Re: Method of Contact - Consultation on DRAFT Infrastructure and Services Vulnerability Disclosure Statement
"Livingood, Jason" <Jason_Livingood@comcast.com> Thu, 06 August 2020 19:36 UTC
Return-Path: <Jason_Livingood@comcast.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F29A3A0E39 for <ietf@ietfa.amsl.com>; Thu, 6 Aug 2020 12:36:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b=A830w2X3; dkim=pass (2048-bit key) header.d=comcast.com header.b=X+d3749D; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=comcastcorp.onmicrosoft.com header.b=laJIxq+w
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c-h0cVkKrFlC for <ietf@ietfa.amsl.com>; Thu, 6 Aug 2020 12:35:59 -0700 (PDT)
Received: from mx0b-00143702.pphosted.com (mx0b-00143702.pphosted.com [148.163.141.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8613A3A0E3A for <ietf@ietf.org>; Thu, 6 Aug 2020 12:35:59 -0700 (PDT)
Received: from pps.filterd (m0184891.ppops.net [127.0.0.1]) by mx0b-00143702.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 076JYkea024916 for <ietf@ietf.org>; Thu, 6 Aug 2020 15:35:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=20190412; bh=6Go8gVnWx8ztUWP7kSJkLNGUVLM5IqLhyMG+Z8qzABc=; b=A830w2X3uN9yaFfdk06QYFGRJvcyvTlW7lAKp5fcEerko2ji5vZGuD3Moj2yf2pxZ9O6 gm0+GksP256F67bgqrYATKedf3cYW0OIH16u2cOcYwARbohb9hRgpnJOkNYr+w/1C0rT f1EUt7HDCpAwjbQjl+0ifz3zyoaAa/jKTfLjavI0S3RP4Q209y2fWOh7ME1kWHzDD1GG mktVggtsCOOV0TwKqsjAT0qNvkScEN+Tdbkx+1i6gQSCIOUDPTMYBw8fpaoyhkOXygNc kNaWuV7Q48fw4DASfH+0GkFu9OL/ane5Fp/7uTJkcYlG+a2+ji5LHNe+SgBVuohJaUlG Xw==
Received: from pacdcmhout01.cable.comcast.com (PACDCMHOUT01.cable.comcast.com [68.87.31.167]) by mx0b-00143702.pphosted.com with ESMTP id 32n82e6aqp-12 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <ietf@ietf.org>; Thu, 06 Aug 2020 15:35:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; d=comcast.com; s=20190412; c=relaxed/simple; q=dns/txt; i=@comcast.com; t=1596742557; x=2460656157; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=6Go8gVnWx8ztUWP7kSJkLNGUVLM5IqLhyMG+Z8qzABc=; b=X+d3749DTPAQZcBbnJA65ksbNvmm6ZpE2ibpWsELi27LsdofyPe0pvohQa4Yl97T AkhFwBQ/NqnSaFU/M+9cYGrGZ4pbf6iN14ZUxBTCj1NBLpeEy9IPCPxSGW3OVb44 Awl9rwB47INukCXzLJECoY6aCwBpn9QJuG20cgYwOFjIOf3N2tt9j3arjGWJG3ZM IeftZyzyno5XJ1kcMAy3C6Uuj/QvgzypP6ojOi2VCaKTHf9PmDH6+7p7p+XTMFap aoUY6pu91WE69w5dNRva6TO2ABiTkqD88qZke+llfx4fvXDjyc5gMUp7sgaS03/L Rwmvc18w9wI3NB4R5BsyAw==;
X-AuditID: 44571fa7-417ff70000018e96-75-5f2c5b9d0554
Received: from PACDCEX53.cable.comcast.com (cas-umc02.ndceast.pa.bo.comcast.net [68.87.34.28]) (using TLS with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client did not present a certificate) by pacdcmhout01.cable.comcast.com (SMTP Gateway) with SMTP id E2.17.36502.D9B5C2F5; Thu, 6 Aug 2020 15:35:57 -0400 (EDT)
