Re: [mile] Adam Roach's Yes on draft-ietf-mile-xmpp-grid-09: (with COMMENT)

"Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com> Mon, 04 March 2019 21:46 UTC

Return-Path: <ncamwing@cisco.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C3BB1310EE; Mon, 4 Mar 2019 13:46:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=WYWcpZqb; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=CIgp9xDL
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id peqyD1udS2Qr; Mon, 4 Mar 2019 13:46:52 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 591031310D7; Mon, 4 Mar 2019 13:46:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4008; q=dns/txt; s=iport; t=1551736012; x=1552945612; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=clCvW0wob8c4WbzQF1SIs+4w0jwnYLbpD2jJx8MYdGI=; b=WYWcpZqb4ylxYl+DvH1Up7IhSzE3PMGXodOnFLNisWUwrLRYnLdcEvwj hAdVB824qJE3nRkk1MbeIJWGQvXDOeS0shUFDw3fcfx7a/yLhAvGfEb6+ CUdiuhjTwAYa7q24LeU+11mwmimgm00kQ0bJHvJWvsVo2pZnZyDz7LZXM 8=;
IronPort-PHdr: =?us-ascii?q?9a23=3AlXuljhF4VjNoD2KItVNUcp1GYnJ96bzpIg4Y7I?= =?us-ascii?q?YmgLtSc6Oluo7vJ1Hb+e4z1Q3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNV?= =?us-ascii?q?cejNkO2QkpAcqLE0r+efjhZiklHcJNfFRk5Hq8d0NSHZW2ag=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AcAABbnH1c/51dJa1lGwEBAQEDAQE?= =?us-ascii?q?BBwMBAQGBUwQBAQELAYE8UAOBXAQLJ4QIYoJlA49RgleYIYEkA1QLAQEsgUu?= =?us-ascii?q?CdQIXhA4iNgcNAQEDAQEDAQMCbRwMhUsBBAEjEQwBATcBDwIBCBoCJgICAjA?= =?us-ascii?q?VEAIEAQ0FgyKBXgMNCAGeIgKKFHGBL4J4AQEFhQIYggsIgQskAYsnF4F/gRE?= =?us-ascii?q?nH4JMhQGDCjGCJooRBIIFKpdCCQKSchmBdIViBYtHimSSIwIEAgQFAg0BAQW?= =?us-ascii?q?BTgMugVZwFWUBgkGCCgwXg0uKU3KBKI9tAQE?=
X-IronPort-AV: E=Sophos;i="5.58,441,1544486400"; d="scan'208";a="444104762"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Mar 2019 21:46:51 +0000
Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id x24Lkp3x027100 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 4 Mar 2019 21:46:51 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 4 Mar 2019 15:46:50 -0600
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 4 Mar 2019 15:46:49 -0600
Received: from NAM05-CO1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 4 Mar 2019 15:46:49 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=clCvW0wob8c4WbzQF1SIs+4w0jwnYLbpD2jJx8MYdGI=; b=CIgp9xDLxsjXfEe+0ZrFiQ/qHK7mB+e4p+caNwJvY47HI2vOiPdAdyOx/tWP1Aq4t3S24j36KECw78gMI5qw9vQd+vuVyp2lmYd2HFTNfeT5rIE19w/pt+C1tuI5tKvsSRYTwpaHJgk1m+offbHcQ8iUN0bjBUawEQTaetC3Iqc=
Received: from BN6PR11MB1732.namprd11.prod.outlook.com (10.175.99.7) by BN6PR11MB1681.namprd11.prod.outlook.com (10.173.26.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1665.19; Mon, 4 Mar 2019 21:46:46 +0000
Received: from BN6PR11MB1732.namprd11.prod.outlook.com ([fe80::3df6:de14:447c:4146]) by BN6PR11MB1732.namprd11.prod.outlook.com ([fe80::3df6:de14:447c:4146%3]) with mapi id 15.20.1665.019; Mon, 4 Mar 2019 21:46:46 +0000
From: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
To: Adam Roach <adam@nostrum.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-mile-xmpp-grid@ietf.org" <draft-ietf-mile-xmpp-grid@ietf.org>, "mile@ietf.org" <mile@ietf.org>, "mile-chairs@tools.ietf.org" <mile-chairs@tools.ietf.org>, Takeshi Takahashi <takeshi_takahashi@nict.go.jp>, "mile-chairs@ietf.org" <mile-chairs@ietf.org>
Thread-Topic: Adam Roach's Yes on draft-ietf-mile-xmpp-grid-09: (with COMMENT)
Thread-Index: AQHUsstVi3DOOnWxYUyMAJcXWzAq+KX7u9EA
Date: Mon, 4 Mar 2019 21:46:46 +0000
Message-ID: <68685FA9-E95E-44F5-A3E9-40B1232B39F9@cisco.com>
References: <154821394472.13183.12861367720316302572.idtracker@ietfa.amsl.com>
In-Reply-To: <154821394472.13183.12861367720316302572.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.7.190210
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ncamwing@cisco.com;
x-originating-ip: [2001:420:292:1260:1dfe:3a6c:3efe:7107]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c2ed7df1-9384-4f52-76e7-08d6a0eae646
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:BN6PR11MB1681;
