IETF Logo Mail Archive

Re: [OPSAWG] SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07

"Joe Clarke (jclarke)" <jclarke@cisco.com> Tue, 27 September 2022 17:00 UTC

Return-Path: <jclarke@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAB58C159A24 for <opsawg@ietfa.amsl.com>; Tue, 27 Sep 2022 10:00:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.906
X-Spam-Level:
X-Spam-Status: No, score=-11.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=ZHudIoGr; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=xnsBo456
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fY7A33nYgTFt for <opsawg@ietfa.amsl.com>; Tue, 27 Sep 2022 10:00:32 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7315EC159828 for <opsawg@ietf.org>; Tue, 27 Sep 2022 10:00:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=15300; q=dns/txt; s=iport; t=1664298032; x=1665507632; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=NVJY1FX0JF5PNwvtXvQxO2NVtiBxJasuGgjZVs+FfHQ=; b=ZHudIoGr3jPueW1p9q6wg7o+vAvPMKNqk9PLKOhxJONVWuhfICnqlm3n a0gYK7/UkWBL48dqhoWCNt3Jr+ELIM2KBpUWRheknrUDl9627vm7oedci GirA7nzLtYiCn8CXAM++tBpo39c6joVXsvIN/2Zz+QsVCW2i20RaJxvIc A=;
X-IPAS-Result: A0AjAgCVKzNjmIkNJK1XA4EJgU+BITFSfwJZOkWIGgOFL4gWA5ZNhRqBLIElA1QLAQEBDQEBMw8EAQGFBQKEbAIlNAkOAQIEAQEBAQMCAwEBAQEBAQMBAQUBAQECAQcEFAEBAQEBAQEBHRkFDhAnhWgNhkIBAQEBAxIuAQEHIg4BDwIBCA4DAwECKAcyFAkIAgQOBQgaglsBghZXAzADAZ5FAYE/AoofeIE0gQGCCAEBBgQEhREYgjgJgT2DMoUGEYMShE4nHIFJRIEVQ3lQgR4+hEYeARUICYNHgi6SMYJJhDAHNwNEHUEDC3IYAxQDBSQHAxkPIw0NBBYHDAMDBSUDAgIbBwICAwIGEwUCAk02CAQIBCskDwUCBy8FBC8CHgQFBhEIAhYCBgQEBAQVAhAIAggmFwcNBjMZAQUhOBAJIRwOGg0FBhMDIG8FRA8oMWsrHRsKgQwqKBUDBAQDAgYTAwMiAhAOHDEUBCkTEi0HKyxHCQIDImcFAwMEKCwDCSAEHAcoJjwHWDsEAwIQIj0GAwkDAiJagS4oBQMNGSYIBSMXHQQIPAIFBlcTAgoSAxMPBpkBgTEtMz4mAQNDCgUhMAiBMAtnkhuNeqAGgTUKg1qgUxaDdphxjB2BS5VAgkugAYR0AgQCBAUCDgEBBoFhOoFbcBWDIglIGQ+OKw4Jg1CKXnU4AwIGAQoBAQMJij4BAQ
IronPort-PHdr: A9a23:BI6CSxe1Q0AXIAgRkJU6/YahlGM/tYqcDmcuAtIPh7FPd/Gl+JLvd Aza6O52hVDEFYPc97pfiuXQvqyhPA5I4ZuIvH0YNpAZURgDhJYamgU6C5uDDkv2ZPfhcy09G pFEU1lot3G2OERYAoDwfVrX93az9jUVXB74MFkdGw==
IronPort-Data: A9a23:DDU/T6vsYQoNevYZ7O9W9zI7YefnVFpeMUV32f8akzHdYApBsoF/q tZmKT3SOarfNGP9KdtwbYnipxtTsZTUnYJhHQM/qyszEypHgMeUXt7xwmUckM+xwmwvaGo9s q3yv/GZdJhcokf0/0vrav67xZVF/fngqoDUUIYoAQgsA14/IMsdoUg7wbRh09Q32YPR7z6l4 LseneWOYDdJ5BYsWo4kw/rrRMRH5amaVJsw5zTSVNgT1LPsvyB94KE3ecldG0DFrrx8RYZWc QpsIIaRpQs19z91Yj+sfy2SnkciGtY+NiDW4pZatjTLbhVq/kQPPqgH2PU0UHhemSnSm/pLi 8gXubedVQcJL43GsbFIO/VYO3kW0axu8bvDJz20ttaeihGAeHr3yPIoB0YzVWEa0r8oWicVq 7pBc3ZUNU/ra+GemNpXTsFujcAqNsrmFIgeoXpnizreCJ7KRLiSHf6VuI8EhmpYasZmGfyHX JJBNR9Ufj/hShYeMF0VJqIfpbL97pX4W2QI9A3KzUYt2EDU1Bd4z7fFMdfJdJqNX8o9tkWGr 3/J/2LRHgsXKt2bzjzD+XWp7tIjhgvyXIYUUba/7PMv3BuYx3cYD1sdUl7TTeSFZlCWYu1WO VBP/gAU7rVo+GeGUtndTj2yiSvR1vIDYOZ4H+o/4QCL76Pb5QeFG2QJJgKtjvR76afaohR3i