IETF Logo Mail Archive

RE: Backdoor standards?

"Gorman, Pierce" <Pierce.Gorman@t-mobile.com> Thu, 13 January 2022 17:38 UTC

Return-Path: <Pierce.Gorman@t-mobile.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E0E63A1839 for <ietf@ietfa.amsl.com>; Thu, 13 Jan 2022 09:38:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tmobileusa.onmicrosoft.com header.b=CxxMOtj3; dkim=pass (1024-bit key) header.d=tmobileusa.onmicrosoft.com header.b=CxxMOtj3
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bll2g9Pqh_vQ for <ietf@ietfa.amsl.com>; Thu, 13 Jan 2022 09:38:17 -0800 (PST)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2132.outbound.protection.outlook.com [40.107.244.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9C333A14B9 for <ietf@ietf.org>; Thu, 13 Jan 2022 09:38:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TMobileUSA.onmicrosoft.com; s=selector1-TMobileUSA-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7rGEzuCHly1+IY0gONyKanadBeShdYmZ6QREQUiJR84=; b=CxxMOtj3dMuJsBWy05JXGo+321ctgpA7Sd7DBrhbwbOBLsDv7GYRFvs/p5hKQBgYI1NOx5gJqGakFLYPwXvtWx7KcvOODDMjb4w0wG7xi2/u0myE3U3/HpdCrEqtBawC7V28548/SSVgApqIbOc+GlH3rXZ0RagtpAPA1/8JgDU=
Received: from SN4PR0501CA0052.namprd05.prod.outlook.com (2603:10b6:803:41::29) by CH2PR02MB6805.namprd02.prod.outlook.com (2603:10b6:610:7c::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.11; Thu, 13 Jan 2022 17:38:15 +0000
Received: from SN1NAM02FT0028.eop-nam02.prod.protection.outlook.com (2603:10b6:803:41:cafe::50) by SN4PR0501CA0052.outlook.office365.com (2603:10b6:803:41::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4909.2 via Frontend Transport; Thu, 13 Jan 2022 17:38:15 +0000
X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 144.49.247.33) smtp.mailfrom=t-mobile.com; dkim=pass (signature was verified) header.d=TMobileUSA.onmicrosoft.com;dmarc=fail action=none header.from=t-mobile.com;
Received-SPF: Fail (protection.outlook.com: domain of t-mobile.com does not designate 144.49.247.33 as permitted sender) receiver=protection.outlook.com; client-ip=144.49.247.33; helo=mail.ds.dlp.protect.symantec.com;
Received: from mail.ds.dlp.protect.symantec.com (144.49.247.33) by SN1NAM02FT0028.mail.protection.outlook.com (10.97.4.206) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.9 via Frontend Transport; Thu, 13 Jan 2022 17:38:13 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TMobileUSA.onmicrosoft.com; s=selector1-TMobileUSA-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7rGEzuCHly1+IY0gONyKanadBeShdYmZ6QREQUiJR84=; b=CxxMOtj3dMuJsBWy05JXGo+321ctgpA7Sd7DBrhbwbOBLsDv7GYRFvs/p5hKQBgYI1NOx5gJqGakFLYPwXvtWx7KcvOODDMjb4w0wG7xi2/u0myE3U3/HpdCrEqtBawC7V28548/SSVgApqIbOc+GlH3rXZ0RagtpAPA1/8JgDU=
Received: from DM5PR1101CA0012.namprd11.prod.outlook.com (2603:10b6:4:4c::22) by PH0PR02MB8677.namprd02.prod.outlook.com (2603:10b6:510:102::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4867.9; Thu, 13 Jan 2022 17:38:10 +0000
Received: from DM3NAM02FT006.eop-nam02.prod.protection.outlook.com (2603:10b6:4:4c:cafe::f2) by DM5PR1101CA0012.outlook.office365.com (2603:10b6:4:4c::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.9 via Frontend Transport; Thu, 13 Jan 2022 17:38:09 +0000
