Re: [netmod] Genart last call review of draft-ietf-netmod-module-tags-06

Benjamin Kaduk <kaduk@mit.edu> Fri, 08 March 2019 20:26 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2CBE1277CE; Fri, 8 Mar 2019 12:26:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EJbm7p0KwxBq; Fri, 8 Mar 2019 12:26:53 -0800 (PST)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-eopbgr780119.outbound.protection.outlook.com [40.107.78.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2007A124BA8; Fri, 8 Mar 2019 12:26:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XkKdezCRnZHHc56JR269fMuI/1LzDNCoO687EvOF/JE=; b=OLXOqzOb07UyBfHhBsAQV/9dBnToVgTWj5l2XaQ0NwHBCjkWFdVjR0LP8yHGzhvApvVxmPKowK3dl8WH1z3W8Sw5GDSgokISo+qntweBFeaufClUtDbXgYofaexWebcJkEPtl+4eKphv9cWGgPfFPj9RiVH/bRCfEjxih6EOKNU=
Received: from SN2PR01CA0020.prod.exchangelabs.com (2603:10b6:804:2::30) by SN6PR0102MB3600.prod.exchangelabs.com (2603:10b6:805:5::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.18; Fri, 8 Mar 2019 20:26:51 +0000
Received: from BY2NAM03FT006.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e4a::208) by SN2PR01CA0020.outlook.office365.com (2603:10b6:804:2::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.17 via Frontend Transport; Fri, 8 Mar 2019 20:26:51 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by BY2NAM03FT006.mail.protection.outlook.com (10.152.84.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.19 via Frontend Transport; Fri, 8 Mar 2019 20:26:51 +0000
Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x28KQkDg004536 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 8 Mar 2019 15:26:48 -0500
Date: Fri, 8 Mar 2019 14:26:46 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Christian Hopps <chopps@chopps.org>
CC: <gen-art@ietf.org>, <draft-ietf-netmod-module-tags.all@ietf.org>, <ietf@ietf.org>, <netmod@ietf.org>
Message-ID: <20190308202645.GY9824@kduck.mit.edu>
References: <155183201188.27630.13798246400958114485@ietfa.amsl.com> <0BE3CBAC-40EF-4162-82D0-04C638A3B429@chopps.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <0BE3CBAC-40EF-4162-82D0-04C638A3B429@chopps.org>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(396003)(136003)(39860400002)(346002)(376002)(2980300002)(51914003)(189003)(199004)(55016002)(246002)(305945005)(1076003)(53416004)(6246003)(76176011)(33656002)(7696005)(478600001)(26005)(26826003)(53546011)(229853002)(186003)(75432002)(14444005)(50466002)(97756001)(316002)(58126008)(54906003)(786003)(88552002)(16586007)(8676002)(46406003)(106002)(2906002)(8936002)(356004)(36906005)(956004)(126002)(486006)(476003)(104016004)(336012)(23726003)(5660300002)(6916009)(47776003)(4326008)(86362001)(426003)(106466001)(11346002)(446003); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR0102MB3600; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; MX:1; A:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: c8eed988-0026-4090-c285-08d6a40465cc
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600127)(711020)(4605104)(4608103)(4709054)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060); SRVR:SN6PR0102MB3600;
X-MS-TrafficTypeDiagnostic: SN6PR0102MB3600:
X-Microsoft-Exchange-Diagnostics: 1; SN6PR0102MB3600; 20:RaBjkuT+MCMXZVaNR4cTKljlf43/pr08qhtLLtmq/AzRSJg+o+XiT2xsxP8Km0qv1IJDg9PDDjWrwR6ZNcQhMATPIhe/PvWYk+BvBPcp9XXqTo3miP/zIxLg9vKQQ5Q/4nhgW4cnIwhvGIPFsvfUkglRKFYTZ3BIMwVX7j4joRMdNHGWqt6gE5C4/HroU89DJhOpzLG1vbozu8Vc1cdIYoMk873hAWMf97URh0HPpZymTKXBI1rjD8l3HYCAcIrXwvZS+tkS/K2+CNSCW1OS4qVb4a0XYZSkRKbBVL6tJpGNTtcWmdoepn+nOn28FpHmqAB7MxC9DZx9YkVej/OcemTZoLzGXmZb8nbqhtuGbJ/b7PSyW8jQ9/BA/iXxTVqZWFg3YEzFHdPkywJpeBrzP/nkvnrJb+WlOK1jDsfF0h4pRKy6JeSWolY1Im5vntn8WEckHQrhJGZ/PDCxjJn6vbvt1OLAdQuClJnRsweh5ZzoQH6/Eo//jW168vhZiOtEEqJc265t24NYwOSkxyPT/eZ6cJBC7TV4Tb3tBk0IAA2a4Cb+R017pxX0Izl0kNTJvb06Ak3exhws3J2j3SRiR0dxMsx+li8r2lm+s2SQIF4=
X-Microsoft-Antispam-PRVS: <SN6PR0102MB3600EC1941D9D833829DAF93A04D0@SN6PR0102MB3600.prod.exchangelabs.com>
X-Forefront-PRVS: 0970508454
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN6PR0102MB3600; 23:1oqmf0auX6h8Ssp2bKkPqPm9Zp8hpSeIwcNib1f?= =?us-ascii?Q?s/pa+W+DAeIF+7QvLv+YorncRpm6SO9gGgUamcpJaSotjDnj9WfbYKNTbYLF?= =?us-ascii?Q?1da7FJNZD7yHzEzod6wSFiVRCvotWdzowjkVvn/NItB92F5Sjl56qifo/H1w?= =?us-ascii?Q?OlTzEmN41AIRDAb9x+bSM8SIhYpPZsoVaE0kjAf0vunwlnHPUH9Eagb24sz0?= =?us-ascii?Q?u31Hz7pJ40VMM4Onxls2hJweiS6JfB7jRcBIu507bfIecbyowY84pNozZ+Kb?= =?us-ascii?Q?n5bQ539LMNmWR/djer2iOk7O2DpmM+xxwzLRy+OZ51GSXYxidyl4VaFKReKy?= =?us-ascii?Q?sN81C8XWOcvCY59g7tD4xyU7kHUa8lBlTw660lOEpUOr3UlYEk2QWl7/Lo3f?= =?us-ascii?Q?3ef+vh4a2PZPjPvhCMShyFdWiqBKgYALq6GrDYSJztM/GNv/e2fDHxp9lhn5?= =?us-ascii?Q?r14FyEjUMx778XYnAQpbhZlNbhg2OXYIoNuISJc6ApNnc5ZOK0iqFm+F1UJv?= =?us-ascii?Q?ZKYEqZtFCh63twM+qIIA94lPvFW0HErgeCuTSbUzIWvgY3KOeRaHQr8s7Bk7?= =?us-ascii?Q?HYfEU1LZryBpQmtMrX+BoVdOHJOPL6wjG0ukaI7/hd+fQdHp6+6HYMyItV/O?= =?us-ascii?Q?LfDhmo9PnT3qTSX2HIJcQU+TJ991yDa8vP5ypDVJxpWqsN4inEYjNmhXCnu3?= =?us-ascii?Q?7CcAVktto0SP9OsSkafz/2hbwT8QxfxRsI3hM7xYTQzNguobC3iHQc1R1dxD?= =?us-ascii?Q?ZQ6xHiJixuCejCLfJeL4hvH8TN1ifm8jtAzVPyLtR7grRnVUELaq5c6TCDTM?= =?us-ascii?Q?mNDJcyyxSi0bGLiRxjFaUD/rwSNedXLK3NW84S6AdfKtKzId8dGSLP6v2s9F?= =?us-ascii?Q?tT8/hTNSAfcDqIEtbqa9L5bT/Vzmn4uB/cz/0B3W/QHglGEe4V3Wv2bjpLR3?= =?us-ascii?Q?4j0vUkN9jW9W9kblOJ/gb8efpVghLXkjp11F5rgj/lf9ilT0NMZfo1m1T3F/?= =?us-ascii?Q?VUb/Z2RIhAw3Fakcp0CLQUj+T2W0Nk3lFNb9xuXywDccO3Pa02V+galrlpnu?= =?us-ascii?Q?K6JD3E6xAykY8BZCPDwrqCknYMldMSuGGoMKgMBQaswyBKa7V5JUPejmBpEX?= =?us-ascii?Q?y9Ke3ewg68VzzcidBd9sRD+cspbWDxPyFUeFE1lMOyv1oa/c2tnL+7qM2lqk?= =?us-ascii?Q?bt7oK2FbGXzQDLQVoG6OwXVtqXOA14IQIlsfJdZ4FLmQ+pUxUiw2Z9QA3pOi?= =?us-ascii?Q?7coZ5/BZz7tZgWVV3ICo=3D?=
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: PHj/u6nCpYP+m8NW1DKL79ekaOVTPGPEyegyP7PJyIouAvzckV3gS3vA9A9C687lJLz379h6WB9kt57+5OLuB/C1jsZJZt4sLnnGbOGp0UjLGTrjtwgOvuO8U55r01X1uy22qMUdXUspptdhnXVhsMFRg2vqSU7SXWnty03oVjW13TxQDz5Hf+yVKnT4zNm3p3Ki/quedvjDspcmy54M7Kxyq4YpU+1cVpqyGsLUc5GkXZMNOOzEvVcXriHiYAsYS9HxU425XBDM1qnqphD6/f0fS0WVPWy4t5HZeWLuRCqPox+MaEG9dsH0p+2k/Xs1Fw3HeaRSoYDwpX4A2JZrokkV038TQg4TbglQ+0AqCd4Fgz6wGxY7eGkUY+nVjd+DhhL8zQQss0uzSdYZU6wbYjXnkkxL3DijwqfYbpF6kqs=
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Mar 2019 20:26:51.0323 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: c8eed988-0026-4090-c285-08d6a40465cc
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR0102MB3600
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/mU-Z0pTOSGaBwpevG8A2IKij6zA>
Subject: Re: [netmod] Genart last call review of draft-ietf-netmod-module-tags-06
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2019 20:26:56 -0000

