IETF Logo Mail Archive

Re: Results of IETF-conflict review for draft-williams-exp-tcp-host-id-opt-07

Ted Hardie <ted.ietf@gmail.com> Mon, 01 February 2016 17:55 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A426C1B3369 for <ietf@ietfa.amsl.com>; Mon, 1 Feb 2016 09:55:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id orrNwGCRHqIA for <ietf@ietfa.amsl.com>; Mon, 1 Feb 2016 09:54:59 -0800 (PST)
Received: from mail-qg0-x236.google.com (mail-qg0-x236.google.com [IPv6:2607:f8b0:400d:c04::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 386E41B3368 for <ietf@ietf.org>; Mon, 1 Feb 2016 09:54:59 -0800 (PST)
Received: by mail-qg0-x236.google.com with SMTP id b35so124292478qge.0 for <ietf@ietf.org>; Mon, 01 Feb 2016 09:54:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=MVPVQ+18duB3b6fiFglJLcgPAQqf22LQDwBZnXjOha4=; b=09tTbEyJBWQEW4iTQGMEvqYHbmmMRhTHnyUSkbGg6+tN1DOPmvfuDci4YbnB938s9j UJdwC0tn2aLb9+0tY0nj7Dj9SBD1WfQQS/3hoc37JsGcy6jC5yZaMEXHjurODd66oPoR UW8GasFUvvlsMMEwBJNBWpGHq66tq16PlYQ5T/4TjorDB9sfGBCl1o1vHvP0lbA1CfGM /s8+8FpelWep2eCxJO6sTs1PeumDvt426J9fkp7N5UouZ1OGC337SRHOZCUnK3vuy4fy 4Au60yL7RjVV+H57vcwnbVLAe1v0JPUK19Yad7zv+8rcOpow8NV700cPavofuONsrOMr Bg+A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=MVPVQ+18duB3b6fiFglJLcgPAQqf22LQDwBZnXjOha4=; b=B+WmifrcCRZXa0jHu6RcUCR1RIYDtVg3XIzP6Bw2/BhhRVaQlbgbcOO7ROnKAJzaX7 DdX0lVVmpvWDL36lXTY6w60DV2Omnn9uaiJTP+7QTaMeY7f9Dd2JzCYBNJhJhjbuxgWt 1HUTf962l7DF3yjbiL3AIFev1s0wePdA6tio7hQEh6xr9KdiFOP1u4mw7q2641ae3FSa YosWPcz8Na58wiF4zhBf/ZisMiVFnF8bmZ+aBTnSKA/iZudPLLRyqHhVcQOCzgFgw1yU CdRLSiKQw5HIbxkaIlJEV1Iy85k2ZEZiJ4b4WkkAwSozlHqJXLGGbx7+gXFduybt1wq1 5YwQ==
X-Gm-Message-State: AG10YOS0JJV++pofaG3jIsXU9mmPjY/Md9458lQRGFCzC7Q5vQt955OaAdZ776A/GKhnxTWftvZ1rDb/Dtj/3A==
X-Received: by 10.140.136.146 with SMTP id 140mr31803187qhi.6.1454349298377; Mon, 01 Feb 2016 09:54:58 -0800 (PST)
MIME-Version: 1.0
Received: by 10.55.14.211 with HTTP; Mon, 1 Feb 2016 09:54:38 -0800 (PST)
In-Reply-To: <56AD0AB5.60206@gmail.com>
References: <20160125231333.27786.50459.idtracker@ietfa.amsl.com> <56A897AE.9060900@alvestrand.no> <CA+9kkMC+43PFvd_ZdR4EXV6zW2+FH67dpXeghWU8NtvbB8RzOg@mail.gmail.com> <56AC7416.2000206@cisco.com> <56AD0AB5.60206@gmail.com>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Mon, 01 Feb 2016 09:54:38 -0800
Message-ID: <CA+9kkMBVCwauo5zEEMgiwSaxS+4G4n2wzAT=5b3+VzpBZyJgzw@mail.gmail.com>
Subject: Re: Results of IETF-conflict review for draft-williams-exp-tcp-host-id-opt-07
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Content-Type: multipart/alternative; boundary="001a113711c84f2db4052ab915da"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/ZgzcyJwLASGMUbY5GVjQ-bZtoKs>
Cc: Harald Alvestrand <harald@alvestrand.no>, IETF <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2016 17:55:01 -0000

On Sat, Jan 30, 2016 at 11:10 AM, Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> Ted,
>
> On 30/01/2016 21:28, Eliot Lear wrote:
> ...
> > On 1/27/16 4:50 PM, Ted Hardie wrote:
> ...
> >> ​Yes, and we have historically said that publishing things in
> >> the ISE stream when they counter IETF specifications can
> >> only be done when the IESG deems there to be no conflict
> >> with IETF specifications.
>
> Not so. What the community has said (in RFC 4846) is that such a conflict
> is a legitimate ground for the IESG to object to publication, with the IETF
> procedures around this documented in BCP 92. It is then the ISE's
> prerogative
> to decide whether to publish or not, after reviewing the IESG's objection
> and any other relevant input.
>
> That includes, but is not limited to, input from the Editorial Board, of
> which
> I am a member.


​Brian,

You are right; I wrote in haste and should have said can only be
done after consultation with the IESG on delay or commentary.

The larger point is that we have tried to make sure that there is
a flow of communication between the IESG (and IETF) and the
ISE about the relationship of work brought to the ISE and ongoing work,
as well as on what John called the question of whether a particular
candidate document is 'dumb or dangerous'.

It is on this latter point that  I hope that the editorial board and
ISE spend their time.  The document before the ISE represents
an example of a pattern of behavior that is deeply inimical to privacy
on the network: identifying metadata insertion by middleboxes
("The information conveyed in the HOST_ID option is intended to uniquely
identify the sending host
​").  It is certainly not the first time we have
seen this pattern nor the first time it has been documented in an RFC.
But supporting it again, as an option to TCP itself, carries a very high
risk.
That risk is that users' trust in the network, already eroded by government
action, will erode further or fail.  If this document flatly described what
is being done or spoke in depth about the risks, it might still be worth
publishing.  It does not.  It speaks about this in terms of an experiment,
which it is
not, and it speaks about the value in terms far more laudatory than are
warranted.
That is the point of danger I believe the IESG saw clearly, and that is the
point
on which I support their recommendation.

If the ISE and the editorial board remain conflicted on this point, I note
that
the ISE may ask for further advice from the IAB:

   The RFC Editor or the author may request that the IAB review the
   IESG's request to delay or not publish the document and request that
   the IAB provide an additional opinion.  Such a request will be made
   public via the RFC Editor Web site.  As with the IESG review itself,
   the IAB's opinion, if any, will be advisory.  And, as with author
   requests for an IAB technical review (see Section 4.5
<https://tools.ietf.org/html/rfc4846#section-4.5>), the IAB is
   not obligated to perform this type of review and may decline the
   request.

While I do not speak for the IAB on this point, I would personally work to
see that it
did not decline and provided a response promptly, should the ISE request
one.

As noted above, this would be advisory and it may well not be
necessary given the review no doubt being done now by the advisory board.

regards,

Ted

v2.23.0 | Report a Bug | By Email