Re: [mile] Ben Campbell's Discuss on draft-ietf-mile-rolie-11: (with DISCUSS and COMMENT)
"Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov> Thu, 26 October 2017 15:06 UTC
Return-Path: <stephen.banghart@nist.gov>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91C541389E1; Thu, 26 Oct 2017 08:06:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id figPdEDVG2WB; Thu, 26 Oct 2017 08:06:06 -0700 (PDT)
Received: from gcc01-CY1-obe.outbound.protection.outlook.com (mail-cy1gcc01on0131.outbound.protection.outlook.com [23.103.200.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1ABC013F5AC; Thu, 26 Oct 2017 08:06:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=d8ZM87fqp8sVuua3d6r3uwjjCatQ4jKodsSQ7UZbgxc=; b=B35e9Kl6C7MDYjQnViTxV0XNwiykgyHuVFgGafWQEexdUxYtPhB/zhRAjEwYPXOa/eTT5LMBIrxKB+DRn8rUbj2im1nJsZ4fRI6Msjmz1FbDt/6bEODuOk8+NoErtzgpGa5HemKcBRv8aQ2pNKUnRTwaXYHBa6xlLxi1MjmaXTk=
Received: from MWHPR09MB1197.namprd09.prod.outlook.com (10.172.49.143) by MWHPR09MB1197.namprd09.prod.outlook.com (10.172.49.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.178.6; Thu, 26 Oct 2017 15:06:02 +0000
Received: from MWHPR09MB1197.namprd09.prod.outlook.com ([10.172.49.143]) by MWHPR09MB1197.namprd09.prod.outlook.com ([10.172.49.143]) with mapi id 15.20.0178.007; Thu, 26 Oct 2017 15:06:02 +0000
From: "Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov>
To: Ben Campbell <ben@nostrum.com>
CC: "ncamwing@cisco.com" <ncamwing@cisco.com>, "mile-chairs@tools.ietf.org" <mile-chairs@tools.ietf.org>, "mile@ietf.org" <mile@ietf.org>, The IESG <iesg@ietf.org>, "mile-chairs@ietf.org" <mile-chairs@ietf.org>, "draft-ietf-mile-rolie@ietf.org" <draft-ietf-mile-rolie@ietf.org>
Thread-Topic: Ben Campbell's Discuss on draft-ietf-mile-rolie-11: (with DISCUSS and COMMENT)
Thread-Index: AQHTTTZ/ZRssFCkRtU+t66d26L/EEaL051UggACVEgCAAL2M4A==
Date: Thu, 26 Oct 2017 15:06:02 +0000
Message-ID: <MWHPR09MB11977DA603F52B887046B52DF0450@MWHPR09MB1197.namprd09.prod.outlook.com>
References: <150889744468.4711.7690332098961761471.idtracker@ietfa.amsl.com> <CY4PR09MB119218B4E18381F1169C5EC9F0440@CY4PR09MB1192.namprd09.prod.outlook.com> <B30C97B0-9A68-4EC7-A29E-E68D1C0DBA69@nostrum.com>
In-Reply-To: <B30C97B0-9A68-4EC7-A29E-E68D1C0DBA69@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=stephen.banghart@nist.gov;
x-originating-ip: [129.6.251.1]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR09MB1197; 6:vVEtVDUkFZ9T6d+ENHrQUqV6utVKetUOF2Z5m7HLZRTazZwT5uX+UWdPhvR8dDny0XB8hVxjJ1wvFEo1b9qe5bYPHhffDvNx+3dcQf6Tc4IA/yZF/1phHbgpHJWfOeGsBWJDe3ykml3Ssf2gGeNAuXWtRke8xj674bUl4JAasv9h7fRS3GbM/lMhSiWslkGalSdP//w1Tv5ESl+5eTZ3nR0zA2/eRYxC86PwG31PXvTY6GUIvYt6RgB8VPCQR8QUIgLiCPSqFNBvqtgsR03Sx3Nv7EWYE5gPyCMUeSuK0CRk/1tRlCEjTJ6QqgGIvPcf26RjCKg6JorxoY5AjZrxEG6FB/2lu1QAKI7fclqZEpQ=; 5:Eqse7FKmQpig3Lzd1Gt2efc68ykD0kjH44KTBhP0ksZJA09N7su0C2n+H3vrz6+YqndOXOP+/i4apO0B5EQZOk+RVF3wtJ0BLzRSX+zJ2w0vyQxMaItgg3MtAB7UEJMEgXBkjAHepPWVWk5kkxjZLjRzDseVacGuSHmyp9GLqQ0=; 24:rDn0PGO6zKz3ngpJA9D6idsTw0D3UWO887iXMaahSsX6+aAZFRRusCzWQWzKb1oCEQ5Fbz8Sv3nUoksdcAeVKyh7Z85EcTxuh4MwZBXYWFg=; 7:AbkHX1sqVxg6Oe83JvB/N5O1GOtYxmueQB/edRy1j0zo/BByxFiC1AfxSfLhjkCVEq6P4O1Ya6WBLC4hLMIv25bsOALvueodacPCj9GPrHwdVs+hTOe1SO5LwjIcDKpaQXo9rbiKAwbI8ab3pDUK5zsBRRZsp7A7zqHCwyE6zsGEi4sQX1te/FFahlD5R7/N739E0NqKdmEKv1+bjNfKPX/oSA80CdzmrPcI4JawwjtMtatNwMiKuLf9V6NZ7bMB
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 36425a48-e8e4-4c8c-b8d3-08d51c8312cb
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(2017052603238); SRVR:MWHPR09MB1197;
x-ms-traffictypediagnostic: MWHPR09MB1197:
x-exchange-antispam-report-test: UriScan:(65766998875637)(192374486261705)(131327999870524)(150554046322364)(95692535739014)(1591387915157);
x-microsoft-antispam-prvs: <MWHPR09MB119723C85CFA585C8CA0BA5CF0450@MWHPR09MB1197.namprd09.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(10201501046)(100000703101)(100105400095)(93006095)(93001095)(3002001)(3231020)(6055026)(6041248)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123555025)(20161123564025)(20161123560025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:MWHPR09MB1197; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:MWHPR09MB1197;
