IETF Logo Mail Archive

Re: [OPSAWG] SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07

"Joe Clarke (jclarke)" <jclarke@cisco.com> Fri, 07 October 2022 13:25 UTC

Return-Path: <jclarke@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F7E7C1522D5 for <opsawg@ietfa.amsl.com>; Fri, 7 Oct 2022 06:25:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.902
X-Spam-Level:
X-Spam-Status: No, score=-11.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=E28T8P4F; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=BMJuLvWW
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K_ne55hDU-F1 for <opsawg@ietfa.amsl.com>; Fri, 7 Oct 2022 06:25:40 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7A7DC14F722 for <opsawg@ietf.org>; Fri, 7 Oct 2022 06:25:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=28011; q=dns/txt; s=iport; t=1665149140; x=1666358740; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=rf1nKJtCx4c/c72e/nRzLHeZHr+DnpsDTmrFXF1PpBs=; b=E28T8P4FI/+DuZkqoT0VX9OOm5WVSXnrFje+McliU8S2aMLT28/EPXyt uThDtQVpbaRO1lRI6BH4j35/4voLaQ2KlzUYP9DmYNap3EHRMg2Bbe8/S pL1xU01S7m6auFsTsQmg2I4lNPWaWrcb/0S3yhlxr3bv9k8uBlm+jW4Td I=;
IronPort-PHdr: A9a23:sUlC3Bxc6ZYOtufXCzPZngc9DxPP8534PQ8Qv5wgjb8GMqGu5I/rM0GX4/JxxETIUoPW57Mh6aLWvqnsVHZG7cOHt3YPI5BJXgUO3MMRmQFoCcWZCEr9efjtaSFyHMlLWFJ/uX+hNk0AE8flbFqUqXq3vlYv
IronPort-Data: A9a23:iudlO63Sfrt7j/BJlvbD5RVzkn2cJEfYwER7XKvMYLTBsI5bpzABzmIXUWzXP6zcYWqkL4p2YIvj8htT65OByt5rSAds3Hw8FHgiRegpqji6wuYcB84ZRyH6ZBoPA/42N5+RdajYcleG/k33auW48yElvU21buOU5NDsa3gZqTBMEE/NuTo78wIIqtYAbeqRWmthivuqyyHrA2JJ7hYvWo4iBw1vnzs01Bj6kGtwUlXT/pmntneG/5UeJMp3ya1csxLFrodo8u6SH44vzZmw+mffuhwqEN7gz/Dwc1YBRfjZOg3mZnh+Avf5xEMc4HVplP9gZJLwam8P49mNt9J6zNxXtpGYQgYyNaqKk+MYO/VdO3gmYPMeo+KWeibXXcu7iheun2HX6/RjEE89FYcE8eFxB2xF6boTLzVlRhebnOupz5q6R/ViwMM5I6HDP50Wp35gyxnFF/s4QJTERePB4tow4duarqiiBt7XY84fLDFodhmFPltEO0wcD9Q1m+LAu5U2SBUAwHr9mEb9yzG7INRN7YXQ