Going up to a more general topic (and ignoring the particulars here):

On Wed, Mar 06, 2019 at 05:50:00PM -0500, Christian Hopps wrote:
> Thanks for the review! Comments inline.
> 
> > On Mar 5, 2019, at 7:26 PM, Datatracker on behalf of Elwyn Davies <ietf-secretariat-reply@ietf.org>; wrote:
> > 
> > 
> > Minor issues:
> > Abstract/s1: I would judge that RFC 8407 ought to be normative since it is
> > updated.
> 
> RFC8407 is a BCP not a Standard though so I don't think it's appropriate to make it normative.

I'm confused by this statement.  BCPs are considered to be standards-track,
and a reference from a PS document to a BCP is not considered a downref.
Is the objection that "best current practices" are just that (practices)
and not part of a mandatory protocol specification?

We do have BCP 195 (RFC 7525), "Recommendations for Secure Use of Transport
Layer Security (TLS) and Datagram Transport Layer Security (DTLS)", which
are indeed recommendations and best practices for use of TLS in general,
and as such can apply to anything using TLS, even existing deployed systems
and protocols.  But we can also have new protocols that say "it is
mandatory to comply with the behavior described in RFC 7525", and to me
that is a normative part of the spec.

So I'd like a better understanding of your stance here.

Thanks,

Ben