IETF Logo Mail Archive

Re: Evolving Documents (nee "Living Documents") side meeting at IETF105.)

Nico Williams <nico@cryptonector.com> Fri, 19 July 2019 20:13 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 709FD1207D1 for <ietf@ietfa.amsl.com>; Fri, 19 Jul 2019 13:13:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 43DqRoqnw7nq for <ietf@ietfa.amsl.com>; Fri, 19 Jul 2019 13:12:58 -0700 (PDT)
Received: from bonobo.birch.relay.mailchannels.net (bonobo.birch.relay.mailchannels.net [23.83.209.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 423311203DE for <ietf@ietf.org>; Fri, 19 Jul 2019 13:12:58 -0700 (PDT)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id B72D634257D; Fri, 19 Jul 2019 20:12:56 +0000 (UTC)
Received: from pdx1-sub0-mail-a25.g.dreamhost.com (100-96-11-126.trex.outbound.svc.cluster.local [100.96.11.126]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id E3194341F07; Fri, 19 Jul 2019 20:12:55 +0000 (UTC)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from pdx1-sub0-mail-a25.g.dreamhost.com ([TEMPUNAVAIL]. [64.90.62.162]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:2500 (trex/5.17.3); Fri, 19 Jul 2019 20:12:56 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Sponge-Sponge: 00a751186cf9eca6_1563567176458_815519113
X-MC-Loop-Signature: 1563567176457:2716762758
X-MC-Ingress-Time: 1563567176457
Received: from pdx1-sub0-mail-a25.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a25.g.dreamhost.com (Postfix) with ESMTP id F0B9183CB2; Fri, 19 Jul 2019 13:12:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=mfeKTbofM2cpwm rqUZOQSdPRERo=; b=FJPfyUmyoXL/KvVGlLUqEwvLcTLBjr8qFLlHH7DLm0v4Ca hQSumfz/PiY+HuI9959MCVcmw4zXAVonugitRWo4eJPyXHk1w2fB63H18eTWwDtE bFHIks/zMuVf+LNzyigI8Z3rH3rppZKNneFxswfJoic2D/sMfdbIR5QVo67iA=
Received: from localhost (unknown [24.28.108.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a25.g.dreamhost.com (Postfix) with ESMTPSA id F14C183CAB; Fri, 19 Jul 2019 13:12:52 -0700 (PDT)
Date: Fri, 19 Jul 2019 15:12:50 -0500
X-DH-BACKEND: pdx1-sub0-mail-a25
From: Nico Williams <nico@cryptonector.com>
To: Christopher Morrow <morrowc.lists@gmail.com>
Cc: john heasley <heas@shrubbery.net>, ietf <ietf@ietf.org>
Subject: Re: Evolving Documents (nee "Living Documents") side meeting at IETF105.)
Message-ID: <20190719201250.GG24576@localhost>
References: <8F980759-324F-49C5-925A-DF0EEABBBD21@network-heretics.com> <d08dbee2-7844-d813-0b93-5db503501c7e@gmail.com> <50E6B4DF-83FC-46A5-94E9-1FF08F597CCF@network-heretics.com> <F2D5DCCF-4051-444B-9522-9E11F9F93005@fugue.com> <869599E9-7571-4677-AB9A-961027549C54@network-heretics.com> <FBAFFC88-E3F6-46F2-867A-6F9BB09CE46F@fugue.com> <20190719032558.GE24576@localhost> <20190719180424.GE38674@shrubbery.net> <20190719190006.GF24576@localhost> <CAL9jLaYktqLrNZRFVzWZTr3AzJYt4FphykBqT6SP+VsWLhyZQQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAL9jLaYktqLrNZRFVzWZTr3AzJYt4FphykBqT6SP+VsWLhyZQQ@mail.gmail.com>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-VR-OUT-STATUS: OK
X-VR-OUT-SCORE: -100
X-VR-OUT-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeduvddrieejgddugeelucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuggftfghnshhusghstghrihgsvgdpffftgfetoffjqffuvfenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujfgurhepfffhvffukfhfgggtuggjfgesthdtredttdervdenucfhrhhomheppfhitghoucghihhllhhirghmshcuoehnihgtohestghrhihpthhonhgvtghtohhrrdgtohhmqeenucffohhmrghinhepihgvthhfrdhorhhgpdgtihhphhgvrhhlrdhsthenucfkphepvdegrddvkedruddtkedrudekfeenucfrrghrrghmpehmohguvgepshhmthhppdhhvghloheplhhotggrlhhhohhsthdpihhnvghtpedvgedrvdekrddutdekrddukeefpdhrvghtuhhrnhdqphgrthhhpefpihgtohcuhghilhhlihgrmhhsuceonhhitghosegtrhihphhtohhnvggtthhorhdrtghomheqpdhmrghilhhfrhhomhepnhhitghosegtrhihphhtohhnvggtthhorhdrtghomhdpnhhrtghpthhtohepnhhitghosegtrhihphhtohhnvggtthhorhdrtghomhenucevlhhushhtvghrufhiiigvpedt
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/WRPMUCNoeNIOuCwukJ2fOgnOCMM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jul 2019 20:13:00 -0000

On Fri, Jul 19, 2019 at 03:50:14PM -0400, Christopher Morrow wrote:
> This, 'publish between an rfc and ID' is, I think, what the
> living-documents/evolving-documents work was supposed to enable.
> I was going to dither with John's suggestion of 7525 as an example,
> mostly because TLS tends to get people's hackles up :) but.. actually,
> because of things like:
>   https://tools.ietf.org/html/rfc7525#page-11
> 
> this is a great example actually. The advice to set cipher suites and
> other options for TLS has been changing quite a bit of late, having a
> consistent location that's not 'rando website cipherl.st ?' seems like
> a great plan, to me. If that location is able to keep up in close to
> real time with all the various 'heartbleed' type problems so  much the
> better. We should be making this simpler and easier to locate and
> digest, right? and up-to-date to the best of our ability?

Good point.  Not only that, but the notion of "cryptographic strength"
of various cipher/digest/MAC algorithms and ciphersuites, public key
algorithms and protocols, PRFs, and other functions, vary over time as
cryptanalysis advances.  A registry of current perceived cryptographic
strength, subject to significantly less strenuous review than Standards
Action, would be useful.  Perhaps we could make this an IANA registry,
though that seems a bit of a stretch.

Nico
--

v2.23.0 | Report a Bug | By Email