[mile] Adam Roach's Yes on draft-ietf-mile-xmpp-grid-09: (with COMMENT)
Adam Roach <adam@nostrum.com> Wed, 23 January 2019 03:25 UTC
Return-Path: <adam@nostrum.com>
X-Original-To: mile@ietf.org
Delivered-To: mile@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B4748130DFA; Tue, 22 Jan 2019 19:25:44 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Adam Roach <adam@nostrum.com>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-mile-xmpp-grid@ietf.org, mile@ietf.org, mile-chairs@tools.ietf.org, Takeshi Takahashi <takeshi_takahashi@nict.go.jp>, mile-chairs@ietf.org, takeshi_takahashi@nict.go.jp, mile@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.90.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <154821394472.13183.12861367720316302572.idtracker@ietfa.amsl.com>
Date: Tue, 22 Jan 2019 19:25:44 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/frTpZCMnA-FWmxcn5K4bzcsL5CE>
Subject: [mile] Adam Roach's Yes on draft-ietf-mile-xmpp-grid-09: (with COMMENT)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Jan 2019 03:25:45 -0000
Adam Roach has entered the following ballot position for draft-ietf-mile-xmpp-grid-09: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-mile-xmpp-grid/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for such a well-written and clear document. I particularly liked the extensive and methodical security analysis. I have two substantive comments about the mechanism that I'd like to have a conversation about prior to moving towards publication. I am balloting "yes" in anticipation of coming to an understanding around these two topics. --------------------------------------------------------------------------- §6: > (The payload in the foregoing example is from [RFC7970]; payloads for > additional use cases can be found in [RFC8274].) This format appears to be only exemplary, rather than a requirement of the mechanism. At the same time, these formats appear to be oriented toward automatic processing. The presence of a schema indication in the top-level element of the report does at least allow distinction between different report formats, but that doesn't allow software to handle a schema that it doesn't otherwise understand. How does a subscriber know which topics have schema that they can handle? --------------------------------------------------------------------------- §9: > Another consideration for deployers is to enable end-to-end > encryption to ensure the data is protected from the data layer to > data layer and thus protect it from the transport layer. It's not clear what implementors are expected to do with this recommendation. Options presumably include RFC 3923, XEP-0380, XEP-0373, XEP-0364, XEP-0027, or maybe something I'm not aware of. I note that the XEPs I mention are Historical, Obsolete, Experimental, and Deferred, none of which seem appropriate for use. And it's my understanding that XMPP implementors are... to put it very mildly, not enthusiastic about RFC 3923. If I've missed an appropriate mechanism, please cite it as an example of how the recommendation can be implemented. If not, please add text indicating that a means for end-to-end encryption is a matter for future study.
- [mile] Adam Roach's Yes on draft-ietf-mile-xmpp-g… Adam Roach
- Re: [mile] Adam Roach's Yes on draft-ietf-mile-xm… Nancy Cam-Winget (ncamwing)
- Re: [mile] Adam Roach's Yes on draft-ietf-mile-xm… Peter Saint-Andre