IronPort-HdrOrdr: A9a23:ru5pzqBwTfCJVNblHegSsceALOsnbusQ8zAXPh9KJyC9I/b2qynxppgmPEfP+UossHFJo6HlBEDyewKiyXcV2/hdAV7GZmjbUQSTXflfBOfZsl/d8mjFh5NgPMRbAuRD4b/LfCNHZK/BiWHSebtBsbq6GeKT9J3jJhxWPGZXgtRbnn5E43GgYytLrWd9dP8EPavZwvACiyureHwRYMj+LGICRfL/q9rCk4+jSQIaBjY8gTP+wg+A2frfKVy1zx0eWzRAzfMJ6m7eiTH04a2lrrWS1gLc7WnO9J5b8eGRhOerRfb8y/T9GA+cyTpAV74RGYFqewpF5d1H3Wxa0OUkZS1Qe/ibpUmhOV1d6iGdpTUImAxemkMKj2Xox0cKZafCNWoH4w0rv/MBTvKR0TtRgPhslK1MxG6XrJxREFfJmzn8/cHBU1VwmlOzumdKq59as5Vza/ppVFZql/1XwGpFVJMbWC7q4oEuF+djSMna+fZNaFufK3TUpHNmztCgVmk6Wk7ueDlJhuWFlzxN2HxpxUoRw8IS2n8G6ZImUpFBo+DJKL5hmr1CRtIfKah9GOACS82qDXGle2OGDEuCZVD8UK0XMXPErJD6pL0z+eGxYZQNiIA/nZzQOWkowlLau3ieffFm8Kc7hywlGl/NLggF4vsulaREhg==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0A5BgB2bIJi/4oNJK1XA4EJgU+BITFSB3UCWDlDAgGIFwOFMYUJgwIDkEeKcYEsgSUDVAsBAQENAQEyEAQBAYUCAoU+AiU0CQ4BAgQBAQESAQEFAQEBAgEHBIEJE4VoDYZCAQEBAQMSLgEBByIOAQ8CAQgHBwMDAQEBIQcHMhQJCAIEDgUIEweCXIIMVwMxAQ6fZwGBPgKKH3iBM4EBgggBAQYEBIUNGII4CYE8gxSEFxCCaoQ7JxyBSUSBFUN5UIEePoJiAQECGIFIHgEMCQgJg0aCLpN3gWoHOgNUgQUSgSFxAQgGBgcKBTIGAgwYFAQCExJTHgITDAocDlQZDA8DEgMRAQcCCxIIFSwIAwIDCAMCAyMLAgMYCQcKAx0IChwSEBQCBBMfCwgDGh8tCQIEDgNDCAsKAxEEAxMKDgsWCBAEBgMJLw0oCwMUDwEGAwYCBQUBAyADFAMFJwcDIQcLJg0NBBwHHQMDBSYDAgIbBwICAwIGFwYCAnEKKA0IBAgEHB4lEwUCBzEFBC8CHgQFBhEJAhYCBgQFAgQEFgICEggCCCcbBw8HNhkBBSU4BgsJIxwcAQ8LBgUGFgMmUgUEIJJZIoJ7CIEOBQsBFBktBgI8JgEDQwoFASAwCCgFQCUeC2QDkg6NUp9TgTAKg0yLGoJKiyaHHBWCP4E2SIt2jBmMC4FLlRuCSopdlE0OCoRyAgQCBAUCDgEBBoFhPIFZcBU7gmgJSBkPjisXg1CFFIVKdQIBAQ4mAwIGAQoBAQMJkRoBAQ
X-IronPort-AV: E=Sophos;i="5.91,230,1647302400"; d="scan'208,217";a="1056035936"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 07 Oct 2022 13:25:39 +0000
Received: from mail.cisco.com (xfe-aln-004.cisco.com [173.37.135.124]) by alln-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id 297DPcR6028007 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Fri, 7 Oct 2022 13:25:39 GMT
Received: from xfe-rcd-005.cisco.com (173.37.227.253) by xfe-aln-004.cisco.com (173.37.135.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.9; Fri, 7 Oct 2022 08:25:38 -0500
Received: from NAM02-BN1-obe.outbound.protection.outlook.com (72.163.14.9) by xfe-rcd-005.cisco.com (173.37.227.253) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.9 via Frontend Transport; Fri, 7 Oct 2022 08:25:38 