IETF Logo Mail Archive

Re: RFC Errata junk

tom petch <daedulus@btconnect.com> Thu, 31 March 2022 10:04 UTC

Return-Path: <daedulus@btconnect.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51C603A0CF2 for <ietf@ietfa.amsl.com>; Thu, 31 Mar 2022 03:04:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zIQTTafBLoP2 for <ietf@ietfa.amsl.com>; Thu, 31 Mar 2022 03:04:22 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on20714.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1b::714]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A65933A0CEF for <ietf@ietf.org>; Thu, 31 Mar 2022 03:04:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=a3edMSMjTXT4nJoUzgd5K8u8/otdBYBo5O+eh53WTMe6hwovj6FDXwP7VlnjQFLsjhIdxUDfBflGoGwrhM7oSU28wGnUOE0R1KvE2mWZ1OI5AYD5sUiEo+g24pnpbmQvfsDMX1hZzxAaMGCdJVbt44ikGfeXJaJ7uwUqB8XMpvwscDaBjD2RbLkR6sI4hxONkuFLYR0uuBFZ6BfgDo33DNNjNEKQZ91M5Ig5jJ+ed2HmPR+DXpF2b2Ung+vxWtiILaGcYDH2N21ljMQQrZDOBUBPqvW/+9FBhS3CgnzYgE3CGSq8MgcyGPZLAY2ORGzTvmkNF3WdbkIK2FhYsKQMdw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+hLjVbacanlBZ28DfLhGKSt13lgwhH0GK5kdtqXyFsg=; b=g6kn+v5nMDoavKQXZH8007zG6YwMjmDaFNpyzSzhCSzePoX120B7W2LbK4T3z94va6ZogwSkUKh6b9Qd5ps5G0lfh761vXwe5aB68ce8Xt6NElDoCeCfmPhl/QNcfrDZMPHBK7Zl826m/3COj1s6RPeuIiTvJkxEvuu+EbAPqp56SHXyYoFqhUM8PoqJ67/HdmWXWOGeqqJQeS9Jw1J6qHFKMe/VlHSEZ/lh/4+PN8MFy1x9LnLa7bwsUOBF5qo/XEUcS/s+KLLa6FRPDM6LdoYfOmvpgRFI2DJWOFPiMXsCE4wyZzUt20vUhq9HXpf9et4U93dhzaJfb7vALf0MTQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+hLjVbacanlBZ28DfLhGKSt13lgwhH0GK5kdtqXyFsg=; b=lvBrl1iLA8DuPidrWn/0DN5SKrVD/ie+5sy55G8NrHCFASInL6T8/vY9U4IxS/T/IlVUpS6dZL/+v9JDQvBCRRhFAvr5v3bHmBhxDI8GCeLiZRJQ89wO5gJK4Z+LNKuUvowxAVLlwSdserwuEc5dWs2RSh2si69dzf/wzqXABYc=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=btconnect.com;
Received: from VI1PR07MB6704.eurprd07.prod.outlook.com (2603:10a6:800:18b::8) by HE1PR0701MB2108.eurprd07.prod.outlook.com (2603:10a6:3:27::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5123.21; Thu, 31 Mar 2022 10:04:12 +0000
Received: from VI1PR07MB6704.eurprd07.prod.outlook.com ([fe80::7d74:a1dd:1b6c:e2cd]) by VI1PR07MB6704.eurprd07.prod.outlook.com ([fe80::7d74:a1dd:1b6c:e2cd%7]) with mapi id 15.20.5123.021; Thu, 31 Mar 2022 10:04:12 +0000
Subject: Re: RFC Errata junk
To: John C Klensin <john-ietf@jck.com>, Robert Raszuk <robert@raszuk.net>
References: <CAOj+MMGTqqYjgSvrs1F7-aCwCcOf8Vhp+LXd+UGJkKfnKbKRFg@mail.gmail.com> <63B0FDB4074D63C79049050D@PSB>
Cc: IETF Discussion <ietf@ietf.org>
From: tom petch <daedulus@btconnect.com>
Message-ID: <62457C97.5070402@btconnect.com>
Date: Thu, 31 Mar 2022 11:04:07 +0100
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
In-Reply-To: <63B0FDB4074D63C79049050D@PSB>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ClientProxiedBy: LO4P123CA0014.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:150::19) To VI1PR07MB6704.eurprd07.prod.outlook.com (2603:10a6:800:18b::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: d0d7696e-9b3a-45cb-8c3d-08da12fdce6d
X-MS-TrafficTypeDiagnostic: HE1PR0701MB2108:EE_