X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 208.54.98.100) smtp.mailfrom=t-mobile.com; dkim=none (message not signed) header.d=none;dmarc=fail action=none header.from=t-mobile.com;
Received-SPF: Fail (protection.outlook.com: domain of t-mobile.com does not designate 208.54.98.100 as permitted sender) receiver=protection.outlook.com; client-ip=208.54.98.100; helo=webmail.t-mobile.com;
Received: from webmail.t-mobile.com (208.54.98.100) by DM3NAM02FT006.mail.protection.outlook.com (10.13.4.251) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4888.9 via Frontend Transport; Thu, 13 Jan 2022 17:38:09 +0000
Received: from PRDTWEXCH003F.gsm1900.org (10.94.33.41) by PRDTWEXCH0046.gsm1900.org (10.94.120.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.2308.21; Thu, 13 Jan 2022 09:38:08 -0800
Received: from prdtwexch0056.gsm1900.org (10.139.8.38) by PRDTWEXCH003F.gsm1900.org (10.94.33.41) with Microsoft SMTP Server (TLS) id 15.0.1497.28; Thu, 13 Jan 2022 09:38:07 -0800
Received: from plsapdm1.corp.sprint.com (144.230.172.36) by prdtwexch0056.gsm1900.org (10.139.8.38) with Microsoft SMTP Server id 15.1.2308.21; Thu, 13 Jan 2022 09:38:06 -0800
Received: from pps.filterd (plsapdm1.corp.sprint.com [127.0.0.1]) by plsapdm1.corp.sprint.com (8.16.0.43/8.16.0.43) with SMTP id 20DHXhRZ028984; Thu, 13 Jan 2022 11:38:06 -0600
Received: from nam12-dm6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2171.outbound.protection.outlook.com [104.47.59.171]) by plsapdm1.corp.sprint.com with ESMTP id 3df94e8afm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 13 Jan 2022 11:38:06 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EIoUR3zfnPUiOaiSeP9vz5Xcc58qfY6N5wwnyHkK5o08wEKhNmgsCNnibHJTI//40+D4mDQgzaB4QZmcZdlUt037ObCjTt38xX9FTU50SWTxpeFa6Ywo3MIJGrAZ2pNe+wjDwKy4h37LZopso2alNkIuSdgK6/QaVJZTJ4RduJgn+cCJ+Wa1lTteQ5D5XIYKkccpQIF9SyMFrKBesqEXIUan8bcrZFgUk/GzYWBo3UPaLAUhhqYT1Abp59FfNQDkJoElRiZvglB+L3/Km9xfc40KAmqED/82K8qP09OEQvKtjxtnlV/kqWxWhz2eX2vZBy+H8VZuwXSFktDixfozew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7rGEzuCHly1+IY0gONyKanadBeShdYmZ6QREQUiJR84=; b=WZ6tu1OkJTAb5ZHykgpBciLGn6Lma5jIzj0vvco3/KX0PcGPHTfMAHI5o/L9+ZcMOzbkiDcqLAuoyTWpZEi7UKAC+zvSt3ae/yknO/n9HDvgG82iSxDcj5jiw0lcxAnvBoSDa/CqL/LTtpC4C5Ki61Q3p3NU7gbS12iOEKXt7mrKJ9GB22P9rci9u1YzcPmhKQnTIkjNX4u/z56tWoFfg6j2QeIAn640cnNW/HqGvtotLNtA+7vc3RzKPEK/V+Jy0ZKvjBBONIY9bX87Pd+LHxhTmb7TSu9wHBWsOHKW7Zhqlq6ZNQkMFmxsSWh8GCpuphaeSWRKgwziAXmaKRiatQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sprint.com; dmarc=pass action=none header.from=sprint.com; dkim=pass header.d=sprint.com; arc=none
Received: from BL0PR05MB4963.namprd05.prod.outlook.com (2603:10b6:208:81::12) by DM6PR05MB5898.namprd05.prod.outlook.com (2603:10b6:5:104::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4909.2; Thu, 13 Jan 2022 17:38:05 +0000
Received: from BL0PR05MB4963.namprd05.prod.outlook.com ([fe80::e87a:bc29:4fe8:9663]) by BL0PR05MB4963.namprd05.prod.outlook.com ([fe80::e87a:bc29:4fe8:9663%5]) with mapi id 15.20.4909.002; Thu, 13 Jan 2022 17:38:05 +0000
From: "Gorman, Pierce" <Pierce.Gorman@t-mobile.com>
To: John C Klensin <john-ietf@jck.com>, Scott Bradner <sob@sobco.com>, IETF <ietf@ietf.org>
Subject: RE: Backdoor standards?
Thread-Topic: Backdoor standards?
Thread-Index: AQHYB/lATosgG+dFQ0WjSZHxNxUF46xf5IoAgAAeygCAABoIAIAAGyKAgAA+aACAAJk7AIAAI7kAgAADwGA=
Date: Thu, 13 Jan 2022 17:38:04 +0000
