Re: Call for Community Feedback: Guidance on Reporting Protocol Vulnerabilities
"Joel M. Halpern" <jmh@joelhalpern.com> Wed, 28 October 2020 18:53 UTC
Return-Path: <jmh@joelhalpern.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6D263A0B3A for <ietf@ietfa.amsl.com>; Wed, 28 Oct 2020 11:53:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.345
X-Spam-Level:
X-Spam-Status: No, score=-2.345 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.247, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m64AMYYzC0jt for <ietf@ietfa.amsl.com>; Wed, 28 Oct 2020 11:53:57 -0700 (PDT)
Received: from maila2.tigertech.net (maila2.tigertech.net [208.80.4.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C0463A0B38 for <ietf@ietf.org>; Wed, 28 Oct 2020 11:53:57 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by maila2.tigertech.net (Postfix) with ESMTP id 4CLyQs36zvz6G9Xj; Wed, 28 Oct 2020 11:53:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1603911237; bh=L+kkV5vQ+tPi6Qs3uvISLxJsIoJq64ZOxQ7Ld79sgeY=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=V0oJbmw78mkm2BIfm4cLzOwhVIJ/I/d72GMQODYFe0VzkwFndBSY7c09gjXc3Rq9l EqBOKLhB+7S+RZcEw0QiILW2PVlfMuEwGvsLjM8efYsGHuVtiohrMqhBPSCPqEM8+7 ATGTKbBWYh3CjWmBgn5KKtU3lBhJsefg0TXPsOgo=
X-Quarantine-ID: <mFJZmAqGU7LZ>
X-Virus-Scanned: Debian amavisd-new at a2.tigertech.net
Received: from [192.168.128.43] (unknown [50.225.209.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by maila2.tigertech.net (Postfix) with ESMTPSA id 4CLyQr5C7Zz6G7s9; Wed, 28 Oct 2020 11:53:56 -0700 (PDT)
Subject: Re: Call for Community Feedback: Guidance on Reporting Protocol Vulnerabilities
To: Benjamin Kaduk <kaduk@mit.edu>, Michael Thomas <mike@mtcc.com>
Cc: The IETF List <ietf@ietf.org>
References: <5081794697df44d8bd76b675cf08dc23@cert.org> <09B0A1A1-6534-4A44-A162-9962FFF8D8B8@cisco.com> <362d68dd6117452f925322f8180de423@cert.org> <B864FFAE-3E3E-4CEF-B832-4552C8BAE70B@cisco.com> <61d17bb9-9056-ecbd-e7f8-e7bd5bd27d97@mtcc.com> <01RRASWVT8OO005PTU@mauve.mrochek.com> <3552cbcd-2d6e-da06-5d66-d0218f6c57ac@mtcc.com> <F8E98E25-CAEE-43CF-B65C-3186844F4A29@cisco.com> <5d4bc8a9-4955-dde3-6022-7bdb2f5dc7ae@mtcc.com> <20201028184208.GF39170@kduck.mit.edu>
From: "Joel M. Halpern" <jmh@joelhalpern.com>
Message-ID: <f7e0ec4a-4d61-076c-4638-5e9683f7b505@joelhalpern.com>
Date: Wed, 28 Oct 2020 14:53:56 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1
MIME-Version: 1.0
In-Reply-To: <20201028184208.GF39170@kduck.mit.edu>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/j9RGaSILXEyrsqnBiwBX8uVCvVw>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Oct 2020 18:53:59 -0000
I hope I am missing something. I have trouble thinking of a case where a security vulnerability in our work could be reasoanbly captured in an erratta that is anything other than "held for future update". The errata system is not an issue tracker for RFCs. Accepted errata are not supposed to be changes to the WG agreement, even if the WG got it wrong. They are supposed to be cases where the words on the page do not say what the WG meant. this can be a missing (or added "not", or verbiage so opaque that anyone not in the room can't figure out what it means (although most of the time the RPC catches those before RFC publication.) it is not for the cases where the WG agreed on a protocol that has a security hole, bug, or potential misbehavior. Heck, in the case of 8200 I have to agree with the AD that an errata was not the way to fix ambiguous wording that the WG agreed on, even when folks later came up with an interpretation that had not been considered by the WG. Errata simply are not for things that change existing WG agreements. Yours, Joel On 10/28/2020 2:42 PM, Benjamin Kaduk wrote: > On Tue, Oct 27, 2020 at 11:27:13AM -0700, Michael Thomas wrote: >> >> On 10/27/20 11:00 AM, Eliot Lear wrote: >>> I think what you are pointing out is that maybe it would help if these >>> things were properly tracked against anything that would update or >>> obsolete existing work. We might even be able to automate the >>> response along the lines of: >>> >>> * A working group is currently working on an update. Please feel >>> free to join in the fun at... >>> * A working group is currently working on a replacement (e.g., >>> obsolete). Please feel free to join in the fun at ... >>> * No current update is in progress. In addition to filing an >>> erratum, we invite you to provide an update through our errata >>> process, and perhaps through our standards process. You can >>> contact <insert AD here> for more