Re: [kitten] Murray Kucherawy's No Objection on draft-ietf-kitten-krb-spake-preauth-11: (with COMMENT)
Eliot Lear <lear@lear.ch> Sun, 21 January 2024 08:24 UTC
Return-Path: <lear@lear.ch>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AC4BC14F698; Sun, 21 Jan 2024 00:24:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.896
X-Spam-Level:
X-Spam-Status: No, score=-0.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=lear.ch
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mH4kqLDQMM6k; Sun, 21 Jan 2024 00:24:44 -0800 (PST)
Received: from upstairs.ofcourseimright.com (upstairs.ofcourseimright.com [IPv6:2a00:bd80:aa::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9CBBC14F5E7; Sun, 21 Jan 2024 00:24:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lear.ch; s=upstairs; t=1705825468; bh=FvuEm21vHSyKkwNZ0lMbV6G1fWBMA41rjhljineRQR4=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=cG4Cf7AMcRfQNDeFgZTFsP2BLnjLN24DpC+uD9BdfjxYZDWo7pk7KK2Sj2ZIpognz t8JVPlHYxUwCZhDi+TukOUSzoc5CDnGa7l5rf3yf3xtDi2DnBWUX3Mp/wM917sB9PT qVya/MB0p0cp/fR3eY6YjeBlKiDN7r0XvPNM1pQM=
Received: from [192.168.0.99] (77-58-144-232.dclient.hispeed.ch [77.58.144.232]) (authenticated bits=0) by upstairs.ofcourseimright.com (8.15.2/8.15.2/Debian-22ubuntu3) with ESMTPSA id 40L8OPG5038329 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Sun, 21 Jan 2024 09:24:26 +0100
Message-ID: <0296af8e-652f-4b31-a42e-d185017b3dee@lear.ch>
Date: Sun, 21 Jan 2024 09:24:24 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: "Murray S. Kucherawy" <superuser@gmail.com>, Nico Williams <nico@cryptonector.com>
Cc: kitten@ietf.org, kitten-chairs@ietf.org, draft-ietf-kitten-krb-spake-preauth@ietf.org, The IESG <iesg@ietf.org>
References: <170559100930.21281.8142882686300667918@ietfa.amsl.com> <d5d9e798-c6c1-4f15-a1f2-4e08580a70c4@mit.edu> <CAL0qLwZUOepsqoGY+kb5tB8CBc=EOYAtoSXk35XAMD4LF5Hw8w@mail.gmail.com> <ZaoDKjMhV3g1w4pp@ubby> <CAL0qLwbueeYOCQSgapa6yx1DzbXLYXuNUMzUvH3m1X-LzaNNxA@mail.gmail.com>
From: Eliot Lear <lear@lear.ch>
Autocrypt: addr=lear@lear.ch; keydata= xsBNBFMe1UQBCADdYOS5APDpIpF2ohAxB+nxg1GpAYr8iKwGIb86Wp9NkK5+QwbW9H035clT lpVLciExtN8E3MCTPOIm7aITPlruixAVwlBY3g7U9eRppSw9O2H/7bie2GOnYxqmsw4v1yNZ 9NcMLlD8raY0UcQ5r698c8JD4xUTLqybZXaK2sPeJkxzT+IwupRSQ+vXEvFFGhERQ88zo5Ca Sa1Gw/Rv54oH0Dq2XYkO41rhxQ60BKZLZuQK1d9+1y3I+An3AJeD3AA31fJZD3H8YRKOBgqe ILPILbw1mM7gCtCjfvFCt6AFCwEsjITGx55ceoQ+t5B5XGYJEppMWsIFrwZsfbL+gP31ABEB AAHNGUVsaW90IExlYXIgPGxlYXJAbGVhci5jaD7CwI4EEwECADgCGwMCHgECF4AWIQSY0L2Q Rh2wkqeyYR2HtmtG2dJ6MwUCWxJwMwULCQgHAgYVCAkKCwIEFgIDAQAKCRCHtmtG2dJ6M8KI B/46pFrJX+4Ockl2fHR303ais9Lyx8jv6mXKKOr8WR0UYcJ0syQrhaaZNG1VV98tYQHHK9F5 y7hH4YCsrr3odZ6zoavnx5X1X/2xw8y732f/irVoOOkYLid9IGPxa2e2nYXCZpde5/yvv3we XVE4mG4dEAD5T8iKS4Hz/3fKGJQ15o79Jv92HgC7RpCt0WaiQ0b6acP3PuwjDJzJzLFZzb7j IiB3izxQESSWE1GNRmoAK/k0gW6kmx1/87tQENrK+3Nn4CJSFQWF6entLnY7UeVm95wbMQkJ evwddDWUO2huDbmZnmxgKXGzSSpuNq7n8ICAOlbt0HfdJAZQfy25bwvezsBNBFMe1UQBCAC0 WV7Ydbv95xYGPhthTdChBIpPtl7JPCV/c6/3iEmvjpfGuFNaK4Macj9le20EA5A1BH7PgLGo HOiPM65NysRpZ96RRVX3TNfLmhGMFr5hPOGNdq+xcGHVutmwPV9U7bKeUNRiPFx3YdEkExdd qV2E8FltT0x2FSKe2xszPPHB6gVtMckX5buI9p1K3fbVhXdvEkcYY/jB0JEJGyhS5aEbct5c HUvDAkT81/YFK5Jfg8RRwu1q1t1YuIJSOWAZQ9J9oUsg6D9RpClU+tIFBoe3iTp1AUfJcypu cGKgLYKtpu/aygcpQONHYkYW5003mPsrajFhReVF5veycMbHs4u5ABEBAAHCwF8EGAECAAkF AlMe1UQCGwwACgkQh7ZrRtnSejOSuQgA27p2rYB7Kh20dym6V8c62pWpBHHTgxr/32zevxHS iXl6xvUCg5T8WUwfUk8OvgDcBErK/blDAMXQzSg3sp450JhR8RnXHXF5Zz2T04X7HnlIVJGw f2CjnwyEAJCqMzaCmI+g3Imvg/8L4nyBFvhlFHDv+kIvMiujyycjPAu7xxKplBs1/IEwmDoA MjneFmawvfeQnwdMhSKK8PjKSuzGU5uUmxj3GBfRqvTM0qpmhMPFOmDhJSmH55HLAky2Mlmq JYXJPt/9EfSEhFiua1M6gLiuNEuPkp+8jcnHQqKr0IeHt8UqcwLt2mGfIyl0FVdF9hvWPjNR zGbgqoT1Di03RQ==
In-Reply-To: <CAL0qLwbueeYOCQSgapa6yx1DzbXLYXuNUMzUvH3m1X-LzaNNxA@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------xKrPjpeGHTR2Uc60g3TuIcFl"
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/YTrzk0l3vq8JRZnNyKYkHZG35tc>
Subject: Re: [kitten] Murray Kucherawy's No Objection on draft-ietf-kitten-krb-spake-preauth-11: (with COMMENT)
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Jan 2024 08:24:49 -0000