x-forefront-prvs: 04724A515E
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(346002)(376002)(39860400002)(3905003)(24454002)(199003)(189002)(13464003)(51914003)(3660700001)(54906003)(229853002)(189998001)(86362001)(6916009)(53936002)(2950100002)(316002)(14454004)(6246003)(230783001)(2900100001)(105586002)(478600001)(966005)(7696004)(45080400002)(76176999)(50986999)(54356999)(33656002)(5660300001)(106356001)(101416001)(74316002)(6306002)(66066001)(4326008)(81166006)(53386004)(8936002)(81156014)(8676002)(7736002)(305945005)(53546010)(3280700002)(9686003)(25786009)(2906002)(55016002)(6436002)(99286003)(68736007)(6116002)(3846002)(77096006)(97736004)(6506006)(102836003); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR09MB1197; H:MWHPR09MB1197.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: 36425a48-e8e4-4c8c-b8d3-08d51c8312cb
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Oct 2017 15:06:02.1771 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR09MB1197
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/tr_pqbG7bHsUL4Kvij3OdWw2CuI>
Subject: Re: [mile] Ben Campbell's Discuss on draft-ietf-mile-rolie-11: (with DISCUSS and COMMENT)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 15:06:09 -0000
Ben, My responses are inline. Thanks, Stephen > -----Original Message----- > From: Ben Campbell [mailto:ben@nostrum.com] > Sent: Wednesday, October 25, 2017 11:35 PM > To: Banghart, Stephen A. (Fed) <stephen.banghart@nist.gov> > Cc: ncamwing@cisco.com; mile-chairs@tools.ietf.org; mile@ietf.org; The > IESG <iesg@ietf.org>; mile-chairs@ietf.org; draft-ietf-mile-rolie@ietf.org > Subject: Re: Ben Campbell's Discuss on draft-ietf-mile-rolie-11: (with DISCUSS > and COMMENT) > > Thanks for the response. Comments also inline: > > > On Oct 25, 2017, at 3:10 PM, Banghart, Stephen A. (Fed) > <stephen.banghart@nist.gov> wrote: > > > > Ben, > > > > Thanks for the review, I've put my comments/changes inline. > > > > Thanks, > > Stephen > > > >> -----Original Message----- > >> From: Ben Campbell [mailto:ben@nostrum.com] > >> Sent: Tuesday, October 24, 2017 10:11 PM > >> To: The IESG <iesg@ietf.org> > >> Cc: draft-ietf-mile-rolie@ietf.org; mile@ietf.org; > >> mile-chairs@tools.ietf.org; Nancy Cam-Winget <ncamwing@cisco.com>; > >> mile-chairs@ietf.org; ncamwing@cisco.com; mile@ietf.org > >> Subject: Ben Campbell's Discuss on draft-ietf-mile-rolie-11: (with > >> DISCUSS and COMMENT) > >> > > […] > > >> > >> --------------------------------------------------------------------- > >> - > >> DISCUSS: > >> --------------------------------------------------------------------- > >> - > >> > >> -5.1.3: > >> > >> I don't think Martin's ART-ART review concern (and Mark's support) > >> about the .well-known URL registration has been fully resolved. While > >> version 11 removed some of the well-known registrations, it still > >> leaves the one. Mark pointed out that RFC 5785 offers explicit > >> guidance that .well-known URLs are intended to offer site-wide policy > >> or metadata, and are not intended for general information retrieval, > >> or to establish a namespace. This usage seems to me to be exactly the > sort of thing that the RFC advises against. > >> > >> I recognize that security information is important, but I don't > >> understand why it's discovery needs to be fundamentally different > >> than for other stuff on using ATOM. I'm willing to be convinced, but > >> if there's been a convincing argument so far I've missed it. > > > > I replied to Martin's concern on this issue in an earlier e-mail and I > > think we've reached agreement on the justification for the well-known > > registration > > (https://mailarchive.ietf.org/arch/msg/mile/gbG5nC8Oh4q76P-0dXHwM- > ztMP > > Y) > > > > ROLIE is largely intended to be handled by automated systems that cannot > reliably locate links given by front-facing sites. In these cases, the ROLIE > clients need a reliable way of finding