Message-ID: <BL0PR05MB496373732EA8FC8D5D0C395389539@BL0PR05MB4963.namprd05.prod.outlook.com>
References: <85191ed3-5fc1-67da-888a-8af7bf9064f8@comcast.net> <39E40B7D-0E51-41A9-A8A3-026A0013F032@sobco.com> <9C232BA5452C4F0F9DD26674@PSB> <003701d80816$a85ab810$f9102830$@acm.org> <ee8acffd-e808-67fd-cf92-52b3f9f3e195@comcast.net> <A7AC7B3B5BCD87E65B4F253C@PSB> <CBB5F8FC-EF58-45CA-BB1B-298A4AC3FD9E@sobco.com> <27D58322C47E3C5F1A74B754@PSB>
In-Reply-To: <27D58322C47E3C5F1A74B754@PSB>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
X-MS-Office365-Filtering-Correlation-Id: 907cd004-d927-47e9-2d57-08d9d6bb7995
x-ms-traffictypediagnostic: DM6PR05MB5898:EE_|DM3NAM02FT006:EE_|PH0PR02MB8677:EE_|SN1NAM02FT0028:EE_|CH2PR02MB6805:EE_
X-Microsoft-Antispam-PRVS: <CH2PR02MB68054B7C277CE41D897F7F7FD2539@CH2PR02MB6805.namprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:651;OLM:651;OLM:651;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: ghKMgUSVPc/oheo5G9Rot1hcoP53xCdR0ue85QQ26eG0kmzOQdjJUvr1YEgUw6jXPTBYZnC+ANqfzhKcLqIdKc9yCt0xV87y1UC0ZxdXRHTg8QsDGNOvC8n4Bc4NZTwyKtOfWDbPU4RKBWme8W7NinHPy8JUNrCSqCwNQZVlC9gcR27GO+Q7yrL5GUwqdvVPvqAFpZ+lh7/EiiTBsvLCQVD29vJal5zVeRcUuiwBbufmFpKbJT1SzvCEFjc6K4b/fIAhnDrwBQ7UTbZyMAA21dcxYCfYknPoOTMxodWfLM6Ua+xoBS5YnnQMLUzsA3XUxSSXYsqL3ezbRASblDF+tcs6fmukcX7d6cQQ6DAIx607IbJHK2mTPwNx7gEGCD4xqq7QYJN1X3uiPMGkKw4tmX0nOzSylx1oLb0W0+LyrfhpWIYgfocs1oqniNPwptMiQuPMVXE0xG3AGlNAOQOi8Hd8vPD4ItDwKzl3loi1yb/Me5E6CFLT97BrcNUXAz9EjHYNTzc5ZxmIjMKYkYvjIQyOQwKauWOqffmDBrT+A4EO92iOZll7PpnriI1WF7v3ZBDOZCOcW4gf+UuconYNa+F1nktJiRQGS41mtD5Ilxh+ej6IW68AsL6A7n2dbe5mPOOBpIx+g4ExP0KJBIbuJX/B174iJck8zQqJb5fSQw1AfxmzSmoXXePgASW0sdSmzT8Uq7jAwYwBTFaRnwGjTJLWyXZFkn8Mcbkapge07gTsGJjiF1XKaQEkYMxde7VtdpPIk0UX0C3D7xX/EPsohoKqkomTi5StP9NuWEiA2Sg=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR05MB4963.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(508600001)(45080400002)(82960400001)(3480700007)(76116006)(966005)(64756008)(66446008)(66476007)(7116003)(8936002)(66556008)(66574015)(2906002)(66946007)(8676002)(86362001)(55016003)(38070700005)(52536014)(6506007)(5660300002)(30864003)(83380400001)(38100700002)(7696005)(186003)(26005)(316002)(53546011)(122000001)(110136005)(9686003)(33656002)(71200400001)(20210929001); DIR:OUT; SFP:1102;
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB5898
X-EOPAttributedMessage: 1
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DM3NAM02FT006.eop-nam02.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: 6e5076ee-0f0b-4695-815d-08d9d6bb746e
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: LIRjn2Rv40t2NHszIldivPSlUBz0ks9aK7nd8CIFgm16skwXHhqnsQFjMZdHI5w2tPQfvxA3nAyZQwNhrpskjNypgPSEdPFETtQqxBI+YEGm+6x5KMLHuNg/fOIJxEKYRNH5hTpQGNPuStFQjK63OPDKOtPU9/RjuVF+r911GAUC4HbiXqStyk+FGLr1q5AEI5GSZZaI5QlkvXh3VNmB3mj2PgZz77F5sBfLKEYNczMYfvvdnX48mqPbh1OQGWadW3PBr7tRMUX5NrMcnbPVb+caihUmulPGUUewGZ9++vxL/dh9nFSXZDY+4Y/8dWXMd8p3AVMF5fqXee24OSav4ej/HMFz/YUM/eleiIfctOMmFnJe/5awgMbmIMxh5xO3oI/prHyLrjgDkVenb8EekFCQI6V353Dxgek9iNrwPUEWQK7sysneBrgEA6lUah8mRslOQGwx6ZL7JR0EN250QWl6Ss+G++nTQgFHU0NgIo75JCFTF7yVUvu2dRRa49TvEtNdE+DFNoAq7ypfCnBOUUOkkTdzg3Qjg3uMJrr4X0yMMkYxGcvJ71pW9qNmWezc4n64nVMlxoRUU5zcdBhGzq+MD51t5zmzArOQnlKHqC+DXTWntlwNKIkurGytY6LJSPdqkRrx7XrDeCtj4pjNVH1w6RWFU8FGSytfzJ1piYJXdUBUZV2tu0kMVLkWOgJvgyeKz1SMU1nMpu6LLwfhi7Ka2851Nv8ZgOkQobdG/7FutQ4vz7tV/GbIctt2FkTAziZfhO1NN/e1ibDMquLv5U+74DggRfxpoGDGCfOxgc4FHYbu+1blrfO3wExVJGlfHhqf0IF+4zehiLHrYGggQ4KBTwFw+rFoVJrz5yLlGrRC3mURvxPkh5bM1yRmiLB+
