Re: [Hipsec] I-D Action: draft-ietf-hip-rfc6253-bis-04.txt

Ari Keränen <ari.keranen@ericsson.com> Tue, 20 October 2015 14:25 UTC

Return-Path: <ari.keranen@ericsson.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FEF91A1A56 for <hipsec@ietfa.amsl.com>; Tue, 20 Oct 2015 07:25:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.901
X-Spam-Level:
X-Spam-Status: No, score=-3.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IOqcl81ogjEx for <hipsec@ietfa.amsl.com>; Tue, 20 Oct 2015 07:25:17 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD57C1A21B9 for <hipsec@ietf.org>; Tue, 20 Oct 2015 07:25:16 -0700 (PDT)
X-AuditID: c1b4fb3a-f79136d0000071e2-d7-56264ecac9c3
Received: from ESESSHC008.ericsson.se (Unknown_Domain [153.88.253.124]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id D2.A1.29154.ACE46265; Tue, 20 Oct 2015 16:25:15 +0200 (CEST)
Received: from m46.nomadiclab.com (153.88.183.153) by smtp.internal.ericsson.com (153.88.183.44) with Microsoft SMTP Server id 14.3.248.2; Tue, 20 Oct 2015 16:25:13 +0200
To: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>, Miika Komu <mkomu@cs.hut.fi>, <hipsec@ietf.org>
References: <20150922105852.742.47701.idtracker@ietfa.amsl.com> <560E5953.90002@ericsson.com> <561B7657.4020004@helsinki.fi> <561B806B.1080109@cs.hut.fi> <561B82BD.7020506@ericsson.com>
From: =?UTF-8?Q?Ari_Ker=c3=a4nen?= <ari.keranen@ericsson.com>
Message-ID: <56264EC9.6020900@ericsson.com>
Date: Tue, 20 Oct 2015 17:25:13 +0300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <561B82BD.7020506@ericsson.com>
Content-Type: text/plain; charset="windows-1252"; format=flowed
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprOLMWRmVeSWpSXmKPExsUyM+Jvje5pP7Uwg78TeSymLprMbNG87Tmb A5PHq/61zB5LlvxkCmCK4rJJSc3JLEst0rdL4Mo4saCyYKtVRVf7F6YGxjl6XYycHBICJhK3 Pu1ihLDFJC7cW8/WxcjFISRwlFHi48qHrBDOOkaJT2tns4FUCQs4S6x89BjMFhHIlOi6sheq Yy+jxJJvp5hAEmwCthK/2/eA2bwC2hJ3+z6zdzFycLAIqErMPGMLEhYVSJM4fO0DK0SJoMTJ mU9YQGxOAR2JlSf+MoOUMwvYSzzYWgYSZhaQl9j+dg4ziC0ENOXqv1eMExgFZiHpnoXQMQtJ xwJG5lWMosWpxcW56UZGeqlFmcnFxfl5enmpJZsYgSF5cMtvqx2MB587HmIU4GBU4uF9kK4a JsSaWFZcmXuIUZqDRUmct5npQaiQQHpiSWp2ampBalF8UWlOavEhRiYOTqkGxtiy2A8Zq39c 22jSodTH7Gw998sOHb+2ovfpQttilLnMUxdeapulKPZPhkv7mNxdj2AmhQgthYz9Nu3fNvBm nmi9uWnSh9KPQa7Rd2ZUnPJacmZGe/7atAnHlFewh6cF7i4/WVlwpkLL52mPtv5+p9hdSwqe O6x+M3X+0azymafOHerc5uripcRSnJFoqMVcVJwIADNI668qAgAA
Archived-At: <http://mailarchive.ietf.org/arch/msg/hipsec/NJu3MsdK-croBwRTkZImxWPgHII>
Subject: Re: [Hipsec] I-D Action: draft-ietf-hip-rfc6253-bis-04.txt
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2015 14:25:21 -0000

Hi,

For the record, +1 for removing SPKI.