ze0c8PV6S9H6+bMEC3DnluAhXbjZ3ZKfDZqiTosF1Nt3jX1nG0kYvsjpP5KFKq4iLUZ8hmvn mjT90DSa1jv5PPnOo2y+VTBxjmrvJWMEkg+5x7cWSSu6QYRiG+Zi26AtAizARVoddnxory9U J4swJL2AAcmVsjlqcB1aL9RdIxFHt7cWNEmvXZhHoM66xOm8GO5cIZb7VlWfRk3bpxdJme1O RWO5Wu9AaO/2lP3MsebhKrsW6wXIVTISbwJq9iNNIMVO8gtHON51HE2PSZ8IFwBYGB1wf1gZ v93gO6nDG0RDux83SGqSuIGuYLHNQhgrV4/savTlkz9uZLHPSb9Ye5cbDOmMLtjhIva+1q9z jqqH5bQo/mpeLegMnC/HE96BQ1iEEXX8ris9ZEJL7TTflc4cIzjYteIqY4cl0Vet/w9vo/1E ruVAxEwJIbX7ZEfFTi3Vw==
IronPort-HdrOrdr: A9a23:mdyPEqsoT8dfAUwqTVzE44j27skCyIMji2hC6mlwRA09TyXGra 6TdaUguiMc1gx8ZJh5o6H9BEGBKUmskaKdkrNhQotKPTOW9VdASbsC0WKM+UyZJ8STzJ8+6U 4kSdkCNDSSNyk3sS+Z2njCLz9I+rDum8rE5Za8854ud3ARV0gK1XYfNu/vKDwOeOAwP+teKH Pz3LsjmxOQPVAsKuirDHgMWObO4/fRkoj9XBIADxk7rCGTkDKB8tfBYlel9yZbdwkK7aYp8G DDnQC8zL6kqeuHxhjV0HKWx4hKmeHm1sBICKW3+4Yow3TX+0eVjbZaKv6/VQMO0aOSAZER4Z zxSiIbToROArXqDyWISFXWqk7dOX0VmgHfIBej8AreSIrCNXQH4w4rv/MATvMfgHBQ5e2UmZ g7r16xpt5ZCwjNkz/64MWNXxZ2llCsqX5niuILiWdDOLFuIIO5gLZvin+9Kq1wVR7S+cQiCq 1jHcvc7PFZfReTaG3YpHBmxJipUm4oFhmLT0AesojNugIm1kxR3g8d3ogSj30A/JUyR91N4P nFKL1hkPVLQtUNZaxwCe8dSY+8C3DLQxjLLGWOSG6XX50vKjbIsdr68b817OaldNgBy4Yzgo 3IVBdCuWs7ayvVeLqzNV1wg2TwqUmGLEHQI5tllutEU5XHNcjWDRE=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.93,350,1654560000"; d="scan'208,217";a="963758425"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 Sep 2022 17:00:27 +0000
Received: from mail.cisco.com (xfe-rtp-003.cisco.com [64.101.210.233]) by alln-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id 28RH02sC025909 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Tue, 27 Sep 2022 17:00:26 GMT
Received: from xfe-rtp-002.cisco.com (64.101.210.232) by xfe-rtp-003.cisco.com (64.101.210.233) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.9; Tue, 27 Sep 2022 13:00:25 -0400
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (64.101.32.56) by xfe-rtp-002.cisco.com (64.101.210.232) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.9 via Frontend Transport; Tue, 27 Sep 2022 13:00:25 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RpRjfngYLndXDhg6N3EiXCoqd190YWsnH69q9ye8XiJdUTy+0iBQaOZM9hzPQEgyCk7GOCjC0anxSOcBhgc/AXf6VNlvFNuLUgJnbehsQrr661vYLQ8oZNFBLZT4wgj+PXfOp3phyeg02aGDZfNwJRb7x4UHU1m9eYC20rTFCnZ/hBIoov0wUdMmGPvpbaH8KrerUPFaU4FxkgmiXFpaFsS5zgV0qB4mCAew9rqtDMtN304EsI7plT9IVvTa7JE+VQ94qqQEditcobSKp06722prz7h9sDDRNy/llVelOnX4T8JMr3DaAmmgr+xcl7Oj6UapecIw65Z/tuYuZH6MWA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0W2PCNW5pcFXDVUFjEwMx2NvMjaSkt5f4ZWXJutQMNc=; b=las6wp9vZ90bIdOGzBTtlTKX8JTCstcpSh7IVskUOMRduRXwJNzIC18mrCgpgXx/vC2twRk+gdad1pPAIT5bu/+rYIo7NyVz6bpiJsveTEKdPVQf2bgEvOk5j1osZzbHdNOlD7nO3Kio7VRLpDFTCDaAIXIwPVUDNCBzVIV/qKDoA0UfkG83gW8SfHp3i8VwZ5nsWQDMW3w9+ewxQ4llhg4so1kLyfB8bdUxppfEXnC9Mk49M2Ht2FhoaQemDc4eTkNCfi1COCOEKoTVFBS4K1KZ8ZA3we1zLdYIwtp9+igkoRstknsbfMu5mVuzzxsfC1xElmNh9AYq6b+0wavzVQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0W2PCNW5pcFXDVUFjEwMx2NvMjaSkt5f4ZWXJutQMNc=; b=xnsBo456AEd731PQBEebJ13+0N0woDhXgUvGgAQj+ObgkJDroHpLYzHBIWpugNTmyOBlQPaI5KRqvW/+fFGmCa0MVO+l45un7xcgNB+fXIiB66MLy2Pr82nMNm2jdSIV6N97jIynF2Q077Xhu2MPc2iGZE/Hg/bFCDUoJrbYosA=
