30 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-ID: <>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <>
Cc: General area reviewing team <>, Elwyn Davies <>, "" <>
Subject: Re: [Gen-art] Gen-art LC2/Telechat review of draft-ietf-insipid-session-id-24
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 15 Aug 2016 21:58:34 -0000

Hi - 

I agree with Ben on all points.  One inline point that bears reinforcement:

> I believe the working group intent was that the definitions stated in RFC 7206 are the ones used in the protocol.

This is exactly right.  In fact, this was a very tedious and drawn out process where we had to solicit Robert Sparks to mediate and edit the specific text defining a ‘session’ in this context and in turn determining very precisely the scope of the work.



> On Aug 15, 2016, at 4:48 PM, Ben Campbell <> wrote:
> Hi Elwyn:
> Responsible AD Hat on:
> I'm going to enter a DISCUSS position, to make sure this point gets discussion among the IESG before this progresses. The whole point of the repeated last call was to get feedback on the downref, and this certainly counts :-)
> All hats off:
> As an individual, I still disagree. Specifics inline:
> On 12 Aug 2016, at 18:14, Elwyn Davies wrote:
>> Hi, Ben.
>> AFAICS there is only one really similar case (downref to RFC 6707) which was approved just last month (based on a problem statement).
> I'm pretty sure there are more than that; the idea that terminology references may need to be normative has come up repeatedly during IESG reviews over the past year or so.
>>  My concern here is that the other framework and requirements documents are documents that continue to have a relevance (such as telling a network operator what is necessary to allow deployment of some IETF-defined technology) rather than being something that defines what a WG is intending to work on (RFC 6707 and RFC 7206 are respectively a problem statement and a protocol requirements statement).  As we know, there has been some considerable discussion of whether we should really be publishing these documents as RFCs given that they are snapshots of a discussion position at a point in time and are only really of academic interest once the working group has done its work.
> I agree that we should cut down on publication of "requirements", "use case", etc documents that do not have long term archival value. But I don't think there should be as hard of a line as you describe. In particular, sometimes they are valuable for nailing down especially hard-won consensus about requirements. I think that is true for RFC 7206.
> But in any case, I think this is a red herring. RFC 7206 has been published. This discussion isn't going to change that.
>>  Allowing them to be used as normative references further embeds them into the system.
> I don't see why. Not every action creates a precedent. I do not propose that we add RFC to the downref registry.
>> I would also caution that terminology and such like as defined in (protocol) requirements and problem statements are generally written and approved prior to the standards documents in which the are referenced. Further, I am not totally convinced that the same degree of rigour is applied to the review of this type of document.  Thus it is vitally important to ensure that the definitions are still correct, complete and reflect what is needed for the standard(s):  The protocols don't always exactly match the requirements - and there may have been some subtle bending of the meaning of terms over time!
>> If the downref is to be accepted, then I (and other reviewers) need to go back and have a harder read of the definitions, unless they think they already did.
> I believe the working group intent was that the definitions stated in RFC 7206 are the ones used in the protocol.
>>   One consequential question: Is it time for either an update or some commentary on RFC 3967 as there seems to be a relaxation of the statements in Section 2?
> RFC 3967 section 2 makes no attempt to be exhaustive. It basically says "there are some reasons to make exceptions. Here are some examples."
> (There actually is an ongoing discussion about relaxing bits of RFC 3967. See draft-leiba-3967upd-downref-00, especially the third paragraph of section 1.)
>> However
>> My view is just that... if the authors, WG, you as AD and the IESG are happy with the downref and I am in a minority of one (or a very small number) of the IETF, then there is rough concensus and I'll be fine with the outcome.  It is only a gen-art revew...
> It's a gen-art review on an IETF last call done _specifically_ for the downref, so I think the outcome is relevant :-)
>> Cheers,Elwyn
>> PSI note that it wouldn't be too late to undo the relaxation.. the draft referencing RFC 6707 is still with the RFC Editor ;-)
>> /E
> [...]
> Thanks!
> Ben.