X-Microsoft-Antispam-PRVS: <HE1PR0701MB2108090D0F660321755A6F15C6E19@HE1PR0701MB2108.eurprd07.prod.outlook.com>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: k0cP5H8BiHRzV3oxBLNreFCXV9f+p655dIDBXw6JK2Bbt9/TfloVEnun/qnF/ND3/4VmJu3HJoi5KsxdNoMMvazFxSHaLwSnRz3lfSn/ET+SNf0nj57O/NuFJBt15m7Gox+nq2zET99b2msLCQD7mQlpTtxOFF3XV3qWvjyM+bVXYDc3I6agNJ5xdhF7rIZVI+oAdtfF9LcJvf09WxBNrupzntuWxzf/+pu7DIGL9RyCujYz5ZQYxSpit7NRP2TkkvjHsT3iIKpSHex1/W0kkeiL/dWJHLcwAwtZ7WIxCoLQMwAThMti7NMyV7uFRkqy12ICTST5+Tx43LVsV6wAXZZB4OGnMoev7elNlhObxjduXbRMWz4Og6Bk32MwFq0T9eRr4N2J9CUs0fqgkbWa028k1qcYdCPym/uH1/pGahTCp3+iCAPjxJWyMy4nA102ZVzPnOt/tdVRNP4l7S8zAGcVvc7c12PP42ZJansuPg0jSEErnErFIx+5sH3ihsAkuM66iiFMCI1pcUo5xOXTw07750SpRsIXsdMPQMp70kfhNlsX00AhS9HXAemYdYpnHTsUY+j7V/KmOjXd+kkyNubtK4DcKi6djdwSthyHsh/T5BeVb8rI4x7/l/YgHjCgIUkDRIfnB6io3kgCYkuvSG2yK48F03ph784uHZrgGp3RYVrwB74tN4c6UmizpkG6Z/b9lk1uLK10QCkbdtqAW0oB/3LH0HyYe6UBXNXeGnIkkrTLMFOmO9cWnwyJhbYB
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR07MB6704.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(86362001)(6666004)(8676002)(6512007)(66476007)(5660300002)(83380400001)(2616005)(53546011)(87266011)(33656002)(52116002)(7116003)(508600001)(66946007)(4326008)(8936002)(66556008)(6506007)(38350700002)(316002)(3480700007)(110136005)(38100700002)(186003)(2906002)(82960400001)(6486002)(36756003)(26005); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: mx1EQBVHSE4tc0cwu7cgboK/KmI8kLiDkRzSuwjOUJHusnA/HPgJCBkDGCzGQQf6zkNYstYUc16M+l2TFaGZLwctQTJr9OBny5Q2zmJ+yyRGhfJky/b/2Yf+4EzTcIGDxK9ojwjocyWQ0STn//GKVjXPPPZXI/4JxYWB3podSdfkiG/Llh/AJVypgQljbXv95EcaMKKCImF2AV3h8zGeXdFNNI66gqDZfFqvAOpC7ZwtKzg/BYSv9lXO+iairP0Xq5pulvhTE+oNlJW3CXTSOI6HbandcybpZdeJzLu4xXXDmGSEAQvdZ+scmJEuF6tdcnjx1uwyd420z52M3zcBd0q5u7gjY0+BOkfbm4afFHf4lLymBJaPj25OnUgTQXZUfKo+TAoD6wC3J3uXUKDQ387a7cdaGYnHVQvt5QpHIepBzsuHztzKoLdLXIIH6dIX3qioyLozw2uM5IhQBEFjgR1cSbjD0F69eJPRmAglWHGJU9p9vXSYvP8w7pdeGZXB2LqkMXKaf9uR1SUm6u7UZGXfb83XLb3NAs7gC3uehe58FxFdj/jAx6N7k7d8CGCKxT/rd/0Flgane26ZFu2sRYLkDhy5PVxLUori8XS3Rj4SYV5SD/0TYDWU/gq9Fq0X/+XmI5Z0iadV/rcIkR0toZ4sqY37QHEqaJuLo+8vVojut2Y1UCk1arASZqf9YwZ9EXIlpMiKSutDxReZY3z/MIwUt08cvwsTMmdvyDYCGFq2TlKZpEc1190iEAMLhUiT3cOphal74y0oTcMwgfeVKQ5NnEON0Dt/f2eVErr+m8GP1FCv9nqDjWgVCIajSS9epTmKFS2d7yiXqUs9NBNEMHV8sZTmbACMuopxsfdRAwsmzNiCG0sDjYQHOz/IkjdpKVARi1xADcfJbIZBdeSQ0KYy4avXUUcxsjYKfKHq2z8bac2uLQxGK02b/8TVmRTMjBsK/vN7JV/zZCM0YD91Znh90YkXgTXBDeAguC/08jZ6g8ufBv5V6Y8W+q0Ob58+KATupd2GrgvXLFsER5tbn/PkSpSLoU8KSvMxcebm+YZWeYEFhV59nOae6cZkMmeTwX5qkCSsC/r1XjLiA8ACuzUjwJWMkc2vXKaDfmChNCpgbDvWGIFvFEC4IvokH7lcx6MxbKsHAYQX9a4eW+s8RWjyvzCEXU7Stt3+nJOrAuuWBed3R+RiorKV0mI20pI9FhuwwCJjleOchwc5eyNqRQw85u3uRz03ZPyKHw++Qs5myuPA2t4vzOdPSULvawhO/MnGT3BKk079dGik5xuuPh6PxDZbkih6+3pCdxzVxBBfP31cEwr+PtuGneK5DMoPmC4cjG0S+vKfTnDvFOILNn3/sC2dPoy3qD/xqJD5e26syeGAnmew86omrmgrHVvAQRB52+u6Nb9p2ynkn7m40rar/9aSTduIzgbZLKMsvl1cvkhazIyAH+44imEXG6WhS0Eh+RVYkiWD1Jps5y+Z3SmOEuIQu1oAOnHgtcd5nmPWtAKqVmZc5ivzpOu5UqNbeQ/YdKpqpp47Lf8vImMUUrz9XsUELLWwYuxsd9ddq85F9pXb1S58hVdionDFOE3sP7Q1KBINU05nQtfIdRZAU/yGshkoKGIhc8HKFGZGlbi0gYvkPUk1OD7ibHHmFalKXequtRkpHE8Lz2KWUODbrbsDDP+WN050yDXHm4U7ahwn1RKQChhnyE1r3fKgA0Iq80DFQRTfQhNS+outv0Rz7XclJjx0/eICD+W8WeQ6DKo=
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d0d7696e-9b3a-45cb-8c3d-08da12fdce6d
X-MS-Exchange-CrossTenant-AuthSource: VI1PR07MB6704.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Mar 2022 10:04:12.6751 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: Y78pFOwNK4FVUqfzOZXC3l5bsZx6NUYqqH9EPASIsjUTf0DvvNu54ls+Z81lBRwVfRKjWWpgdu26goa9/40Vjg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2108
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/6EwEjPkc6HXZgy6c453Qc7ddNgU>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2022 10:04:28 -0000