Received: from BN9PR11MB5371.namprd11.prod.outlook.com (2603:10b6:408:11c::11) by IA1PR11MB6417.namprd11.prod.outlook.com (2603:10b6:208:3ab::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.25; Tue, 27 Sep 2022 17:00:23 +0000
Received: from BN9PR11MB5371.namprd11.prod.outlook.com ([fe80::9cf:eb05:988c:5901]) by BN9PR11MB5371.namprd11.prod.outlook.com ([fe80::9cf:eb05:988c:5901%9]) with mapi id 15.20.5676.015; Tue, 27 Sep 2022 17:00:23 +0000
From: "Joe Clarke (jclarke)" <jclarke@cisco.com>
To: Kenneth Vaughn <kvaughn@trevilon.com>
CC: "opsawg@ietf.org" <opsawg@ietf.org>
Thread-Topic: SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
Thread-Index: AQHY0oTl9I5/w/kSKUGGUMbKUOaEqK3zfaQAgAAB5o0=
Date: Tue, 27 Sep 2022 17:00:23 +0000
Message-ID: <BN9PR11MB5371294C737E2FD6543CF057B8559@BN9PR11MB5371.namprd11.prod.outlook.com>
References: <BN9PR11MB537103C29F1F2300DD1C10E1B8559@BN9PR11MB5371.namprd11.prod.outlook.com> <F86FF076-3D12-4F2D-BEFF-996679C88EA4@trevilon.com>
In-Reply-To: <F86FF076-3D12-4F2D-BEFF-996679C88EA4@trevilon.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN9PR11MB5371:EE_|IA1PR11MB6417:EE_
x-ms-office365-filtering-correlation-id: e5655fe6-b8bd-466d-a68d-08daa0a9c4c6
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 4UsyAlC1K71GbBx7xOAXXtKblhf3mD/GQwZ6CeM+ymz4yAWCEQPSNVgA5UlvKaUdmO9b9A8mf7ZduhmGxtGQQMMmooov6dZNgKpPnEGEz6jN9HfZf+b2wH3D1U+WRIx7tPyHy7wfcqV6fOcaIAfHc7p+91g0lVgZ1KoSldgtKgREHbQMbHXdi/2WtsKtKQ9t7xmiaWBCCBfRpVQft+l9j47U2v48Evs9UlJawY9n/lwjqz8Z1vAof/IKuOctdX3D56xWtWaE7qSlBkQcuH5I5xjZx0PgWFXeypYDQt51a/kZ7jXuktk7c679iIEAiPv1NWcC7fKMrzxm4pjOjg9ByuxqHWNEstRoIYNXZhDRU/xJlP2P4Na37MzwaQt2IrpCxD9mQaBohI9FZ8JX8urhY5zc0AMr7z3dcLnKAxhQfJG3iK6FlNivG7WWTP3JbOiGJQKT4oef89ruGcseEvCBp1sYLJH2i0aMD0ggIcjCY6qIoBJpIDP/0oOQQkkrHUTM9NiVgAV1k7fE8ak4a+irL0K4nFSmGZWaTKtk5P2E5EnC3k9OUQ150ZfGnoxROz8yjPo+MFn5SV9ozHDQL4PCN5N/hB80/Or+6JHKO06Hc5Y6PLXvTZaJxKiPLOXfV6lAU1j/WUKhRVTBnE9eL+a/LHxWPvujmdfKDafgOuOWraxN/qant0VOCXBfBMldVOX0b0oc9M9nivFGLfBlxssXWZU373NAprmVboXhK7lPVTMrueCh6ywZtNI8FuE022LHbmZ7zxUbBko+C2yaVp7TX7D4OoTXuIts39FP9GSy0yA=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN9PR11MB5371.