Re: [mile] Adam Roach's Yes on draft-ietf-mile-xmpp-grid-09: (with COMMENT)

Peter Saint-Andre <stpeter@mozilla.com> Tue, 05 March 2019 02:49 UTC

Return-Path: <stpeter@mozilla.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95913130EF7 for <mile@ietfa.amsl.com>; Mon, 4 Mar 2019 18:49:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mozilla.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fsYPFclpQ4Eh for <mile@ietfa.amsl.com>; Mon, 4 Mar 2019 18:49:46 -0800 (PST)
Received: from mail-it1-x132.google.com (mail-it1-x132.google.com [IPv6:2607:f8b0:4864:20::132]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 217461310D9 for <mile@ietf.org>; Mon, 4 Mar 2019 18:49:43 -0800 (PST)
Received: by mail-it1-x132.google.com with SMTP id m137so2073764ita.0 for <mile@ietf.org>; Mon, 04 Mar 2019 18:49:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mozilla.com; s=google; h=subject:to:cc:references:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=GNzpVfWYq280z2DbIQRA/BGLMZtp37z5fc5v/3Kj6Vk=; b=QrkEkGhFcIDADfz9AwBWrJ8UukVTaasEC96dG5s6q6xAkOI7j5B94bcpOb/7iofg2j uuvK7DwceAH6jICB+bgI5enrIB7SOw6tIle2K97lW6VW26FcUKpb9naYZy8aGlM7lApL OykLHY3kFY+vM3QP97SSbBj2iB6Wb9aElTGu4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=GNzpVfWYq280z2DbIQRA/BGLMZtp37z5fc5v/3Kj6Vk=; b=tCbxJG8EB9ccGmWDIzFz4/99gNB5y5MzniIN9JXt+nZHMfsMFTj+sJ3sJnwSxOYqsC YuBdrtCA3phRuCciXO8qkkMSMDOdwPvGFB/WN+v8mquVdjv/fUq6TxifebtAbZRRHed/ R3SqgnVwIxreNZC+V7VL1BIc+7pr/o+nuExka0tyL1S2mT1ssR5xJZr17fGXMfa6P3Il Sm7NAcLJThFg5mCmGgws79syGzM3bmqL+swJXFhadB6Zxi72nvaeGQoWk4kWSSfaiqz/ 7lwxBPgHpPUsGscSON17sPPrGxAK0xSCKQk8dvDfWStoOwZ+lHpPysXrZfLcVMS5WgzN +HrA==
X-Gm-Message-State: APjAAAWb2KBXblqB26/ZVGfPqxUa6e+eG/gN8Wx3eaeO7Wgxw6JNlzqL 6x32IuCe3sWUHB3DdxOGMCdnXA==
X-Google-Smtp-Source: APXvYqyP1K8g8wDrnE35LG/TAZgKkPG506iBv47FAOObuABExlOaeQJducUFJP1Uji9TsYwiWBtMLA==
X-Received: by 2002:a24:b90d:: with SMTP id w13mr1398101ite.45.1551754182135; Mon, 04 Mar 2019 18:49:42 -0800 (PST)
Received: from dragon.local ([76.25.3.152]) by smtp.gmail.com with ESMTPSA id r17sm4127714ita.31.2019.03.04.18.49.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 04 Mar 2019 18:49:41 -0800 (PST)
To: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, Adam Roach <adam@nostrum.com>, The IESG <iesg@ietf.org>
Cc: "draft-ietf-mile-xmpp-grid@ietf.org" <draft-ietf-mile-xmpp-grid@ietf.org>, "mile@ietf.org" <mile@ietf.org>, "mile-chairs@tools.ietf.org" <mile-chairs@tools.ietf.org>, Takeshi Takahashi <takeshi_takahashi@nict.go.jp>, "mile-chairs@ietf.org" <mile-chairs@ietf.org>
References: <154821394472.13183.12861367720316302572.idtracker@ietfa.amsl.com> <68685FA9-E95E-44F5-A3E9-40B1232B39F9@cisco.com>
From: Peter Saint-Andre <stpeter@mozilla.com>
Openpgp: preference=signencrypt