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DX0dPUmX4Km1fCqUIFrSo+Mrj6EKST5apTXQgm6tNlSaCxreP4ik4qrfWCCchAZ9vLEehjrvWYD3FemLI8ceWWYLFMktXQNyMr+LygmXRF2izij2hxzA/wgi1cA6KkdqAQ5u4r6tNZxVIko6Dvc3zQhZRD8JeW126gjXSVUngQ5R8ILCPqK42W43lua1uhHN00DC0GfSTFJnRJM4IFbBpgH2oAtDWxn+qFesAiARbZmia+al8/5eAXseKMEa+D0FNC95/w8V1eBQadkY1V1cRaG3O/F5QlWRbXjTgDlYCKF0Oe6SUN54aR+XjyGhrrKLdZC8lk+DLXqHCd1ZzKmN6Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=u64Cnt0tWOumI0fGRvEo99sawud5pWLuCdjBLvutqpo=; b=RTiHIm8tbXNNFYjoeWsUTR+4Nd0yx5v5O3+q/Lxn56c1NaN8zsm+a9PzlBniR3K/nIZ2YgItdLAlcq9e/6gsq3eB1pjiR81D4znTA/XSVXW81qY+Vl7fLtot80N7eTHRP1/PAQE8KaLOM5o3TpJeqvsuyQMjwzv/TCFgo6Oo+mCYWjwj7R/CxjCAwqhH6GqMnhpsJzdb8yhzsFC71ccKtOTTIaoNvpoPfRhda4nQx+W7KVH8TCc2GMrZSzdwVLFORwruuLGlfL+elhh06JsgMWP6K+zE2gL2RzTLNub0BSy9o5TEfZaFYEDMoBgUNVrj6fexbIAn56wMEdWsV3rIrQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=u64Cnt0tWOumI0fGRvEo99sawud5pWLuCdjBLvutqpo=; b=BMJuLvWWV5+9iaui3J05CsMZYW94E8eekuHOyD8+MG616qPX1JW9FEY4YsYGAeSu/G57XzqkGIModcGXXHNBw8/EAAhx+NpciEZNijpSQgGMufrG7Ii8oHwo8KuSjaTukvMFBBDUcWMeCRlKrEJjWtMcb5SjCKfwJ5xgWK9AEjo=
Received: from BN9PR11MB5371.namprd11.prod.outlook.com (2603:10b6:408:11c::11) by PH0PR11MB5110.namprd11.prod.outlook.com (2603:10b6:510:3f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.23; Fri, 7 Oct 2022 13:25:36 +0000
Received: from BN9PR11MB5371.namprd11.prod.outlook.com ([fe80::6c46:7caf:515b:4e8c]) by BN9PR11MB5371.namprd11.prod.outlook.com ([fe80::6c46:7caf:515b:4e8c%6]) with mapi id 15.20.5709.015; Fri, 7 Oct 2022 13:25:36 +0000
From: "Joe Clarke (jclarke)" <jclarke@cisco.com>
To: Kenneth Vaughn <kvaughn@trevilon.com>
CC: "opsawg@ietf.org" <opsawg@ietf.org>, tom petch <ietfc@btconnect.com>
Thread-Topic: SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
Thread-Index: AQHY0oTl9I5/w/kSKUGGUMbKUOaEqK3zfaQAgAAB5o2ACXPbRYABZQ8AgAAitquAASB+gIABefsAgAHj8wU=
Date: Fri, 07 Oct 2022 13:25:36 +0000
Message-ID: <BN9PR11MB5371323A4E18FBFBE66D459CB85F9@BN9PR11MB5371.namprd11.prod.outlook.com>
References: <BN9PR11MB537103C29F1F2300DD1C10E1B8559@BN9PR11MB5371.namprd11.prod.outlook.com> <F86FF076-3D12-4F2D-BEFF-996679C88EA4@trevilon.com> <BN9PR11MB5371294C737E2FD6543CF057B8559@BN9PR11MB5371.namprd11.prod.outlook.com> <BN9PR11MB537195B2DC6B5B886EB51FB9B85B9@BN9PR11MB5371.namprd11.prod.outlook.com> <3AC2333E-BBB2-4D63-9DF4-57A2AAA77AB1@trevilon.com> <BN9PR11MB5371AF802CECC37379A89FFEB85A9@BN9PR11MB5371.namprd11.prod.outlook.com> <AM7PR07MB6248E0E9793AE0661DABB51FA05D9@AM7PR07MB6248.eurprd07.prod.outlook.com> <D8AC4A89-08AE-4258-B7E6-047D6EE8811D@trevilon.com>