information. >>> >>> >> My impression is that errata has a pretty high barrier to entry if it's >> potentially controversial. There doesn't seem to be any easy mechanism >> to do a one off update that requires wg buy in to get enough eyeballs on >> the problem to make certain that the fix is correct. it's like you need >> something similar to a critical security update to your OS, say, which >> needs to be well vetted by the devs, but doesn't want to wait for the >> next point release. > > There are several WGs where we've had extended discussions over the text to > put in a potential errata report, before the report gets submitted. > >> If errata is that mechanism for something controversial, it's news to >> me. Mostly what i've seen with errata are minor fixes which the wg chair >> and/or authors can sign off easily. > > I don't think that errata are the definitive mechanism for potentially > controversial things or things that require intrusive changes to resolve, > but they can be an appropriate tool. A drive-by errata report without > additional discussion is probably not going to be the most effective way to > make progress on such issues, but it can definitely be useful to have the > issue documented in an errata report, even as a revision to the RFC is > underway to fix the issue. > > -Ben >
- Call for Community Feedback: Guidance on Reportin… Roman Danyliw
- Re: Call for Community Feedback: Guidance on Repo… Salz, Rich
- Re: Call for Community Feedback: Guidance on Repo… Dan Harkins
- Re: Call for Community Feedback: Guidance on Repo… Eliot Lear
- Re: Call for Community Feedback: Guidance on Repo… Töma Gavrichenkov
- Re: Call for Community Feedback: Guidance on Repo… Michael Richardson
- Re: Call for Community Feedback: Guidance on Repo… Toerless Eckert
- Re: Call for Community Feedback: Guidance on Repo… Loganaden Velvindron
- Re: Call for Community Feedback: Guidance on Repo… Toerless Eckert
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- Re: Call for Community Feedback: Guidance on Repo… Eliot Lear
- Re: Call for Community Feedback: Guidance on Repo… Toerless Eckert
- Re: Call for Community Feedback: Guidance on Repo… Salz, Rich
- Re: Call for Community Feedback: Guidance on Repo… Toerless Eckert
- Re: Call for Community Feedback: Guidance on Repo… Salz, Rich
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Michael Richardson
- Re: Call for Community Feedback: Guidance on Repo… Phillip Hallam-Baker
- Re: Call for Community Feedback: Guidance on Repo… ned+ietf
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Eliot Lear
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- Re: Call for Community Feedback: Guidance on Repo… Pete Resnick
- Re: Call for Community Feedback: Guidance on Repo… Salz, Rich
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… ned+ietf
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Eliot Lear
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Toerless Eckert
- Re: Call for Community Feedback: Guidance on Repo… Eliot Lear
- Re: Call for Community Feedback: Guidance on Repo… Salz, Rich
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- Re: Call for Community Feedback: Guidance on Repo… Toerless Eckert
- Re: Call for Community Feedback: Guidance on Repo… Eliot Lear
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Pete Resnick
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Eliot Lear
- Re: Call for Community Feedback: Guidance on Repo… Pete Resnick
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Toerless Eckert
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Benjamin Kaduk
- Re: Call for Community Feedback: Guidance on Repo… Benjamin Kaduk
- Re: Call for Community Feedback: Guidance on Repo… Benjamin Kaduk
- Re: Call for Community Feedback: Guidance on Repo… Benjamin Kaduk
- Re: Call for Community Feedback: Guidance on Repo… Joel M. Halpern
- Re: Call for Community Feedback: Guidance on Repo… Benjamin Kaduk
- Re: Call for Community Feedback: Guidance on Repo… Jay Daley
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- Re: Call for Community Feedback: Guidance on Repo… Michael Thomas
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- Re: Call for Community Feedback: Guidance on Repo… Eliot Lear
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- Re: Call for Community Feedback: Guidance on Repo… Eliot Lear
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- RE: Call for Community Feedback: Guidance on Repo… Roman Danyliw
- Re: Call for Community Feedback: Guidance on Repo… Dan Harkins