Autocrypt: addr=stpeter@mozilla.com; prefer-encrypt=mutual; keydata= mQINBFonEf4BEADvZ+RGsJoOyZaw2rKedB9pBb2nNXVGgymNS9+FAL/9SsfcrKaGYSiWEz7P Lvc97hWH3LACFAHvnzoktv+4IWHjItvhdi9kUQ3Gcbahe55OcdZuSXXH3w5cHF0rKz9aYRpN jENqXM5dA8x4zIymJraqYvHlFsuuPB8rcRIV9SKsvcy14w9iRqu770NjXfE/aIsyRwwmTPiU FQ0fOSDPA/x2DLjed/GYHem90C5vF4Er9InMqH5KAMLnjIYZ9DbPx5c5EME4zW/d648HOvPB bm+roZs4JTHBhjlrTtzDDpMcxHq1e8YPvSdDLPvgFXDcTD4+ztkdO5rvDkbc61QFcLlidU8H 3KBiOVMA/5Rgl4lcWZzGfJBnwvSrKVPsxzpuCYDg01Y/7TH4AuVkv5Na6jKymJegjxEuJUNw CBzAhxOb0H9dXROkvxnRdYS9f0slcNDBrq/9h9dIBOqLhoIvhu+Bhz6L/NP5VunQWsEleGaO 3gxGh9PP/LMyjweDjPz74+7pbyOW0b5VnIDFcvCTJKP0sBJjRU/uqmQ25ckozuYrml0kqVGp EfxhSKVqCFoAS4Q7ux99yT4re2X1kmlHh3xntzmOaRpcZsS8mJEnVyhJZBMOhqE280m80ZbS CYghd2K0EIuRbexd+lfdjZ+t8ROMMdW5L51CJVigF0anyYTcAwARAQABtCdQZXRlciBTYWlu dC1BbmRyZSA8c3RwZXRlckBtb3ppbGxhLmNvbT6JAlQEEwEIAD4WIQQ1VSPTuPTvyWCdvvRl YYwYf2gUqQUCWicR/gIbIwUJCWYBgAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBlYYwY f2gUqdaREAChG8qU1853mP0sv2Mersns8TLG1ztgoKHvMXFlMUpNz6Oi6CjjaMNFhP7eUY4T D43+yQs7f4qCkOAPWuuqO8FbNWQ+yUoVkqF8NUrrVkZUlZ1VZBMQHNlaEwwu1CGoHsLoRohP SiZ0hpmGTWB3V6cDDK4KN6nl610WJbzE9LeKY1AxtePdJi2KM281U0Fz8ntij1jWu0gF2xU4 Sez46JDogHLWKgd0srauhcCVzZjAhiWrXp1+ryzSWYaZO8Kh8SnF1f4o6jtYikMqkxUaI5nX wvD3kNX4AMSkCAZfG7Jcfj/SLDojTcREgO87g7B9bcOOsHN4lj3lHoFV0aXpgPmjfIvAjJHu fHkXZAQAH8w0u9bgJqRn703+A4NPfLopnjegyhlNi7fQ3cMQV1H7Oj7WrB/pCcprx+1u/6Uq oTtDwWh1U5uVthVAI0QojpNWR08zABDX19TlGtVoeygaQV3CAEolxTiYQtCfVavUzUplCZ/t 3v4YiRov+NylflJd+1akyOs1IAgARf444BnoH1fotkpfXNOpp9wUXXwsQcFRdP7vpMkSCkc0 sxPNTVX3ei0QImp4NsrFdaep7LV3zEb3wkAp6KE5Qno4hVVEypULbvB0G6twNZbeRfcs2Rjp jnPb2fofvg2WhAKB20dnRfIfK8OKTD/P+JDcauJANjmekLkCDQRaJxH+ARAApPwkbOTChAQu jMvteb/xcwuL5JZElmLxIqvJhqybV7JknM+3ATyN0CTYQFvPTgIrhpk4zSn0A6pEePdK8mKK 5/aHyd7pr7rLEi1sI/X3UE8ld/E83MExksKrYbs0UX1wSQwYXU6g64KicnuP2Abqg+8wrQ18 1nPcZci9jJI75XVPnTdUpZD5aaQWGp7IJ06NTbiOk30I50ORfulgKoe4m3UfsMALFxIx3pJk oy76xC2tjxYGf+4Uq1M0iK3Wy655GrcwXq/5ieODNUcAZzvK5hsUVRodBq0Lq3g1ivQF4ba7 RQayDzlW6XgoeU49xnCr9XdZYnTnj4iaPmr2NtY6AacBwRz+bJsyugeSyGgHsnVGyUSMk8YN wZHvUykMjH21LLzIUX5NFlcumLUXDOECELCJwewui4W81sI5Sq/WDJet+iJwwylUX22TSulG VwDS+j66TLZpk1hEwPanGLwFBSosafqSNBMDVWegKWvZZVyoNHIaaQbrTIoAwuAGvdVncSQz ttC6KkaFlAtlZt3+eUFWlMUOQ9jxQKTWymyliWKrx+S6O1cr4hwVRbg7RQkpfA8E2Loa13oO vRSQy/M2YBRZzRecTKY6nslJo6FWTftpGO7cNcvbmQ6I++5cBG1B1eNy2RFGJUzGh1vlYo51 pdfSg0U1oPHBPCHNvPYCJ7UAEQEAAYkCPAQYAQgAJhYhBDVVI9O49O/JYJ2+9GVhjBh/aBSp BQJaJxH+AhsMBQkJZgGAAAoJEGVhjBh/aBSpAw0P/1tEcEaZUO1uLenNtqysi3mQ6qAHYALR Df3p2z/RBKRVx0DJlzDfDvJ2R/GRwoo+vyCviecuG2RNKmJbf1vSm/QTtbQMUjwut9mx6KCY CyKwniqdhaMBmjCfV2DB2MxxZLYMtDfx/2mY7vzAci7AkjC+RkSUByMEOkyscUydKC/ETdf9 tvI8GhTY/8Q7JSylS3lQA5pMUHiIf+KpSmqKZeBPkGc7nSKM1w1UKUvFAsyyVsiG6A/hWrTr 7tTQAl7YfjtOGE8n4IKGktvrT99bbh9wdWKZ5FdHUN9hx2Q8VP8+0lR1CH2laVFbEwCOv1vM W4cgQDLxwwpo1iOTdHBVtQDxlQ9hPMKVlB1KP9KjchxuiLc24wLmCjP3pDMml4LQxOYB34Eq cgPZ3uHvJZG309sb2wTMTWaXobWNI++ZrsRD5GTmuzF3kkx3krtrq6HI5NSaemxK6MTDTjDN Rj/OwTl0yU35eJXuuryB20GFOSUsxiw00I2hMGQ1Cy9L/+IW6Dvotd8O3LmKh2tFArzXaKLx /rZyGNurS/Go5YjHp8wdJOs7Ka2p1U31js24PMWO6hf6hIiY2WRUsnE6xZNhvBTgKOY6u0KT V6hTevFqEw7OAZDCWUoE2Ob2/oHGZCCMW5SLAMgp7eihF0kGf2S2CmpIFYXGb61hAD8SqSY7 Fn7V
Message-ID: <23702f1e-27f2-f06b-1f3e-c85a764e9671@mozilla.com>
Date: Mon, 4 Mar 2019 19:49:40 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.5.1
MIME-Version: 1.0
In-Reply-To: <68685FA9-E95E-44F5-A3E9-40B1232B39F9@cisco.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/Vc4meII56Vo69BCkqDWs0iOohbo>
Subject: Re: [mile] Adam Roach's Yes on draft-ietf-mile-xmpp-grid-09: (with COMMENT)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2019 02:49:47 -0000