Cheers,
Ari

On 12/10/15 12:51, Gonzalo Camarillo wrote:
> Hi Miika,
>
> right, that is exactly the discussion we need to have. In general,
> standards track documents should not reference Experimental specs. We
> can remove the reference, as suggested by Samu below, find an
> alternative reference, or figure out whether in this case it could be
> acceptable to keep the reference... but if nobody intends to implement
> or deploy SPKI, then removing the reference would be the obviously right
> thing to do.
>
> Any other opinions?
>
> Cheers,
>
> Gonzalo
>
> On 12/10/2015 12:42 PM, Miika Komu wrote:
>> Hi,
>>
>> I don't have a strong opinion, but I guess SPKI should be dropped since
>> the HIP CERT work is going proceed to the standards track.
>>
>> On 10/12/2015 11:59 AM, Samu Varjonen wrote:
>>> Hi Gonzalo & all,
>>>
>>> all but one of the nits are easily fixed. The one downref to RFC2693 is
>>> the only harder one as I do not think it will ever proceed to anything
>>> more than experimental. The work on RFC 2693 stopped in 1999. Over 114
>>> papers have been written about it since. Even few this year but all
>>> point to that experimental RFC. Moreover, it seems (in my opinion) that
>>> currently there is little or no interest in continuing SPKI work nor
>>> there is any interest in the industry to implement SPKI as it basically
>>> provides the functionality of X509v3 with different syntax. One option
>>> would be to remove the examples and mentions about SPKI in the
>>> RFC6253bis. What do you guys think?
>>>
>>> BR,
>>> Samu Varjonen
>>>
>>> On 02/10/15 13:15, Gonzalo Camarillo wrote:
>>>> Hi Samu,
>>>>
>>>> thanks for revising the draft. There are still a few things that need to
>>>> be fixed before I can request its publication. From the output of the
>>>> nits tool:
>>>>
>>>> https://www.ietf.org/tools/idnits?url=https://www.ietf.org/archive/id/draft-ietf-hip-rfc6253-bis-04.txt
>>>>
>>>>
>>>>
>>>>>     -- The abstract seems to indicate that this document obsoletes
>>>>> RFC6253, but
>>>>>        the header doesn't have an 'Obsoletes:' line to match this.
>>>> You need to add an Obsoletes: header to the header part at the beginning
>>>> of the draft. Additionally, you also need to add an Updates header as
>>>> follows:
>>>>
>>>>     Obsoletes: 6253
>>>>     Updates: 7401
>>>>
>>>> Note that the original RFC updated RFC 5201 and, thus, had an Updates
>>>> header:
>>>>
>>>> https://tools.ietf.org/html/rfc6253
>>>>
>>>>>     == The document seems to contain a disclaimer for pre-RFC5378
>>>>> work, but was
>>>>>        first submitted on or after 10 November 2008.  The disclaimer
>>>>> is usually
>>>>>        necessary only for documents that revise or obsolete older
>>>>> RFCs, and that
>>>>>        take significant amounts of text from those RFCs.  If you can
>>>>> contact all
>>>>>        authors of the source material and they are willing to grant
>>>>> the BCP78
>>>>>        rights to the IETF Trust, you can and should remove the
>>>>> disclaimer.
>>>>>        Otherwise, the disclaimer is needed and you can ignore this
>>>>> comment.
>>>>>        (See the Legal Provisions document at
>>>>>        http://trustee.ietf.org/license-info for more information.)
>>>> You are the same authors as in the original RFC. Do you both agree to
>>>> remove the disclaimer?
>>>>
>>>>>    == Unused Reference: 'RFC4843' is defined on line 349, but no
>>>>> explicit
>>>>>        reference was found in the text
>>>> Does this reference need to be removed or used somewhere in the text?
>>>>
>>>>>     ** Downref: Normative reference to an Experimental RFC: RFC 2693