In-Reply-To: <D8AC4A89-08AE-4258-B7E6-047D6EE8811D@trevilon.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN9PR11MB5371:EE_|PH0PR11MB5110:EE_
x-ms-office365-filtering-correlation-id: 0682ded9-8916-4300-3d9f-08daa8676b5f
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ypV+JLfkFTyAG+Ej3zRF4Jf3biaKxsRafP7dmEzCFM+XufVOg+iuEP+kYlazPvbFg/XdSRqA1tkXJb+ti4YWZ1bQZTPGEIdPKD9zE9a1kWBvKIZOX8VtNXlsci5uCYjpzTICRw4gkd6atBczlf5HEDp6cJdZJoRKogoYqhXN2xTx33rP0MtoOxxN3pV4fTDjBEvd88AA1xL8ZDpBX2kknXDYblOebUKvhuV8eCzlWzkLsT4ktMBIKpniCbiq9elbGFCCXMe0FiT7BQdildPEaLO836ceIo83+HHx37zJVAHS9Ic4mX/M0XUga0Ftu0vwsdjBp4d1DjLPH1JyO6SWwzxrbOt8TjU1xvdy/YSYXvrG9Znd3r3xfGcAbjGd0IOrFnLkHlCNOOi00uK9RshGWMPD6A01BuBCpjTZ0KfPHZ9Y5mtxF3FhamgKlghMNf/XKnY4TJs3y7Elxe9x4qQQIKBqBy1fdIiwt6SpUlKwJ3gK9K9Mqi+I/ovuiftlFlDUyZciHyAar4v6cwIrrg2nal7SXJrwH13rR+zgoZclpwUYRU+XzXxENaFvsxxQSmhGMftSBd6HSSI8LuImZ8D5m3VAMjwKy+Sads7nm8NWBJLxPmSugOvRdDlOc4QYcD9KUUnmsxh4xscSPBOOzBxyhsyq6T0R7oKyMxYS2fMASHm92momP/r16tP7HoWr7v4R3Dml9lpwTbnL8Bh7BCbK4f/hiHtmHYbupIe074M1HRHhDxN+roOboOMzE7j/rVtuD9IAqmNU8JFH7QqQSEmQESNSCbcyOHr+dm8YjcEPbec=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN9PR11MB5371.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(396003)(136003)(366004)(346002)(39860400002)(376002)(451199015)(83380400001)(316002)(2906002)(166002)(38100700002)(66574015)(122000001)(186003)(38070700005)(41300700001)(52536014)(8676002)(8936002)(55016003)(15650500001)(6916009)(966005)(66476007)(91956017)(7696005)(478600001)(53546011)(9686003)(71200400001)(6506007)(66556008)(76116006)(64756008)(66946007)(66446008)(54906003)(4326008)(5660300002)(66899015)(86362001)(33656002)(40140700001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: +3b0s3mguHL47ohqv6DaUfEaIccq0161y+f8AaegusiNy9Ec4mobZqw99Fq99l5T68d7DDVMA8iMwdqO5J4XjxULexuY7W5h3CxX1UWXpLIq0motNAA4wuPwx7edNmkTKvvSPzcO4/xFDFg59f9ZVzkHA228jMArRZXaw4JAPGlxLlPJ6kwzOH5EpkWdoaVuK/WsmuQJb3RaswupzWMWGJIDkvC+WZfgxCNQfcI1JA929yo70rI6DVi3yTa6CdbnauYjIjVFN8jkQzbyqUNqAA7/b6//59QCmU2aav+T9LcqvrN0xshsR00cmE6Tr7SGq9+Bl9SKUkNVTX6xsl26LFo7rxGyXwpep2Xee1N5V9JPhit9boo56IXU/W8PGYa0+TwGG+c3qt7jcPjcv2hPacO2yr7S1ObpY3ILEC8tooVZJN3RGUG2EXV3Cj5sWhvrW6ZM3sHc+eOWo5aZoCO+hK2gZa0IoKpGc04GrPHoToc59YZ8YY27maNVRsZN1NAvnuJYUxAv6VkxNQx4wgnumg4ve4ugn7xkGYC9h8XC2QyzrAMnrgz6BHAz09jVw3AiLZXYGTwsUAE2HKEeH169jgIYuZ9GBbZah/1whI5FSrmXgImUJtDGs2wQuzASTpJ/u8Nn23iFrxmUvXi5VLlp7O7Z0sL11Flv5cC55yqTy6uZ8u6Mxp/C75Y5S9HtJ3QGar4ewU50veZTWfLePspntod488DSOqiJVhXMXwUtEvFEiVaRoaGL3uZTFb0B2LT/3+3y5V73YEvvxD9FJ0p0oneEy3VQ2OGxRBFh82G9NPOii8FrEMsz14mO0Y6XFQ3ucdcqQtLbtMdwo4mmtICFhNkkX4WBimmsCrumZXYf2vRV2wgy3L6wrxAOgrjx5GjavhWj72Oavhn6DmxhYVQE1aBxCIGFKKbiFPh3u27uktJjeCfep1hPhBpBwvqWmMIDZTHwHGvpzmdi3hWXIcy8eatunaoXk/QMytM+lF8sU9ddmMbbsowtoTlAJwF3tz8bkpxmKWZEMeBgYaQ/r8vwm6mheKkgh0CTAZL+MnEXhyukIELKTrLFNVQ+G8fgBj+r0OX+YmOy3yRKC+Q0fv4BDA4eIyXI27cyydHDBe+GVbeuV4lDgg+GRNbnFV6gsNt1kmvB4YIGTwZFyKpfkfluPzM2LPxqeSTbngEg4EclTKczgiOn3ardGG+OicDbHSb8G5nkgjyT968TSkgNxJAsqryXFH9YTEt5ljP+zFpn5G/C/iHuYkGoznVRCcyct5gOjPDPtXs0IlrB3z80EeT/nmBZHI14vePxiXppuIt+RPM6bDpInJ2bU2IXIt7ox+vF+DkiYd+OQkZa0CshM0iXmx3EWV4qKDl7FrWkNsp4+D+90PQP4rimE8ZMI8me+8nBDfhPCngxxKek3i5boYPMWRwWdUzIVhU6VTTPd4xb/0uepMLuqkQVglUtL3guPoik9zC4oz1aUqNWUpyqGnAgg7Ii22sxNFfYXdOnk0/enVjc/GB6oyAT1X0EErAzAhy3c6QpvSUokkZ0jY28L7ioJlOEcuzGzO+Azr75fCf9V76ZSA+tec+N0dw85U9ydd63Wf+sdx/siVUbrJVfkw3nog==
Content-Type: multipart/alternative; boundary="_000_BN9PR11MB5371323A4E18FBFBE66D459CB85F9BN9PR11MB5371namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5371.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0682ded9-8916-4300-3d9f-08daa8676b5f
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Oct 2022 13:25:36.2222 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 0snPDiuLEl9Ge8HGjSYgiOmHd+HRPbvaXpr8XHo3XLzQEzbwGap8FgsHosHrzLZMT38WPDuTlUQsh1sY4X581w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5110
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.135.124, xfe-aln-004.cisco.com
X-Outbound-Node: alln-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/A3ni5U-bxzu3jTw5F4KW5lFZPjA>
Subject: Re: [OPSAWG] SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Oct 2022 13:25:45 -0000