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(136003)(39860400002)(366004)(346002)(396003)(376002)(451199015)(83380400001)(55016003)(66899015)(76116006)(86362001)(38100700002)(40140700001)(52536014)(33656002)(166002)(9686003)(66476007)(38070700005)(66556008)(2906002)(64756008)(15650500001)(8936002)(66946007)(5660300002)(4326008)(8676002)(66446008)(6506007)(91956017)(122000001)(316002)(66574015)(41300700001)(6916009)(7696005)(53546011)(186003)(478600001)(71200400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: yKvTJ5wLpi47Vkq0OvOQAmMV6+Tc8Z6yxep8iMzNo6ZT2JcqKimP8lSC6hXf5VgpadGcYwZoJOKk59/byhmp+CUwtjPyZTyGCxj/NTyqzzx05L7c9psH1rTxzfRPx1OhfQSFiai3doXZeOpIlBeivpbs8SFnvI00qxzKrYA5lxSgQ+rKgs3Fn7Ywk0LyzRXIQWUzGeg9H4rs9FNhpgTpSownPXWpA40DmwDY1BjFTHnYUphgqBGc4qL7MHfDui+BZxydW4va4x94AsLu6NyeGq7tjdNubTJ/Ncmd44mAW72qa6SEMOhgesFpamXoiSqFd5VNGPWMsnpByB/AtV+xPg3AS6E0drwqQ/8V2vMZiqoHQtzJGLAKsQYBasiCwEVz+nr7wIPoDoDmlSGPLRG4/xPHMqm9tGPlxxgwb/Q/PLxWg7gNdj+fEl+vOG9XByt/A8cYoIHHkU8Xl1IWZZe+0gP5Jc1ExV450peAkceVAxT3PXulLadrcBCMnX15k+rdPFLjfOQ/Y0keHILhSRv4PsGYigZZnXDNo0kAG8VhZauHD8Ynot0b600rcP1yc5RbKTRMgWnjtVI30Qherab3vFGuCTH//itN6FqJP+jb2bhLIbVqAOnuEBXsd8NYYo8w5oW9q4HgYomORsyKAZEfgFNW4MB43NJubvPvXsroKZZ5nzAYZxOovia++Mews6jgxiM5iESBMWLGFK0Wlm64tt7SkXF3dNkF3njgSmLvnqUGhNO4s78JIcpSYchk+oOtvN7M+uAXD2M3m8FUWeBlE7gRzn9/r9BaygT2ISGCKSugsRyXcNXYsan993I0TYYF3OZl6n5eHTNqScrrDKuMmumTR5I8XA57uEtw37BZ7PSnuUcVdXl5AQuX4wujGz7gws+JlcGWgxdci4KBfedAa+oKqxxASChhhLiXUU0CezUa0HkM1tWXGcjW8Xs/hiMpnB/Kq2G/xIJKP8DD1/l792bLCdbjDG+u0T/zcd5hiTJSr8i434/znXYnOfTkj8pbeebMpL77k5FvyNtgthyWBG1yN6faiPMxyTAQ0ZWSBCHQ7DF6BnPcTeyIOfK1OR4L7E6Lnb9fZ0Vk+fUZ8SnLhfckUpzHgo9eTdlcHjUX+xpwt06Qc7FCLeLEejVlTWqzAJq9oQ2xuig/GEExituFDXhEr6xiLQcoXRYNVcwxQ8gZmDRFHYTLnaC117n+jgkJy/DcYUK0GtT8aHD+iSOkbFYFUBqAlHMHHLHTRbVFnYaCmApOp8MPpNNOlmvWA47gj6axonCL4CEr6MRsXrqS+DxOFdoIBmIJP/MY3naABxEimlprE/DXSD7QWbNRrpAG5ckTebUslqLNzs7a/F9p80IHtnx5BTn+kMd5B7b7IREaCqSGqxikAIwXqUv87zgnhBHckROSiOskCCOsGHcZvqzgYAZEo+eUh9N8ugdGA3ivA27sk4Ybni9wcll5pHVUhmrQtZw8uutBHZqFxWF6lSZU7VyhuBiD42ZfZ+aps4/+VtMYLgZmqYdk9hCH7Wmi9kygLGT0vFos8hdxzgYWezht2jkdmwP6W7WXtGUWFpC60sthrZ3m7cQOJ+CtvpU5Kzw4+uLV9ULpmJRG0jlwuCaxxwlQRY1NA5aPERcs0wChQJsd2XsucxHXQPDGP0xI+LHyrwYoI9Ams90seFAKUA==
Content-Type: multipart/alternative; boundary="_000_BN9PR11MB5371294C737E2FD6543CF057B8559BN9PR11MB5371namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5371.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e5655fe6-b8bd-466d-a68d-08daa0a9c4c6
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2022 17:00:23.6991 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: s6bEhZV+epBqR/d3Pv1FgVuNc9Ey2aUOtoLhpHI1mGCnZNYJr9mEcXTt+Mzv7Pjy8naWv+lHIGJ4r8am6TghlQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR11MB6417
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 64.101.210.233, xfe-rtp-003.cisco.com
X-Outbound-Node: alln-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/3vHyEAMrhozUySNtrjb47JYBVW0>
Subject: Re: [OPSAWG] SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Sep 2022 17:00:36 -0000