x-ms-traffictypediagnostic: BN6PR11MB1681:
x-microsoft-exchange-diagnostics: =?utf-8?B?MTtCTjZQUjExTUIxNjgxOzIzOlNoZ3ArcDhYMllOTEhaZ0tGN3craDUyTFpZ?= =?utf-8?B?L2lidVQ5TTNQV056RjBNcUVma1Q1aTR5VUcrd3lwcmZEVUF4RDVwV1Q5eTlS?= =?utf-8?B?RjhjbEZZMG1OVis0T3hnWVNZNHlBL1ZIRXc3enkwTXN6eThMZU9aa2ZEM3Zl?= =?utf-8?B?NGt6WU1oK1hNeVYwb0d4eVhtSnBjN2JyQWdacFZ0YXozSkRpZDJMUG9GODR2?= =?utf-8?B?U3VMNml6QXIvRU5BVHpZa1krRFR0VmRicUVhREVCTEZmZHdRWHh2Qy9NL2Fy?= =?utf-8?B?bDZldEE4YlYvaUdaQWJkbHNOOFFhQjJ1RjRYVkt4bWp3enE3ZzllOTQrNGg5?= =?utf-8?B?bUhUaktxdGFKSU1EVnUwVHJmeHRIUjNORFRFWXp3L3VUNThGeGpieU5ZdUVj?= =?utf-8?B?R0d4UVhmQmxsN3lvQW41WE1XSjlQZkRMOW8vV3RxY2xGRUwvQkFNVkdGU0ZR?= =?utf-8?B?U1FXK2dUc2NIN3NrNnVjcTNla2R2Z2tVaVNmTDFvbHE2NFNCVFRrTWxDcUxZ?= =?utf-8?B?RExIb29waXZ1Mlh0c2hlZ1dJVG1YNkhDTnArd3NVVER5cForU0o0T0VXaWY1?= =?utf-8?B?VXcrUm41dlB4bk1xQzByczBJR1J3bkdZWTZyK2ZzNVFsdlYwTVF1cmV3aHVO?= =?utf-8?B?ZVFScTZ1ZFIvSEZOcndGa3lVUlQ2eWI3cVo4Yzh0OUJtYzFVbDBvcklPbzRE?= =?utf-8?B?cmZmWVp0V0lPS2l4RGx2dkgzOWRFQnk4OUN1QldKSGp0bFY5RXJtMkVMUDdK?= =?utf-8?B?cEM1dmhjUGJITExiQjZEZUdQblBKbFFQMDVSM3FrbVpwK25KMkRpT21tTERl?= =?utf-8?B?RE5UMmJ4VXFsKzZ6R2ZDSnlZR2NWMFJ3S0FNRGRjaXl6dTJWZkQvNGgrZitK?= =?utf-8?B?N3pGRUZJa3dmaTJoamQxK1hqVUVUQ09CaWIzanVVVTNvYWdlc1JUcVRDWnRz?= =?utf-8?B?dWgvUHlza1M3U2dSWHdOSVpkMHZ1WWdDMmJvazI4bE5vQU1Bb3p3YzhZY1Nh?= =?utf-8?B?QTFtS2R0UWdSWUllam5MWjg5T1ZBMWcrKzQ1QUxTQTNYMmc0elBmbG1ZMHl4?= =?utf-8?B?Ri9WQWp6anhDZDVKMDA0Y1daU0RESlZqV3hKaVplcFEwM3B1NDdlWEwwYURG?= =?utf-8?B?enBjcUJFWTYzMERBdkVNNnhJQmVyMTcySTlHOElyR3ZpWWgvcDJQRGZvYVMy?= =?utf-8?B?RGUvNjhpd0dyeHUwRHpzajZwSlY0UlBJWmltSGFMT3VxeEZDZktXMXZHcGU2?= =?utf-8?B?d3RpY1dJYzYwVEd3RWY1L2RZYUsxR1dFQTJSN3c5NzJvNXgxaXZrQzVMV1cw?= =?utf-8?B?RnVYN1B1aHVtUktxRGNkeFlHZ1hZc0xwS0Y3d0Q2NUNmbHZTbmJ4YXQ5OFFt?= =?utf-8?B?L3o2RHcxbzNBMnVUOXAxUEJKN2g0RllETURGSTVXNTJsZXhvWjd3S2xtTHVX?= =?utf-8?B?bjl3dWpSRFZVSkF3YWllVzBOR2ZvVjh1T0E1OE95K0dKYTBKbTJLbWtmZkFz?= =?utf-8?B?VkNkdjlEQUNqOG1GNEZpSVZ2eUFOSkpBQVlTSS9naEFxUkQvNmM3RmlsdXYz?= =?utf-8?B?QklnQVZVOEFacjk1RXowOERtSDc2Ny9WdGx1TnJiZEpxa0pBSDE4RTYrRWpj?= =?utf-8?B?eUt5d1dsSE40RXZ4YmxOSFdZN1B2OXNyeVJmV0Rlb0h0aDdJQ0ZOT01RPT0=?=
x-microsoft-antispam-prvs: <BN6PR11MB1681FDBB6111C661CB24984ED6710@BN6PR11MB1681.namprd11.prod.outlook.com>
x-forefront-prvs: 09669DB681
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(346002)(366004)(396003)(39860400002)(376002)(189003)(199004)(186003)(97736004)(81156014)(81166006)(6486002)(486006)(33656002)(14454004)(11346002)(446003)(25786009)(53936002)(83716004)(46003)(36756003)(6246003)(256004)(14444005)(71190400001)(76176011)(8936002)(6512007)(86362001)(6436002)(8676002)(99286004)(478600001)(316002)(102836004)(82746002)(6506007)(105586002)(54906003)(229853002)(6116002)(110136005)(106356001)(71200400001)(305945005)(2906002)(68736007)(2616005)(476003)(58126008)(4326008)(7736002)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR11MB1681; H:BN6PR11MB1732.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: uZdoeM5Bt2SYoAUfNc2y+paHzduj/GnUw1+wXgYTe2L51mv6WxhODEd7p6eTkC19giDUS1+yFNwHxQN7IrEviIpH9TkbO1IinNxYNVb3T3MRR5fJj3iE36VWW+G9SivvaSp0RkKWcbaSCK51ptm/WtF48JkQIjYhGZhYkKEgJVYmh4MbJ6YFZtxtbqD/AzPI5ZCvlizPR08wbCWt5yU2OKZ1joN+eINSQHbFJy1UUOesPFdi/ykQ5OoDCx+c8Ect/7uD1oqAsOsgDLvbbL9zp77PsdLFus5N4FpOSzvZxCxmFjN1yoJwBxb5GLerZ7KHXsnkA2wmiSD0YfkAuYBNzJzQEXfG6LwXNrZxZ3L8b0G1yAykcfCfunZKl7L6oeS64x7uWeuCTXAR0NVyhQX5jFE3/k5qaieQgD85sZi+MJg=
Content-Type: text/plain; charset="utf-8"
Content-ID: <54B0A0AB3100E64781E46A3772669259@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: c2ed7df1-9384-4f52-76e7-08d6a0eae646
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Mar 2019 21:46:46.4081 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB1681
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.13, xch-rcd-003.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/iLl2TyUyviiNfGj0SGYxxL0pQms>
Subject: Re: [mile] Adam Roach's Yes on draft-ietf-mile-xmpp-grid-09: (with COMMENT)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2019 21:46:55 -0000