X-Forefront-Antispam-Report-Untrusted: CIP:208.54.98.100; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:webmail.t-mobile.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(46966006)(40470700002)(36840700001)(9686003)(7696005)(86362001)(6506007)(47076005)(55016003)(30864003)(70206006)(70586007)(7116003)(36860700001)(8676002)(53546011)(40460700001)(186003)(82310400004)(26005)(82960400001)(83380400001)(5660300002)(316002)(81166007)(3480700007)(356005)(33656002)(966005)(336012)(66574015)(508600001)(52536014)(45080400002)(8936002)(110136005)(2906002)(36900700001); DIR:OUT; SFP:1102;
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR02MB8677
X-CFilter-Loop: Reflected
X-DetectorID-Processed: 8c846453-0f50-46b3-95ab-8bbaf7238615
X-MS-Exchange-Transport-CrossTenantHeadersStripped: SN1NAM02FT0028.eop-nam02.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 6d650af2-bdd5-4b04-b765-08d9d6bb770c
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Q3mtJ5KTYh3Uh03WbH8+xDzsSTTGZL7inMI1didS4nsvLKLZdRWjlnHMUL04E8q3NtsaHaKs44Ctbrx2DQeY//mA10sT+rTxDQeJOGyaHwl8oE0vdN5LKUqt0gjITJi68FKLUchYtjxxTJQAVJ7Yr45ShMaH3KCDQ51NYHoMrKaNuINT3pFJt9KlBsslAIw6+wlMwE3KvfqHdvOUKljiXfi2mtyXsaSZCiXpyYt7AH0nFWayd9BTuqH3i6c2DtXo67RzgLRrjLtpIDrW20iKkRTvehZnDGHLS7UDiId7AvIkYcF1smGrqkNZpdM5/Y1gatscZ5wi5+8kPTJL+UxHDBLUYXHPxrHtKk9zTbytjrRZ9Or02T2c4658B+OXPHosh4oaKJlRAAhF0Pw1xApR5rXGkX4qh/xoaU6Iz2382JmlxqBUsrLgtt61+zaR0JuxQNbSJ+K2/kVw9FjIMsUjO2wJJ0858ZIZv27uGAcSkHBL3sQ0Ll7CTObBnswy3V14La0vBx+NdvcC35wcRjpucXUGFwiIYSJwEhp7/b9j9Ae63/h61c9pff87Y/Sb+v1jkdjSSzm2nq/Krtgpyy0v696U5u2TFSmj9UDa9A92y1/TINo+zTR2wIVByFKFe3VUTPW2Rc068KjGcTv+O1Fo3wuWYnaXJpNdBH8p1ETcQDkwHMDL6Ea9UOE+IPoeXF1Lm7FEgp4kAbbYbFujtLjBxIAiulGxao9UC0REt9qFKYUCizQnOGXC8dKuBaDvmtdmP8mRwuw7GNOpTMAi35hU8t1XsE78cS+kZJDLs5IKc2wiaVzHgA2Nw8W+oz3w0YH0sp3kjgiiRRH+Cq0+aDzNBFY4a0VC/3BNZKe13v2bWBcOWoSGGTmxImacRUjo9zc0
X-Forefront-Antispam-Report: CIP:144.49.247.33; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.ds.dlp.protect.symantec.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(46966006)(40470700002)(36840700001)(3480700007)(9686003)(966005)(45080400002)(36860700001)(47076005)(508600001)(70206006)(70586007)(2906002)(8936002)(30864003)(82310400004)(66574015)(316002)(110136005)(26005)(336012)(6506007)(53546011)(83380400001)(52536014)(186003)(5660300002)(7116003)(82960400001)(86362001)(33656002)(55016003)(81166007)(40460700001)(8676002)(7696005)(36900700001); DIR:OUT; SFP:1102;
X-OriginatorOrg: t-mobile.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Jan 2022 17:38:13.2934 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 907cd004-d927-47e9-2d57-08d9d6bb7995
X-MS-Exchange-CrossTenant-Id: be0f980b-dd99-4b19-bd7b-bc71a09b026c
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=be0f980b-dd99-4b19-bd7b-bc71a09b026c; Ip=[144.49.247.33]; Helo=[mail.ds.dlp.protect.symantec.com]
X-MS-Exchange-CrossTenant-AuthSource: SN1NAM02FT0028.eop-nam02.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR02MB6805
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/yHkkZ9jPugW2wevFO5vo920W57U>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jan 2022 17:38:22 -0000