I’ve always been told (and it makes sense) that one must understand normative references so to implement the given spec.

This is a weird case.  The TLS address doesn’t need to be a hostname and, if it is, it doesn’t need to be an i18n hostname.  So, one wouldn’t need to understand RFCs 1123 and 5890 to implement this spec if they only used IP addresses.

But for completeness, I would recommend doing option #4 below (as you added normative language to v4 and v6 addresses already).

Joe

From: Kenneth Vaughn <kvaughn@trevilon.com>
Date: Thursday, October 6, 2022 at 4:27 AM
To: Joe Clarke (jclarke) <jclarke@cisco.com>
Cc: opsawg@ietf.org <opsawg@ietf.org>, tom petch <ietfc@btconnect.com>
Subject: Re: SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
Joe, et al.

I am working in a draft that includes the text suggested by Tom (e..g, "This module makes reference to"). I have also ensured that the list of references is accurate and properly classified between normative and informative.  While doing this, I noticed that RFC 6353 seems to treat two RFCs differently, despite the text referring to them in a similar fashion. Specifically, the MIB contains the following text, which is repeated in the updated MIB:

A hostname is always in US-ASCII (as per RFC 1123); internationalized hostnames are encoded as A-labels as specified in
RFC 5890.

Neither of these RFCs are referenced in any other way in RFC 6353, but RFC 1123 is listed as a normative reference while RFC 5890 as an informative reference. It seems to me that the two documents should be referenced in the same fashion, but I am not sure which type is most correct. A basic reading of the text implies that this is just an informative fact; but I believe the intent is that the "is always" and "are" expressions are intended to be "MUST be" expressions - and parallel the prior paragraphs that describe IPv4 and IPv6 addresses. So I see the following options; I know what ISO would like, but I am interested in hearing which option is the best to conform with IETF rules...
1) leave as is (i.e., no change to MIB module, keep RFC 1123 as normative and EFC 5890 as informative)
2) no change to MIB module, make both RFC 1123 and RFC 5890 normative
3) no change to MIB module, make both RFC 1123 and RFC 5890 informative
4) Replace the "is always" and "are" in the text above with "MUST be" and make both RFC 1123 and RFC 5890 normative

Thanks for your advice

Regards,
Ken Vaughn

Trevilon LLC
6606 FM 1488 RD #148-503
Magnolia, TX 77354
+1-571-331-5670 cell
kvaughn@trevilon.com<mailto:kvaughn@trevilon.com>
www.trevilon.com<http://www.trevilon.com>


On Oct 5, 2022, at 4:53 AM, tom petch <ietfc@btconnect.com<mailto:ietfc@btconnect.com>> wrote:

From: OPSAWG <opsawg-bounces@ietf.org<mailto:opsawg-bounces@ietf.org>> on behalf of Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org<mailto:jclarke=40cisco.com@dmarc.ietf.org>>
Sent: 04 October 2022 17:45

Thanks, Ken.  I saw your updates, and I agree with you on 5246.

But now that I am done with my shepherd write-up, I notice that there are a slew of references in the MIB that are not reflected in the document references (e.g., 1123, 5890, etc.).  Given that the full MIB is included in this new document, you should include the same references in the Norm/Inform.

<tp>
This has been a problem with YANG for years and the accepted solution is to include a section 4.1 'This module makes references to [RFC1123], [RFC5890] etc '

Consistency with YANG would be good:-)

Tom Petch

Joe

From: Kenneth Vaughn <kvaughn@trevilon.com<mailto:kvaughn@trevilon.com>>
Date: Tuesday, October 4, 2022 at 10:37
To: Joe Clarke (jclarke) <jclarke@cisco.com<mailto:jclarke@cisco.com>>
Cc: opsawg@ietf.org<mailto:opsawg@ietf.org> <opsawg@ietf.org<mailto:opsawg@ietf.org>>
Subject: Re: SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
I've updated the document; the only items that remain in the id-nits check (https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-opsawg-tlstm-update-09.txt&submissioncheck=True) are:


 == Unused Reference: 'STD58' is defined on line 1472, but no explicit

    reference was found in the text

STD 58 is referenced in the MIB but I am guessing that the checking tool does not check that content? (I don't think I am supposed to use the formal cross-referencing in the MIB section)



 -- Obsolete informational reference (is this intentional?): RFC 5246

    (Obsoleted by RFC 8446)
This reference is intentional as we are identifying the initial entries for the SNMP-TLSTM HashAlgorithm Registry, which needs to point to the older RFC.

Regards,
Ken Vaughn

Trevilon LLC
6606 FM 1488 RD #148-503
Magnolia, TX 77354
+1-571-331-5670 cell
kvaughn@trevilon.com<mailto:kvaughn@trevilon.com><mailto:kvaughn@trevilon.com>
www.trevilon.com<http://www.trevilon.com><http://www.trevilon.com>


On Oct 3, 2022, at 12:20 PM, Joe Clarke (jclarke) <jclarke@cisco.com<mailto:jclarke@cisco.com><mailto:jclarke@cisco.com>> wrote:

I’m working through the shepherd write-up now.  As part of that, I am reviewing the IDNITS checks, and there are a number of warnings.

