Re: [kitten] Murray Kucherawy's No Objection on draft-ietf-kitten-krb-spake-preauth-11: (with COMMENT)
Nico Williams <nico@cryptonector.com> Fri, 19 January 2024 05:05 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1F25C14F6ED; Thu, 18 Jan 2024 21:05:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tWzN1KEpL71d; Thu, 18 Jan 2024 21:05:52 -0800 (PST)
Received: from beige.elm.relay.mailchannels.net (beige.elm.relay.mailchannels.net [23.83.212.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89774C14F6B4; Thu, 18 Jan 2024 21:05:51 -0800 (PST)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id A8D2950182C; Fri, 19 Jan 2024 05:05:50 +0000 (UTC)
Received: from pdx1-sub0-mail-a287.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 30929501F9B; Fri, 19 Jan 2024 05:05:50 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1705640750; a=rsa-sha256; cv=none; b=Syr9ujUlOZlYxn7l1urPuswexZfrxXWmweByQhdODrtrcsge8QukLzgel972gmdnRoEVig BP018YlP8iybJn5VG03PYRsTKQmsz33LpFNUsO4pDdh0IQcNZX7XBc/en+W2t9xOHi38m7 xT7vro8vgKOVNZO2Kqxj4Tbhs7a9ZSXg22q+HhnvCXA7C04t8nF3IOxGQ/qKOLK0Cwd5pC lS/kSEjxS74HQQp4GLoeDf/q2B6XbXBxv1MkLQqaYGE1A/tn7QNh9AkfjENLhywMog9yDm +SNYRl6WYmw3n5l0cFodcVkBr1cfPFgEOkow644x2yqPbdGcfnU6RLCiX30ZdQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1705640750; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=QOW5stwCe0JkgRzTER2wK0kYDJ/MSMfQkGwmi0PWiQk=; b=ePqjkZ+1NfxnL3QS+iZrJR7SHV7msw+schVtQAB3U4qLmZDh3Iw8epQ72SivdiF3NUbESR mGcAOvTR0VZCedvxPwbYARCj+/ECt+dZLbFCR+8D+tBvPj5P23OzJS7DebJnFiF3gkYjuC 73I3vWlMVmJlW3z74oxRtnsJ80cbkXcdhX/ypCZ5JEc3aFXR4GE5on5rs9BLtr8QyIPLJy WjIGLZY8JYuhuZ9dxfFF/3ISSSDkU5vTyzUi5+aAeTxMMgrLC38Pfi/k2+dmjPbupGiQ/t hBHjbW89mI/MjE0AK9rqXirCAbOOOa2XjcGX6IBO4XRWC7WuokWypVeCY8Va/g==
ARC-Authentication-Results: i=1; rspamd-568947cb6c-mdj7t; auth=pass smtp.auth=dreamhost smtp.mailfrom=nico@cryptonector.com
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Eight-Towering: 49728abc34847c27_1705640750508_1564837114
X-MC-Loop-Signature: 1705640750508:1980450939
X-MC-Ingress-Time: 1705640750508
Received: from pdx1-sub0-mail-a287.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.123.135.9 (trex/6.9.2); Fri, 19 Jan 2024 05:05:50 +0000
Received: from ubby (075-081-095-064.res.spectrum.com [75.81.95.64]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a287.dreamhost.com (Postfix) with ESMTPSA id 4TGSHd1md9zGw; Thu, 18 Jan 2024 21:05:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cryptonector.com; s=dreamhost; t=1705640749; bh=QOW5stwCe0JkgRzTER2wK0kYDJ/MSMfQkGwmi0PWiQk=; h=Date:From:To:Cc:Subject:Content-Type:Content-Transfer-Encoding; b=SCtNZzmmuIyE67+LyLuaJ0y53JZSU67kUA/F7zQxfKSOeXCPLP+agmuEnptvJ0tYz Jm6fvByfn60ij37jq3XiSv39d840IFToSEOA/gwfn71coTuhemKyMie8tjCEZe/RTj REddeXU/7HkG/3k3j0ZGW9ilcT6gwT3z5JQJfCMtQL8lcqWHVoP1nzubMVi1SFytk/ bXc7X1pSYPMac7E3Vz/OAYL0vwNyFvTG3XUlRCuD0X64JcNue7p1PglT514rIZPiJ9 +gojGWdDSyggFbTAK5PCawiTKyDsBrZ/UTxkoDKfOBOIlLoIvzjgqpb/IiMPEqUfj7 /aFap+pnCsq9g==
Date: Thu, 18 Jan 2024 23:05:46 -0600
From: Nico Williams <nico@cryptonector.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: Greg Hudson <ghudson@mit.edu>, The IESG <iesg@ietf.org>, draft-ietf-kitten-krb-spake-preauth@ietf.org, kitten-chairs@ietf.org, kitten@ietf.org
Message-ID: <ZaoDKjMhV3g1w4pp@ubby>