Also FWIW.  Early adopters and independent adopters occasionally implement what is described in I-Ds and it can be helpful to have the I-Ds persist as a usable public reference (IMHO).

Pierce


-----Original Message-----
From: ietf <ietf-bounces@ietf.org> On Behalf Of John C Klensin
Sent: Thursday, January 13, 2022 11:21 AM
To: Scott Bradner <sob@sobco.com>; IETF <ietf@ietf.org>
Subject: Re: Backdoor standards?

[External]


FWIW, Scott's summary is consistent with what I remember, even though I had forgotten the mirrored, no deletion, collections.
I was somewhat in the loop when Jon Postel initially resisted the idea of I-Ds, especially ones that might become an archival alternative to RFCs.  Scott's account is essentially correct and, FWIW, some of the discussion in this thread revisits that one.  I do consider that 2012 IESG Statement [1] to be strong evidence of a formal IESG decision on the matter although, if Scott's recollection is that the actual decisions and actions were made long before that statement was issued, I would trust those recollections.

It may also be worth noting that the Statement is one of many reaffirmations about groups other than the IETF posting I-Ds containing their working documents.  That policy definitely began many years earlier.

We would probably benefit from someone putting together and publishing a history of Internet-Drafts, paralleling RFC 8700, before more of our memories deteriorate or otherwise become inaccessible.

best,
   john

[1]
https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Finternet-draft-removal%2F&amp;data=04%7C01%7Cpierce.gorman%40t-mobile.com%7C7db703f6fe4b43fc50a608d9d6b92801%7Cbe0f980bdd994b19bd7bbc71a09b026c%7C0%7C0%7C637776913909215857%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&amp;sdata=CVKdw3FKNX%2FqzlfhNd9XV4KboxchQi1yvEM26xTvYo0%3D&amp;reserved=0

--On Thursday, January 13, 2022 10:12 -0500 Scott Bradner <sob@sobco.com> wrote:

> there is a history to the decision to not actually expire I-Ds
>
> at the start Jon Postel accepted the idea of I-Ds only if they expired 
> (so I'm told - I was not in the loop at that time)
>
> so I-Ds were removed from the ietf.org ftp site after some time - 
> officially 6 months but often longer
>
> so a bunch of places started mirroring the I-D directory & 
> specifically not removing the expired I-Ds  (Robert Elz was one, I was 
> another, and there were quite a few others)
>
> when I got on the IESG I argued that I-Ds should not be removed but 
> just moved to some specific "old"  directory - (to support IPR 
> searches and so the technology would not be lost) the IESG agreed & 
> Steve  Coya went about the business of retrieving the old I-Ds from 
> backup tapes (a big task but lowish priority)  and stopped removing 
> the "expired" I-Ds
>
> just about when Steve was ready to post all the old I-Ds he had found, 
> a some new IESG members were installed and some of them disagreed with 
> the previous decision & the concept of not expiring I-Ds was debated 
> in the IESG & on the IETF list - strong feelings both ways and the 
> idea died
>
> that did not stop the mirrors even though a few authors sent cease & 
> desist emails to Robert and others
>
> at some point Henrik brought up tools.ietf.org including old I-Ds (the 
> ones he could find) - I gave him a copy of my repository to fill in 
> some of the blanks and I think Henrik reached out to Robert as well
>
> so there was not a formal IESG decision to not expire the I-Ds
> - it just happened because Henrik thought it was the right thing to do 
> (strongly supported by a bunch of us)
>
> Scott
>
>> On Jan 13, 2022, at 1:04 AM, John C Klensin <john-ietf@jck.com> 
>> wrote:
>>
>> Mike,
>>
>> --On Wednesday, January 12, 2022 21:21 -0500 Michael StJohns 
>> <mstjohns@comcast.net> wrote:
>>
>>> On 1/12/2022 7:44 PM, Larry Masinter wrote:
>>>> If there is some kind of abuse you are aiming to quell, some 
>>>> examples might be helpful.
>>>
>>> Hi Larry -
>>>
>>> It's not so much about quelling abuse as it might be in reinforcing 
>>> expectations.
>>>
>>> This has been the expectation basically from the first moment that 
>>> the ID system was created (right after the meeting at Boulder NCAR):
>>>
>>>> It is inappropriate to use Internet-Drafts as reference
>>>>    material or to cite them other than as "work in progress"
>>>
>>> And that was reinforced in some ways by the original manual 
>>> submission model for IDs.  Over time, the tools have changed some of 
>>> that calculus and most drafts get posted without human intervention, 
>>> and the old versions of a draft now have fairly stable references as 
>>> a side effect of how the tooling was built.
>>
>> Actually not for the old (and expired) versions part.  Scott can 
>> comment but I remember the decision to keep them generally available 
>> without interaction with the Secretariat (the caution on the 
>> datatracker page notwithstanding -- see below) as being very 
>> explicit, a recollection that is reinforced by a 2012 IESG Statement 
>> [1].  That was partially because of the IPR issue and partially, as 
>> the Statement indicates, to
>> facilitate comparisons among versions.   Assuming we are not
>> going to reverse that, that part of the question is whether the 
>> current tooling implements the intent properly and/or whether we 
>> might want to review and adapt the intent.  In particular, if the 
>> intent is to keep almost all I-Ds publicly available, we might think 
>> about how to do something to make them less useful as stable 
>> references.  Some variation of Larry's time-based idea or of the 
>> ideas I mentioned in my note might work or, if he is willing to be 
>> engaged on this a bit longer, John Kunze might have good ideas about 
>> that in spite of its being the very opposite of his research 
>> interests in stable references.
>>
>> (Sorry, we have a small surplus, not only of "John"s in this 
>> discussion, but of "John K"s.  Don't know how to work around that 
>> that except by spelling out surnames.)
>>
>>> All I'm really saying here is that it may be time to review that 
>>> expectation and retain it, expand on it or revise it.
>>
>> Agreed.  But the first part of that process is probably figuring out 
>> which problem we are trying to solve.  Based on reading John Kunze's 
>> note a few times, I'm guessing that making the old ARK versions 
>> vanish entirely (per the original rule that "expires" means 
>> "disappears from effortless public
