IETF Logo Mail Archive

Re: Cross-area review (was Meeting rotation)

Phillip Hallam-Baker <phill@hallambaker.com> Sat, 26 December 2015 15:51 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9DF91ACD6F for <ietf@ietfa.amsl.com>; Sat, 26 Dec 2015 07:51:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I7pYwOh8Ohgh for <ietf@ietfa.amsl.com>; Sat, 26 Dec 2015 07:51:52 -0800 (PST)
Received: from mail-lf0-x229.google.com (mail-lf0-x229.google.com [IPv6:2a00:1450:4010:c07::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0DBB91A6EFC for <ietf@ietf.org>; Sat, 26 Dec 2015 07:51:52 -0800 (PST)
Received: by mail-lf0-x229.google.com with SMTP id y184so181563617lfc.1 for <ietf@ietf.org>; Sat, 26 Dec 2015 07:51:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=NTTlIT/eMqxvx1EksPqV5JvHspCYdr7xCrSjkeMJPk4=; b=SRim+UOLDbMyrfrCXkOndpXjkpma8CSRoC24RZPPVJJs/dshZeung15QhPNKxxQ66i CgjOM2Z0wBDZvit1N5ey08ydTsc6UZGV+kpMsl6Hrm3H99LlCISuXk3kPScEqPFaghHV 1FvvtfSSVmmqhAGZ6NGfkNzzuD2la3A9p8mGUBxpgZxSWxAf68FWW2BQAsHvpzhw2cLg hzIH2ZeR4+Ob37MKMOPk8MDC14ku2aTFQrZ5/l0pYE6pqpREk7DhjXv0sxNOAIE2pKe5 KyPphNviku9Jhl6ZeeXfafFWJJq8vh5gJqbkjLPOjvZ9lQZDpxPVAKFaU9TH9WJ9hBse 8TRg==
MIME-Version: 1.0
X-Received: by 10.25.208.206 with SMTP id h197mr16784461lfg.153.1451145110059; Sat, 26 Dec 2015 07:51:50 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.1.33 with HTTP; Sat, 26 Dec 2015 07:51:49 -0800 (PST)
In-Reply-To: <567B86EB.9030600@joelhalpern.com>
References: <CAC8QAcf=yAAGVN35tUCpX38y6_qGstGhK4iYuyhK94LVWrz-+A@mail.gmail.com> <7A7519D5-FD9B-4F4D-A7E5-AC047F684623@netapp.com> <EMEW3|02dedadbe5e65aac9732e9359a7c2dberBHGjK03tjc|ecs.soton.ac.uk|E7D065D8-CADC-4A65-8AC7-6ECE9CF63D4F@ecs.soton.ac.uk> <5674460C.1000107@krsek.cz> <4B81FA54-F79C-42CB-8024-1C653B0C9406@cisco.com> <20151218233645.GG3294@mx2.yitter.info> <56749EA4.6040801@gmail.com> <20151219000743.GH3294@mx2.yitter.info> <5676EBE9.8050304@dcrocker.net> <970B54F5-2422-4588-A95A-63E5144A8D35@gmail.com> <56789BBB.7020709@dcrocker.net> <4AE6DC68FC9B8CA113CBCDFA@JcK-HP8200.jck.com> <5678D728.2080404@dcrocker.net> <5226A23C6E26B0350DE715AE@JcK-HP8200.jck.com> <D6278A46-19AB-48D8-B55A-48FF51B7E0EC@piuha.net> <2508B3C2-8F5F-4417-8052-E73B6F34BED1@standardstrack.com> <567ACCEE.9030503@dcrocker.net> <8D23D4052ABE7A4490E77B1A012B630797A0C2DE@mbx-03.WIN.NOMINUM.COM> <567B56A9.4030302@dcrocker.net> <567B86EB.9030600@joelhalpern.com>
Date: Sat, 26 Dec 2015 10:51:49 -0500
X-Google-Sender-Auth: PiT1eZEq8qljcwbQMA36OolBFuY
Message-ID: <CAMm+LwgWjn4bDC7Aqfef5JdGrk0Yzn4uZ-cswsoAOccBonwRxA@mail.gmail.com>
Subject: Re: Cross-area review (was Meeting rotation)
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: "Joel M. Halpern" <jmh@joelhalpern.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/UCgjCnuqnYQIwedkgAWE6q01xHc>
Cc: Dave Crocker <dcrocker@bbiw.net>, IETF discussion list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Dec 2015 15:51:53 -0000

On Thu, Dec 24, 2015 at 12:47 AM, Joel M. Halpern <jmh@joelhalpern.com> wrote:
> I note in your earlier description you commented that these reviews (whose
> value you doubt) take up AD time when they should be serving as managers.  I
> note that many areas now routinely turn the primary review over to a
> directorate.  The ADs decide how much careful combing they do after the
> directorate.  That seems to enable the kind of delegating that can help,
> without mandating it, and without having rules that micro-manage how ADs do
> their job.

Well yes and no. If I am doing an early review of a doc it might be a
substitute for AD involvement. but if the doc is in IESG last call and
the Security Considerations is a back reference to one in a ten year
old RFC that doesn't actually say anything substantive, SECDIR review
is only going to be a failstop for helping make sure the document gets
attention.

What frustrates me in the reviews is that since we lack a current
description of the Internet architecture, we lack useful guidelines as
to what interactions need to be addressed and which do not.

Where a technology lives in the stack should be a guide to what other
areas it might affect and which security criteria are relevant.

For example, if we have an application specification that depends on a
particular link layer configuration, we have a layering violation. The
cure for that is not 'cross area review', it is for someone to go
learn the principles of modular architecture.

The security requirements that can be met change depending on the
layer you are working at as well. You are not going to be able to
address 'traffic' analysis at the application layer where the
architectural model does not have a concept of network topology. You
are not going to be able to address meta-data analysis at the packet
layer where there is no notion of content.


It is also worth pointing out that directorates have been abused on
occasion. A directorate should never be a cabal that second guesses
the work of working groups behind closed doors.

A lesson that it has taken us longer to understand in security than it
should have perhaps is that implementers have a choice and if we
demand too much, they leave our stuff out completely.

v2.23.0 | Report a Bug | By Email