Received: from PACDCEX09.cable.comcast.com (24.40.1.132) by PACDCEX53.cable.comcast.com (24.40.2.152) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 6 Aug 2020 15:35:56 -0400
Received: from PACDCEXEDGE01.cable.comcast.com (76.96.78.71) by PACDCEX09.cable.comcast.com (24.40.1.132) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 6 Aug 2020 15:35:56 -0400
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.168) by webmail.comcast.com (76.96.78.71) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 6 Aug 2020 15:35:55 -0400
Received: from MN2PR11MB4287.namprd11.prod.outlook.com (2603:10b6:208:189::17) by MN2PR11MB4173.namprd11.prod.outlook.com (2603:10b6:208:137::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.15; Thu, 6 Aug 2020 19:35:54 +0000
Received: from MN2PR11MB4287.namprd11.prod.outlook.com ([fe80::a8bd:6861:d1e5:e613]) by MN2PR11MB4287.namprd11.prod.outlook.com ([fe80::a8bd:6861:d1e5:e613%3]) with mapi id 15.20.3261.019; Thu, 6 Aug 2020 19:35:54 +0000
From: "Livingood, Jason" <Jason_Livingood@comcast.com>
To: Jay Daley <jay@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Subject: Re: Method of Contact - Consultation on DRAFT Infrastructure and Services Vulnerability Disclosure Statement
Thread-Topic: Method of Contact - Consultation on DRAFT Infrastructure and Services Vulnerability Disclosure Statement
Thread-Index: AQHWbAI3zbupAS5px0i1n9NAFehPLakrdRaA///BbgA=
Date: Thu, 06 Aug 2020 19:35:53 +0000
Message-ID: <BA6A4F37-0AE8-464B-8890-4791DBFE5113@cable.comcast.com>
References: <965FAE2A-59D2-4D4B-8D95-76B84483C379@cable.comcast.com> <3E6BF9FC-E7B3-4386-BED0-E3D3966D7395@ietf.org>
In-Reply-To: <3E6BF9FC-E7B3-4386-BED0-E3D3966D7395@ietf.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.39.20071300
authentication-results: ietf.org; dkim=none (message not signed) header.d=none; ietf.org; dmarc=none action=none header.from=cable.comcast.com;
x-originating-ip: [2601:87:4280:7190:7c3f:fa9f:8ee1:42bf]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 778fe3f7-7bc1-401e-d236-08d83a3feeff
x-ms-traffictypediagnostic: MN2PR11MB4173:
x-microsoft-antispam-prvs: <MN2PR11MB417349FBED1994071062D505C7480@MN2PR11MB4173.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: N4XQbJKUDnJZKHakQzZ/wPU1VCh8pmXWy9ml7/haoKaTFgPjlSH2yvoHry0LtTfXTG0E8iGsdE/PCNA73cOr1461qu6euEc5Og5RoRby4YYzqS0+FSwjADnH8ceuftVIKpvyObVooWmYphGajLX2+JhftS/ooGLQmEvCRYAIGkjs4rJpbPBTWx9bL1EQrft9OgPZaNXtM5+ua/DEvgwKNR4VbgiYRXW0F1U+50R7sc73Ka8ZpjmZhbFzcGSCUlaY5mzxisvIA9Z6fK6EzJ+cmCx56XweZSHQU5zN8OWJOsqeJRcLT8f9rMv1/43wA8uD6M6HfP6+UnH6ihWvYSj8XQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4287.