On 31/03/2022 02:08, John C Klensin wrote:
>
  --On Thursday, March 31, 2022 00:57 +0200 Robert Raszuk
> <robert@raszuk.net> wrote:
>
>> Hi,
>>
>> We are observing more and more bogus RFC Errata submissions
>> which makes no sense technically.
>>
>> Some of them look like phishing attempts to get valid email
>> addresses of those kind enough to respond to the author.
>>
>> Perhaps its time to require IETF login authentication before
>> submitting RFC errata ? Interestingly the email addresses of
>> folks reporting it are also never seen on any IETF WG list so
>> that could also be a perhaps valid auto check.
>
> I suggested this (after getting tangled up in one of those
> submissions) some days ago.  To summarize John Levine's response
> and our discussion in the hope of saving time:
>
> * An effort is in progress to get a CAPCHA into the submission
> process.
>
> * If changes such as requiring an IETF login (as both you and I
> proposed) are desired, they probably have to await complete
> rebuilding of the RPC's tool set for which there is now an RFP
> in progress.
>
> * The RPC does try to remove these bogus submissions down after
> a few days so they don't clutter the permanent errata record.
> That suggests to me that waiting several days before responding
> to an errata report might represent good judgment and some
> protection against attacks (if they actually are attacks).

My experience is that they are removed much more quickly than that and 
so are not much of a problem for users.  I would resist the idea of a 
login, as Brian says.  A three-way handshake would do, as would a 
CAPTCHA although I did see a report a few years ago that hackers could 
now defeat them.

Tom Petch





>
>   best,
>     john
>
> .
>

v2.23.0 | Report a Bug | By Email