A few amplifications inline.

On 3/4/19 2:46 PM, Nancy Cam-Winget (ncamwing) wrote:
> Thank you for the comments Adam, please see further below:
> 
> On 1/22/19, 19:25, "Adam Roach" <adam@nostrum.com>; wrote:
> 
>     Adam Roach has entered the following ballot position for
>     draft-ietf-mile-xmpp-grid-09: Yes
>     
>     ----------------------------------------------------------------------
>     COMMENT:
>     ----------------------------------------------------------------------
>     
>     Thanks for such a well-written and clear document. I particularly liked the
>     extensive and methodical security analysis. I have two substantive comments
>     about the mechanism that I'd like to have a conversation about prior to moving
>     towards publication. I am balloting "yes" in anticipation of coming to an
>     understanding around these two topics.
>     
>     ---------------------------------------------------------------------------
>     
>     §6:
>     
>     >  (The payload in the foregoing example is from [RFC7970]; payloads for
>     >  additional use cases can be found in [RFC8274].)
>     
>     This format appears to be only exemplary, rather than a requirement of the
>     mechanism. At the same time, these formats appear to be oriented toward
>     automatic processing. The presence of a schema indication in the top-level
>     element of the report does at least allow distinction between different report
>     formats, but that doesn't allow software to handle a schema that it doesn't
>     otherwise understand. How does a subscriber know which topics have schema
>     that they can handle?
> [NCW] In the implementations (of subscribers) we have seen, they typically are looking for
> Schemas they already understand.  That is, when it does the capability discovery, it is looking to match namespaces it knows about and ignores the ones it doesn't.

Even more specifically, the service discovery information result
returned by the Broker will contain a field such as the following:

       <field var='pubsub#type' label='Payload type' type='text-single'>
        <value>urn:ietf:params:xml:ns:iodef-2.0</value>
       </field>

It's true that discovering the Topics that support the desired
namespaces thus requires a bit of work by the Platforms, but that
information can be cached locally once discovered.

>     §9:
>     
>     >  Another consideration for deployers is to enable end-to-end
>     >  encryption to ensure the data is protected from the data layer to
>     >  data layer and thus protect it from the transport layer.
>     
>     It's not clear what implementors are expected to do with this recommendation.
>     Options presumably include RFC 3923, XEP-0380, XEP-0373, XEP-0364, XEP-0027, or
>     maybe something I'm not aware of. I note that the XEPs I mention are
>     Historical, Obsolete, Experimental, and Deferred, none of which seem appropriate
>     for use. And it's my understanding that XMPP implementors are... to put it very
>     mildly, not enthusiastic about RFC 3923.
>     
>     If I've missed an appropriate mechanism, please cite it as an example of how the
>     recommendation can be implemented. If not, please add text indicating that a
>     means for end-to-end encryption is a matter for future study.
>         [NCW] Thanks for pointing this out. We added the following sentence in Section 9 -
>         The means to achieve end-to-end encryption is beyond the scope of this document.

See also my reply to the secdir review earlier this evening, in which I
noted:

  We should make it clearer in the document that the XMPP-Grid is not
  intended to be an open system that any arbitrary entity can join;
  instead, it is a private network (not connected to the public XMPP
  network) to which only authorized entities are allowed access.

Peter