>> view) probably would (or perhaps would) have caused only one change 
>> in behavior: publication of Informational RFC snapshots of the 
>> current state of the research based on the drafts of 2008 and 2018.  
>> That, I hope, would have forced (we don't have firm rules and that 
>> might be something else we need to review) clear "what is different 
>> from the last time and why" sections.  I just suggested in another 
>> context that we may want to make an explicit rule about that.  But, 
>> otherwise...
>>
>> My guess is that there are three separate issues and expectations we 
>> should review:
>>
>> (1) Whether the introductory text that I cited earlier about what 
>> I-Ds are about should be revised to eliminate the phrase claiming 
>> other bodies can use them.  For the reasons John Kunze mentioned in 
>> his explanation, I think that would hurt us and the Internet, but 
>> YMMD and it is worth a discussion.
>>
>> (2) Even in the RFC Series, whether we should reexamine the very long 
>> tradition (going back to documents with two-digit numbers long before 
>> there were I-Ds) of  publishing documents, or long excerpts of 
>> documents, from other SDOs or even individual companies for the 
>> information of the
>> community.   I think stopping that would harm the Internet
>> but, again, you and others might see the tradeoffs differently.  
>> PHB's first note in this thread may be helpful in looking at that.
>>
>> (3) Whether our present method and tooling for making I-Ds available 
>> long-term, motivated by the comparison and IPR issues (including, as 
>> has been pointed out, making things easy for people in other parts of 
>> that process, not just lawyers armed with subpoenas), is encouraging 
>> bad behavior.
>> If so, whether (i) we can and should either erect defenses against 
>> that behavior and how or (ii) whether the risk of bad behavior 
>> justifies going back to the "expires means disappears" rule even if 
>> makes it hard for the folks trying to do comparisons or with IPR 
>> concerns.
>>
>>> In the instant case, removing the old ID versions of draft-kunze-ark  
>>> or changing the locator for the old versions might cause problems 
>>> for the ARK community.  But not being able to remove (or "move" URL 
>>> wise) those documents seems to be counter to the plain text 
>>> intentions of RFC2026 section
>>> 2.2 as well as other IETF statements of procedures.
>>
>> If I correctly understand John Kunze's note, not really for the ARK 
>> case.  As I guessed when writing my earlier note, ARK is not a good 
>> example of the abuse case I think you are concerned about (see (3) 
>> above), but that does not make that concern any less real and 
>> important.
>>
>>> Perhaps 2026 no longer correctly expresses the status of IDs?
>>
>> To me, that is another example, perhaps the earliest important one, 
>> of the IESG making a decision that ignores rather clear
>> text of a BCP procedural RFC and then just moving on [1].   In
>> this particular case, the decision was not to ignore that text but, 
>> essentially, to treat warnings that have evolved into the current 
>> "The information below is for an old version of the
>>      document" or just "Expired Internet-Draft (individual)"
>>      and
>> "This Internet-Draft is no longer active. A copy of the
>>      expired Internet-Draft can be found at..."
>> as equivalent to the 2026 text
>>  "is simply removed from the Internet-Drafts directory"
>>
>> And, of course, whether it is significant or not, the statement in 
>> 2026 does not contain "MUST be removed" language but, instead, makes 
>> what appears to be a statement of fact.
>> Scott probably remembers my whining about the change when it was 
>> announced, but the IESG consensus was clearly to make it.
>>
>>
>> I think things have improved in more recent years in the sense that 
>> the IESG, faced with a situation like this, would almost certainly 
>> propose such a statement and explicitly ask for community comment on 
>> it.  I don't recall that being done for the case of retaining I-Ds.  
>> However, if we don't like the idea of the IESG being able to make 
>> decisions that contradict
>> -- or reinterpret well beyond the obvious original intent-- BCP 
>> procedural language that reasonable people can interpret as 
>> requirements, then there are other things that should be considered 
>> again and reevaluated, especially if we do not consider the Appeal 
>> and Recall procedures sufficient safeguards against such actions.
>>
>> best,
>>   john
>>
>>
>

v2.23.0 | Report a Bug | By Email