a ROLIE repository hosted by a given > server. The well-known registration provides a standardized place for the > head of the ROLIE repository to be retrieved, making it possible for an > automated system to function when only given a host name and port. > > > > We've added the following additional justification text to the specification > to help clarify our reasoning. > > > > "ROLIE repositories are largely intended to be consumed by automated > systems. While humans may be able to navigate a web page or receive an > email to find a link to the repository, automated systems struggle with such > tasks. By creating a standardized location for the Service Document, ROLIE > clients need only a host name and port in order to locate a ROLIE repository. > This lower barrier to entry reduces the amount of human intervention > required for ROLIE clients to begin reading Feeds.” > > It’s not clear to me why its substantially easier to learn name and port than it > is to learn a URL. As Adam pointed out in his separate DISCUSS, there’s no > discovery mechanism (yet) for the hostname and port—that is, someone will > have to tell that automated system what name and port to use. Adam also > pointed out that there are potential design paths (e.g. NAPTR) for discovery > mechanisms that would give you a URL. > > .well-known URLs are intended for when no other discovery mechanisms > make sense. We are considering the use case where a vendor wants to provide security automation information through ROLIE, such as public disclose of vulnerabilities, or software metadata. Potential consumers know the hostname and port of the vendor already, but need to know where to find the ROLIE repository. In this case, providing a tool with a hostname and port is substantially easier than tracking down a ROLIE Service Document URL. For example, if I want to have my ROLIE client tool check to see if Microsoft is hosting a ROLIE repository, I need only to provide it with "http://microsoft.com" and it'll do the rest. Additionally, we feel that a well-known registration will be needed for a full discovery system, and as such, this is laying the foundation for that work in the future. > > > > We've dropped the well-known registration for the Category Document, as > it is locatable from the Service Document where applicable. > > > > > >> I'm not sure what to make of the second paragraph. It says DNS SRV > >> can be used to determine the host and port. Is the expectation that > >> people can just do that without further specification, or that > >> someone could specify it in the future? > >> The former is generally not true. If the intent is the latter, please > >> clarify that in the text. > > > > The intent was the latter. I've changed the end of that paragraph to further > clarify as follows: > > > > "Use of a mechanism such as DNS SRV Records can provide a secure and > reliable discovery mechanism for determining a specific host and port to use > for retrieving a Service Document for a given DNS domain. This is a feature > that may be standardized in the future.” > > That would resolve my concern. > > > > >> > >> --------------------------------------------------------------------- > >> - > >> COMMENT: > >> --------------------------------------------------------------------- > >> - > >> > >> Substantive: > >> > >> -2: There are a number of lower case versions of 2119 keywords. If > >> those are intentional, please use the updated boilerplate from RFC > >> 8174. That being said, the following paragraph says the keywords are used > for conformance. > >> 2219/8174 keywords are not about conformance. They are about > >> interoperability. If you want to use them for conformance, that's > >> okay--but that means they are no longer being used as intended by > >> 2119, and the boilerplate should be adjusted accordingly. > > > > The lower case keywords are intentional. We've switched the boilerplate > text to the updated 8174 version. > > Okay. > > > > >> -3.2: I'm confused by the idea the schema is informative. I expect > >> that at least some implementors will implement to the schema. We > >> have a perennial problem where implementors implement the examples > >> rather than the text. It seems like a non-normative schema is even > >> more of an attractive hazard in that regard. > > > > We found that available schema languages cannot express the same > complexities we could express in text. There are difficult conditional > requirements that are poorly expressed in schemas but can be fit into a neat > sentence. In order to support the places where we do that, we decided that > making the text normative was the only way to ensure that the > requirements were expressed clearly. > > > > Additionally, Atom Syndication and the Atom Publishing Protocol both > specify that the text is normative, not the included schemas. By making the > schema informative, we are keeping with this practice. > > Do you believe an implementer could reasonably code this just from the text > without looking at the schema? > > The problem of needing additional constraints over what can be expressed in > a formal language, whether that’s a schema, ABNF, etc, is common. It’s > typical to still consider the normative definition to include both the formal > definition and those additional constraints. Given that an implementer would need to carefully read the plain text in either case, we feel that using the most expressive option for the normative requirement is the best way of doing it. Having written an implementation of Atom Pub (Which uses normative plain text) and of ROLIE, I wish I could just copy and paste some schema and be done, but given that it isn’t possible, using the plain text to implement wasn't bad. > > > >> -5.4, 2nd paragraph: This seems like an odd thing to state > >> normatively. It seems to push for a specific organizational model for > >> consortiums. It's reasonable to offer guidance, but I think > >> consortiums are going to do whatever they want here. > > > > Reworded this paragraph into a non-normative recommendation. > > Okay. > > > > >> -8.3: What is the registration policy for the top level registry? > > > > There was some misleading text that discussed a registry that we didn't > intend to be created. We've fixed the text to make it clear that there is only > one registry being defined (ROLIE URN Parameters) in this section. The > updated text is provided here: > > > > "A new top-level registry has been created, entitled "Resource > > Oriented Lightweight Information Exchange (ROLIE) URN Parameters". [TO > > BE REMOVED: This registration should take place at the following > > location: https://www.iana.org/assignments/rolie] > > > > Registration in the ROLIE URN Parameters registry is via the Specification > Required policy . Designated Expert reviews should be routed through the > MILE WG mailing list. Failing this, the Designated Expert will be assigned by > the IESG.” > > > > Okay, that works for moe. > > >> -10: "Overall, ROLIE introduces few privacy concerns above and beyond > >> those > >> present in any other HTTP protocol. " I'm skeptical that that is > >> true. Security information seems likely to be privacy sensitive, > >> especially compared to some notional "generic" HTTP based protocol. > > > > We've rewritten this last paragraph to provide more clear details around > privacy concerns in ROLIE. The updated text is provided here: > > > > "Overall, privacy concerns in ROLIE can be mitigated by following security > considerations and careful use of the optional personally identifying > elements (e.g., author) provided by Atom Syndication and ROLIE.” > > Okay. > > [Your responses to my editorial comments all look good.] > > Thanks! > > Ben.
- [mile] Ben Campbell's Discuss on draft-ietf-mile-… Ben Campbell
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Banghart, Stephen A. (Fed)
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Ben Campbell
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Banghart, Stephen A. (Fed)
- Re: [mile] Ben Campbell's Discuss on draft-ietf-m… Ben Campbell