Thanks for refreshing my memory.  The clutter argument is sound.  I do wish we would have gotten a SEC DIR review, but it will certainly get some eyes from the IESG.

I’ll mention this point in the shepherd write-up, and we’ll leave things the way they are text-wise for now.

Joe

From: Kenneth Vaughn <kvaughn@trevilon.com>
Date: Tuesday, September 27, 2022 at 12:51
To: Joe Clarke (jclarke) <jclarke@cisco.com>
Cc: opsawg@ietf.org <opsawg@ietf.org>
Subject: Re: SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
The concept of automatically registering new hash algorithms was discussed during a May e-mail thread. Jürgen objected to the automatic recording of values and Tom Petch argued for the automatic registration.

While I don't think we ever achieved "agreement" on the position, we concluded with consensus (i.e., no sustained objections) on the wording in the current draft due to the fact that there was agreement that there was no requirement for our fingerprint to use the same hash as used by the TLS layer (and thus no technical requirement to link the two registries). From that point, we concluded that if anyone wanted a value, they "would find the energy to register it" and we would not clutter the registry with unnecessary values.

Personally, I see the argument on both sides and am fine with the consensus. However, I could perhaps see softening the expert review statement to automatically approve the request to add any hash algorithm that is already approved for any version of TLS or DTLS rather than fording a consultation with the TLS WG.

I've made the other changes, but will hold off on implementing them until we resolve this issue..

Regards,
Ken Vaughn

Trevilon LLC
6606 FM 1488 RD #148-503
Magnolia, TX 77354
+1-571-331-5670 cell
kvaughn@trevilon.com<mailto:kvaughn@trevilon.com>
www.trevilon.com<http://www.trevilon.com>


On Sep 27, 2022, at 10:36 AM, Joe Clarke (jclarke) <jclarke@cisco.com<mailto:jclarke@cisco.com>> wrote:

I am reviewing -07 of this draft ahead of the shepherd review.  I have found a few nits, but at a larger level, I think more text might be needed for IANA around how to handle the new TLS hash registry.  Currently, the draft talks about a sync to “IANA TLS HashAlgorithm Registry”, which is good.  But what if new values get added to the cipher suites registry?  For example, what about GOST variants?  I would think if the TLS 1.3 spec (and their experts) allow for these algorithms would this registry not just take them?  What would the expert review consider when adding new algorithms here?

In terms of nits:

Search for “ciphersuites” and change to “cipher suites” as that is more consistent with other documents (and I think you use both in this document).


Section 2.1:

s/Values zero through 2/Values 0 through 2/


Section 2.3:

s/stated that TLSTM/states that TLSTM/


Section 3.1:

s/request, offer or use/request, offer, or use/


Section 7

Add a period to the end of the section.

Joe

v2.23.0 | Report a Bug | By Email