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(366004)(396003)(39860400002)(376002)(346002)(6512007)(6486002)(33656002)(5660300002)(83380400001)(66946007)(66476007)(66556008)(110136005)(66446008)(316002)(450100002)(64756008)(76116006)(8676002)(8936002)(2906002)(86362001)(6506007)(2616005)(478600001)(186003)(71200400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: bKIUmEumb+XTdNcRRQ0yuCVO3qcALWMWqwn1IR2WGxPO/uC1DEAHXbFzmrtEf2lIb2UVydzztsDAQODX29aB2k4Jz6LSFu0bBiKXK7QuzW5ud6qMSC9kIEnVgL+0P8l5wy7OuVexpccLYc+gJI0nc4ebqKZ2LaEAykmp3YechJ0HK3/ntfovVWK9svXycR+VKczV92JmfpirzwrniWKKFwIMuL+F0MThUmGkIOV4JSAWK4zbeQvMLHdbTcHh9k8h0tG5DGKg0hOW/5NFQMGeAGgF+tUSbRh5gvPhBs7ZJWrP9Bflm8iskmys6HsLy+zGZua5r4HfoJYA0LOC15guUPZ7ZTkv5xNAQ7RGPUHjdkhLs63xueUvekjH7Z5yEHR6TVbjfDAnFg9OAxu4k5QvqT3/MYKLMD/LNhiFhnZoaT7ErI3jW8fWjaUyRzE8C5LoKDLsbqQ0JfFWjPALxvHGTdBrCxPilxOlDG1BbrpAWHbLiDAN2spAAqhHsZ/9fpS5KPWxqiFpk1T7QvpXHu0ArzKFNEyUqiqrIt/2bJ0ZKh3btD3dNKfZ9s2h7PGx2fG/aSuMnhIPsQESbgdDRO4SZQncszhAGwFvjqgCgJZ1xZQ3t8O9OVJ0x+KpNlNxmbGnUkKMWkOuiA6oXJ18s0sX/aCwt7qi0gOwJHCIjQMsTMQV0kEdhf+9gxAjLxNsiceeAujES3Ygaxag02DIX2uarw==
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HgUs8v/o7nMzYbcMsRT69fgK07n7R3dJyrFfcIY/WxhvE8vEIQtQt5le/tT33VqvOQ8MmHUl0tyPWAsEQ5yX/e8gyravF3YoKVRYboDWUB8GTZlIvU/pjOpzSSS3pRol83o6N5jfYDkbJpS9WYediXXCqr1gVJhO+sRE85rGZcyJhZonmYpNG8A9o6fVZTSlgkDIiHPe3hrORver19CA9c8CDXcBq3++aKaGLNPiM2gcrKVIYuH7hTq/KhcMOat6rOKTd2DfEVCDLregeJMbuHk7psQmKyvZvRApYLjWTZIHO48H7IXCl1HcR0Nr6dM81p6sgMKgEnF02bVPEg92xw==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pao9I8cXnL+nxnFl8AcB86PRwof1ipz006tU+f+37zk=; b=WQSjYj91liUQZDVIJgmUCJShryeHjZo6H7Y3ug/aPKPyAL5NEBDxl3epajc1U8TaiUYDr4Y+gyzYaHLfldFT4T/rRIo44K0gYxetKock1T6tRtXzj1aRvArJv3ywQqWhQ1fFwganSPoD1Xo9qKGMuz7DQcb+5716kLuuKjYa7eznOASCMdkQgYlVLFzs2vFFn0e6ZK4vKu/yYxULg3YJrX+qjwZ4slgMdKG/zWtMJpFyPKxGgRxB0OM9Igd+CaIF9Y8TC4eTiFAmDw2k6EK5IyWaylLrdqRozxv/azHqWMs3NH7e9Xsl2w3oOtRTByJlIJuqT8e9HUzqmM7r7ZoY6Q==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cable.comcast.com; dmarc=pass action=none header.from=cable.comcast.com; dkim=pass header.d=cable.comcast.com; arc=none
dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pao9I8cXnL+nxnFl8AcB86PRwof1ipz006tU+f+37zk=; b=laJIxq+wMWqAr7YbEksGitcmHusMA2geREl8chqEFCL7kFKC15NDXc+PNgaynKO4YhP6FxUiq32FoYqz+2+/QGqYEGxwDQA8KpzUjiGi158vhw6feEjcd5UKqDP7D4dA7/fJleECue8lBWDVFe0+XVhbkZGqhvH3XLIRyst3U7U=
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB4287.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 778fe3f7-7bc1-401e-d236-08d83a3feeff
x-ms-exchange-crosstenant-originalarrivaltime: 06 Aug 2020 19:35:53.8719 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: XmvU3/m1qFMVqeUX0UPUFCndUGb5fsmtif5fKVPMJqCwQRaNmZpYVHoEigAA/7S4tMnlL9oVhrZcbFojl3NumhHtcENHzki/W9RJyqG7ZuM=
x-ms-exchange-transport-crosstenantheadersstamped: MN2PR11MB4173
x-originatororg: cable.comcast.com
Content-Type: text/plain; charset="utf-8"