Thank you for the comments Adam, please see further below:

On 1/22/19, 19:25, "Adam Roach" <adam@nostrum.com>; wrote:

    Adam Roach has entered the following ballot position for
    draft-ietf-mile-xmpp-grid-09: Yes
    
    ----------------------------------------------------------------------
    COMMENT:
    ----------------------------------------------------------------------
    
    Thanks for such a well-written and clear document. I particularly liked the
    extensive and methodical security analysis. I have two substantive comments
    about the mechanism that I'd like to have a conversation about prior to moving
    towards publication. I am balloting "yes" in anticipation of coming to an
    understanding around these two topics.
    
    ---------------------------------------------------------------------------
    
    §6:
    
    >  (The payload in the foregoing example is from [RFC7970]; payloads for
    >  additional use cases can be found in [RFC8274].)
    
    This format appears to be only exemplary, rather than a requirement of the
    mechanism. At the same time, these formats appear to be oriented toward
    automatic processing. The presence of a schema indication in the top-level
    element of the report does at least allow distinction between different report
    formats, but that doesn't allow software to handle a schema that it doesn't
    otherwise understand. How does a subscriber know which topics have schema
    that they can handle?
[NCW] In the implementations (of subscribers) we have seen, they typically are looking for
Schemas they already understand.  That is, when it does the capability discovery, it is looking to match namespaces it knows about and ignores the ones it doesn't.
    
    §9:
    
    >  Another consideration for deployers is to enable end-to-end
    >  encryption to ensure the data is protected from the data layer to
    >  data layer and thus protect it from the transport layer.
    
    It's not clear what implementors are expected to do with this recommendation.
    Options presumably include RFC 3923, XEP-0380, XEP-0373, XEP-0364, XEP-0027, or
    maybe something I'm not aware of. I note that the XEPs I mention are
    Historical, Obsolete, Experimental, and Deferred, none of which seem appropriate
    for use. And it's my understanding that XMPP implementors are... to put it very
    mildly, not enthusiastic about RFC 3923.
    
    If I've missed an appropriate mechanism, please cite it as an example of how the
    recommendation can be implemented. If not, please add text indicating that a
    means for end-to-end encryption is a matter for future study.
        [NCW] Thanks for pointing this out. We added the following sentence in Section 9 -
        The means to achieve end-to-end encryption is beyond the scope of this document.