References: <170559100930.21281.8142882686300667918@ietfa.amsl.com> <d5d9e798-c6c1-4f15-a1f2-4e08580a70c4@mit.edu> <CAL0qLwZUOepsqoGY+kb5tB8CBc=EOYAtoSXk35XAMD4LF5Hw8w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAL0qLwZUOepsqoGY+kb5tB8CBc=EOYAtoSXk35XAMD4LF5Hw8w@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/JtztgNMZF6fW0UhbAGwdsEfL29c>
Subject: Re: [kitten] Murray Kucherawy's No Objection on draft-ietf-kitten-krb-spake-preauth-11: (with COMMENT)
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jan 2024 05:05:57 -0000
On Thu, Jan 18, 2024 at 08:17:52PM -0800, Murray S. Kucherawy wrote: > On Thu, Jan 18, 2024 at 10:15 AM Greg Hudson <ghudson@mit.edu> wrote: > > The IANA Kerberos preauthentication registry contains references > > to numerous expired drafts besides this one. > > I think that's unfortunate, since the whole idea of having a specification > be required is that it needs to be relatively stable, and something that > has expired is, to me at least, not. I-Ds expire, yes, but they are not deleted, neither from the Internet nor from the IETF I-D archive. I-Ds are versioned, and each version is "stable". I believe an I-D counts as "specification exists" under RFC 2434. When an RFC is desired one might want to use IETF Consensus as the registry's allocation policy. In this case the registry in question has an allocation policy of Expert Review, which means that a specification is not even needed, let alone an RFC. Many Internet protocols require IANA registry allocations prior to RFC publication for good reasons: - publishing an RFC just to obtain an allocation for a work-in-progress is impractical - not having allocations prior to publication greatly complicates testing and soaking - private use namespaces do work, but then when upon publication _different_ allocations are obtained there then arises an upgrade problem in the field that may not be trivial to manage It's not just Kerberos, but TLS and others, that have used I-Ds as "specifications". Often what we want is just Expert Review, and sometimes we want both Expert Review _and_ Specification Exists. RFC 2434 doesn't limit allocation policies to the ones it lists, as it terms them "example policies, some of which are in use today", but this registry currently requires only Expert Review. I believe Expert Review is appropriate for this registry. Nico --
- [kitten] Murray Kucherawy's No Objection on draft… Murray Kucherawy via Datatracker
- Re: [kitten] [Ext] Murray Kucherawy's No Objectio… Amanda Baber
- Re: [kitten] Murray Kucherawy's No Objection on d… Greg Hudson
- Re: [kitten] Murray Kucherawy's No Objection on d… Nico Williams
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Nico Williams
- Re: [kitten] Murray Kucherawy's No Objection on d… Eric Vyncke (evyncke)
- Re: [kitten] Murray Kucherawy's No Objection on d… Simo Sorce
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Nico Williams
- Re: [kitten] Murray Kucherawy's No Objection on d… Russ Allbery
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Stephen Farrell
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Eliot Lear
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Greg Hudson
- Re: [kitten] Murray Kucherawy's No Objection on d… Eliot Lear