Content-ID: <2D23A88CCB6CBF41A3AFD78194CEC4DE@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmphleLIzCtJLcpLzFFi42JxCVeS0Z0brRNvsGytusWzjfNZLJ7Ons3o wOSxZMlPpgDGKC6blNSczLLUIn27BK6Md3O3sBe84a6YeqaNqYHxCHcXIyeHhICJxML5X9i6 GLk4hASOMEns/tvHDOHsZJSY/a6bFcK5wijRvnQXVOYoo8S3XUegnCVMEpt/fWSEcB4ySrya dZ4JZDKbgJnE3YVXmEFsEQFbiQW7NrGB2MIC5RK/pz1igYhXSPzatR/KtpI42HKDFcRmEVCR eDHvDVg9r4CLRGPTKrA5QgJlElceTwCbzylgI7G1/z5YL6OAmMT3U2vA4swC4hK3nsxngvhO QGLJnvPMELaoxMvH/8DmiwroS7zu2MkEcjSjwARGif6WD1BFlhK/n52GapaVuDS/mxHC9pV4 1faeFcLWkui8eh0qni1xdXsjG4StLtHycR5UjZzEqt6HLBC2jMSDG9vBQSwh8JtJ4snRd+wQ zmVmicbGgywTGE1nIbl8FiMHkK0psX6XPoTpIfFztTlEhaLElO6H7LPA4SIocXLmE5YFjKyr GHnMLPQszPWMDfUMzcw3MYLThvzyHYzbZ2UcYhTgYFTi4f3hqBMvxJpYVlyZe4hRgoNZSYQ3 64V2vBBvSmJlVWpRfnxRaU5q8SFGaQ4WJXHeCVdfxAkJpCeWpGanphakFsFkmTg4pRoY+zQm t7DkSyc6bN1RY70/c8HP6TdSitSyp77QmLJbXdvnysYjCy+K7PPb0bLqj8Q7J0Omu/OMC+6l ZQkddVv7UuZC+hyhcna9e+JeuY+8zScLXA3cOtFebeuJ/1dda5ZpLv1TdE339Ax2sQdKD4+/ fSos5f5Dt5xXJm7ikr2RG55xXHsj+S7lnhJLcUaioRZzUXEiAEBYMtYXAwAA
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-08-06_15:2020-08-06, 2020-08-06 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/tFrY7S8nZy8IeET-YyTgzCPEwc4>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Aug 2020 19:36:01 -0000
> Just a reminder that a PGP key will be published as part of this policy and referenced in the policy as the means for securing email. This is again in line with common practice. Of course. I'm not sure how universal or easy-to-use PGP email is as compared to just hitting a web page with TLS though... > The well known address is security@ but in the IETF context there are concerns about using mailto:security@ietf.org as that might be misinterpreted as referring to the SEC area or the general subject of security in the IETF and so the alternative of mailto:security@llc.ietf.org has been suggested. In my personal view (*no LLC hat*) it seems odd that this would mean the creation of a new email sub-domain, which seems unnecessarily complicated & unique (having had to deal with mail at a sub-domain for many years at work until we simplified things). So I suppose address@ietf.org rather than address@subdomain.ietf.org if my personal preference. As to what the address is, security@, bugreports@ or vulnerabiltyreports@ all seem worth considering. Jason (sharing personal views)
- Re: Method of Contact - Consultation on DRAFT Inf… Livingood, Jason
- Re: Method of Contact - Consultation on DRAFT Inf… Salz, Rich
- Re: Method of Contact - Consultation on DRAFT Inf… Randy Bush
- Re: Method of Contact - Consultation on DRAFT Inf… Christopher Morrow
- Re: Method of Contact - Consultation on DRAFT Inf… Jay Daley
- Re: Method of Contact - Consultation on DRAFT Inf… Jay Daley
- Re: Method of Contact - Consultation on DRAFT Inf… Livingood, Jason
- Re: Method of Contact - Consultation on DRAFT Inf… Salz, Rich
- Re: Method of Contact - Consultation on DRAFT Inf… Michael Richardson
- Re: Method of Contact - Consultation on DRAFT Inf… Paul Wouters
- Re: Method of Contact - Consultation on DRAFT Inf… Benjamin Kaduk
- Re: Method of Contact - Consultation on DRAFT Inf… Salz, Rich