Hi Murray, I apologize for the late comments. I agree with your concerns. I would add four points: 1. Given the discussion about the nature of Internet Drafts are taking place on a mailing list that anyone can join (no-draft-expiry@ietf.org), this working group should neither redefine IANA policy nor the nature of I-Ds. 2. The ISE is *sometimes *available for this purpose, but not a guaranteed documentation path. An RFC is generally a heavy lift no matter the path (which I think is in part the motivation for the text), and RFC 8126 makes clear it shouldn't be the only path. What is needed is a stable reference. 3. Anyone can create a git repo and establish a stable reference that should be suitable for IANA. IMHO that should be preferred over encouraging a reference to something that has "draft" right in its name. 4. Confusion over IANA policy can be introduced if a draft is updated and the semantics are changed without any in-path signaling of such, leading to interoperability risks. Therefore, I would suggest to the IESG that the discussion about Internet-Drafts be removed from this draft prior to publication. Eliot On 20.01.2024 07:39, Murray S. Kucherawy wrote: > On Thu, Jan 18, 2024 at 9:05 PM Nico Williams <nico@cryptonector.com> > wrote: > > I-Ds expire, yes, but they are not deleted, neither from the Internet > nor from the IETF I-D archive. I-Ds are versioned, and each > version is > "stable". I believe an I-D counts as "specification exists" under RFC > 2434. > > > RFC 2434 was obsoleted a long time ago, as was its successor. RFC > 8126 is current. > > If I'm an implementer following a link from an IANA registration to an > I-D, but then there's a big colorful warning that the I-D is expired, > wouldn't it be reasonable for me to believe that the registration, the > document, or both are no longer valid? This seems really strange to > me. I would expect to find a link to something current. > > Should we deregister something if it references an I-D that expires? > Or maybe it should seek publication via the ISE instead if the WG > drops it? Or something? > > Many Internet protocols require IANA registry allocations prior to RFC > publication for good reasons: > > - publishing an RFC just to obtain an allocation for a > work-in-progress > is impractical > > - not having allocations prior to publication greatly complicates > testing and soaking > > - private use namespaces do work, but then when upon publication > _different_ allocations are obtained there then arises an upgrade > problem in the field that may not be trivial to manage > > > There's another practice I've seen commonly used: Allow registrations > to be "provisional", which are First Come First Served so it's trivial > to get an experimental code point or reserve one, and then allow them > to become "permanent" with Specification Required or similar. Would > that work here? > > It's not just Kerberos, but TLS and others, that have used I-Ds as > "specifications". > > > This isn't making me feel better. :-) > > Often what we want is just Expert Review, and sometimes we want both > Expert Review _and_ Specification Exists. > > > Check out Section 4.6 of RFC 8126. "Specification Required" includes > a designated expert. > > RFC 2434 doesn't limit > allocation policies to the ones it lists, as it terms them "example > policies, some of which are in use today", but this registry currently > requires only Expert Review. I believe Expert Review is > appropriate for > this registry. > > > I don't think I'm disputing the registration policy you've chosen. > I'm disputing whether we should consider an I-D to be "stable". > > -MSK > > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten
- [kitten] Murray Kucherawy's No Objection on draft… Murray Kucherawy via Datatracker
- Re: [kitten] [Ext] Murray Kucherawy's No Objectio… Amanda Baber
- Re: [kitten] Murray Kucherawy's No Objection on d… Greg Hudson
- Re: [kitten] Murray Kucherawy's No Objection on d… Nico Williams
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Nico Williams
- Re: [kitten] Murray Kucherawy's No Objection on d… Eric Vyncke (evyncke)
- Re: [kitten] Murray Kucherawy's No Objection on d… Simo Sorce
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Nico Williams
- Re: [kitten] Murray Kucherawy's No Objection on d… Russ Allbery
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Stephen Farrell
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Eliot Lear
- Re: [kitten] Murray Kucherawy's No Objection on d… Murray S. Kucherawy
- Re: [kitten] Murray Kucherawy's No Objection on d… Greg Hudson
- Re: [kitten] Murray Kucherawy's No Objection on d… Eliot Lear