See https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-opsawg-tlstm-update-08.txt.  Please work through and address these.  Thanks.

Joe

From: Joe Clarke (jclarke) <jclarke@cisco.com<mailto:jclarke@cisco.com><mailto:jclarke@cisco.com>>
Date: Tuesday, September 27, 2022 at 13:00
To: Kenneth Vaughn <kvaughn@trevilon.com<mailto:kvaughn@trevilon.com><mailto:kvaughn@trevilon.com>>
Cc: opsawg@ietf.org<mailto:opsawg@ietf.org><mailto:opsawg@ietf.org> <opsawg@ietf.org<mailto:opsawg@ietf.org><mailto:opsawg@ietf.org>>
Subject: Re: SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
Thanks for refreshing my memory.  The clutter argument is sound.  I do wish we would have gotten a SEC DIR review, but it will certainly get some eyes from the IESG.

I’ll mention this point in the shepherd write-up, and we’ll leave things the way they are text-wise for now.

Joe

From: Kenneth Vaughn <kvaughn@trevilon.com<mailto:kvaughn@trevilon.com><mailto:kvaughn@trevilon.com>>
Date: Tuesday, September 27, 2022 at 12:51
To: Joe Clarke (jclarke) <jclarke@cisco.com<mailto:jclarke@cisco.com><mailto:jclarke@cisco.com>>
Cc: opsawg@ietf.org<mailto:opsawg@ietf.org><mailto:opsawg@ietf.org> <opsawg@ietf.org<mailto:opsawg@ietf.org><mailto:opsawg@ietf.org>>
Subject: Re: SHEPHERD REVIEW: draft-ietf-opsawg-tlstm-update-07
The concept of automatically registering new hash algorithms was discussed during a May e-mail thread. Jürgen objected to the automatic recording of values and Tom Petch argued for the automatic registration.

While I don't think we ever achieved "agreement" on the position, we concluded with consensus (i.e., no sustained objections) on the wording in the current draft due to the fact that there was agreement that there was no requirement for our fingerprint to use the same hash as used by the TLS layer (and thus no technical requirement to link the two registries). >From that point, we concluded that if anyone wanted a value, they "would find the energy to register it" and we would not clutter the registry with unnecessary values.

Personally, I see the argument on both sides and am fine with the consensus. However, I could perhaps see softening the expert review statement to automatically approve the request to add any hash algorithm that is already approved for any version of TLS or DTLS rather than fording a consultation with the TLS WG.

I've made the other changes, but will hold off on implementing them until we resolve this issue..

Regards,
Ken Vaughn

Trevilon LLC
6606 FM 1488 RD #148-503
Magnolia, TX 77354
+1-571-331-5670 cell
kvaughn@trevilon.com<mailto:kvaughn@trevilon.com><mailto:kvaughn@trevilon.com>
www.trevilon.com<http://www.trevilon.com><http://www.trevilon.com/>




On Sep 27, 2022, at 10:36 AM, Joe Clarke (jclarke) <jclarke@cisco.com<mailto:jclarke@cisco.com><mailto:jclarke@cisco.com>> wrote:

I am reviewing -07 of this draft ahead of the shepherd review.  I have found a few nits, but at a larger level, I think more text might be needed for IANA around how to handle the new TLS hash registry.  Currently, the draft talks about a sync to “IANA TLS HashAlgorithm Registry”, which is good.  But what if new values get added to the cipher suites registry?  For example, what about GOST variants?  I would think if the TLS 1.3 spec (and their experts) allow for these algorithms would this registry not just take them?  What would the expert review consider when adding new algorithms here?

In terms of nits:

Search for “ciphersuites” and change to “cipher suites” as that is more consistent with other documents (and I think you use both in this document).


Section 2.1:

s/Values zero through 2/Values 0 through 2/


Section 2.3:

s/stated that TLSTM/states that TLSTM/


Section 3.1:

s/request, offer or use/request, offer, or use/


Section 7

Add a period to the end of the section.

Joe

v2.23.0 | Report a Bug | By Email