>>>> RFC 6232bis is intended to be a Proposed Standard. Can we reference a
>>>> Standards Track RFC instead of this one? Otherwise, we will need to talk
>>>> with our AD so make sure it is OK to normatively reference an
>>>> Experimental RFC.
>>>>
>>>>>     ** Obsolete normative reference: RFC 4843 (Obsoleted by RFC 7343)
>>>>>     ** Obsolete normative reference: RFC 5996 (Obsoleted by RFC 7296)
>>>> Could you please update the two references above?
>>>>
>>>>>     ** Downref: Normative reference to an Experimental RFC: RFC 6253
>>>> This downref is obviously OK... but what about making it an
>>>> Informational reference instead?
>>>>
>>>> Could you please revise the draft addressing all the comments above?
>>>>
>>>> Thanks,
>>>>
>>>> Gonzalo
>>>>
>>>>
>>>> On 22/09/2015 1:58 PM, internet-drafts@ietf.org wrote:
>>>>> A New Internet-Draft is available from the on-line Internet-Drafts
>>>>> directories.
>>>>>    This draft is a work item of the Host Identity Protocol Working
>>>>> Group of the IETF.
>>>>>
>>>>>           Title           : Host Identity Protocol Certificates
>>>>>           Authors         : Tobias Heer
>>>>>                             Samu Varjonen
>>>>>      Filename        : draft-ietf-hip-rfc6253-bis-04.txt
>>>>>      Pages           : 11
>>>>>      Date            : 2015-09-22
>>>>>
>>>>> Abstract:
>>>>>      The Certificate (CERT) parameter is a container for digital
>>>>>      certificates.  It is used for carrying these certificates in Host
>>>>>      Identity Protocol (HIP) control packets.  This document specifies
>>>>> the
>>>>>      certificate parameter and the error signaling in case of a failed
>>>>>      verification.  Additionally, this document specifies the
>>>>>      representations of Host Identity Tags in X.509 version 3 (v3) and
>>>>>      Simple Public Key Infrastructure (SPKI) certificates.
>>>>>
>>>>>      The concrete use cases of certificates, including how certificates
>>>>>      are obtained, requested, and which actions are taken upon
>>>>> successful
>>>>>      or failed verification, are specific to the scenario in which the
>>>>>      certificates are used.  Hence, the definition of these scenario-
>>>>>      specific aspects is left to the documents that use the CERT
>>>>>      parameter.
>>>>>
>>>>>      This document extends RFC7401 and obsoletes RFC6253.
>>>>>
>>>>>
>>>>> The IETF datatracker status page for this draft is:
>>>>> https://datatracker.ietf.org/doc/draft-ietf-hip-rfc6253-bis/
>>>>>
>>>>> There's also a htmlized version available at:
>>>>> https://tools.ietf.org/html/draft-ietf-hip-rfc6253-bis-04
>>>>>
>>>>> A diff from the previous version is available at:
>>>>> https://www.ietf.org/rfcdiff?url2=draft-ietf-hip-rfc6253-bis-04
>>>>>
>>>>>
>>>>> Please note that it may take a couple of minutes from the time of
>>>>> submission
>>>>> until the htmlized version and diff are available at tools.ietf.org.
>>>>>
>>>>> Internet-Drafts are also available by anonymous FTP at:
>>>>> ftp://ftp.ietf.org/internet-drafts/
>>>>>
>>>>> _______________________________________________
>>>>> Hipsec mailing list
>>>>> Hipsec@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/hipsec
>>>>>
>>>
>>> _______________________________________________
>>> Hipsec mailing list
>>> Hipsec@ietf.org
>>> https://www.ietf.org/mailman/listinfo/hipsec
>>
>> _______________________________________________
>> Hipsec mailing list
>> Hipsec@ietf.org
>> https://www.ietf.org/mailman/listinfo/hipsec
>
> _______________________________________________
> Hipsec mailing list
> Hipsec@ietf.org
> https://www.ietf.org/mailman/listinfo/hipsec
>