IETF Logo Mail Archive

Re: [OPSEC] [IANA #1274499] expert review for draft-ietf-opsec-probe-attribution (well-known-uris)

Mark Nottingham <mnot@mnot.net> Mon, 19 June 2023 23:39 UTC

Return-Path: <mnot@mnot.net>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5A91C13AE35 for <opsec@ietfa.amsl.com>; Mon, 19 Jun 2023 16:39:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b="J1S4O0jB"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="mGVJZIX2"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xZksZ0iMriAh for <opsec@ietfa.amsl.com>; Mon, 19 Jun 2023 16:39:17 -0700 (PDT)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B4B0C13AE28 for <opsec@ietf.org>; Mon, 19 Jun 2023 16:39:16 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 1B9063200495; Mon, 19 Jun 2023 19:39:16 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Mon, 19 Jun 2023 19:39:16 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to; s=fm3; t= 1687217955; x=1687304355; bh=F9mRe1Zi9fRtDFlDwdtaBPM0HvFRtN2fI5I wv0vDqwQ=; b=J1S4O0jBgkon4EeJ95eRjVVPLIq9v6G32SPPrbnLf6tzNsrGFJ7 ifSlqVuUsPuOYmEWHFiR29P1ohrTllvwwOVOrLgWSOp0ZoykOnPyWvjpukxlfrMF zGI1lCtxb9kFqgUDoWhO6JB8imkpkIt8+eOgSbIa+47dW1xHBjPl2DTDV4TBEBKh stn1D8eM6crwRzFzzQzYbAIdl/0273clmd0tS9Y4L0mW7mvSc+Xnoq8dyfVX8CfO 9I3XzovxZOoOlroLy8p0IRi+hczyKxAqvTLz1WpBGwzrNSvf5zgU70Zq0H/uZWS/ gGDh7MKAaslzyEisyfiX8vjKdRMCeBrt+sw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t= 1687217955; x=1687304355; bh=F9mRe1Zi9fRtDFlDwdtaBPM0HvFRtN2fI5I wv0vDqwQ=; b=mGVJZIX2gi2RmM7BMwa0GU1NuXVAnZjyOf8wQzUigo3kvxU60o4 aZeVsUgWd1d7q+H69KL3E8KyDF/T9WeZKqtA+y53cTkKsn6p49L/ZA5ANnf6KwQ0 PUVg2yGbKMBiv/KPvN1JDgz1HCIHCE/blMBRVQJMMjXbRSNzVa/ULJzRf71lWFw2 vAJ2RJaWShQzEjtaS4u+CwyETfL2TSegeCaKBYQG7tZzukh+xvWNS70/bTger0g4 A7qdnVtJkxfp3WzEQd2DA02UfmM38feBStYjyQOy5wECEJxJsmhQwajMMKu8sT5H qYU8ULD4Qf1Vn5F150qh0wGwbSgjWSHoUCg==
X-ME-Sender: <xms:I-eQZJ-lrxpgDz_3gK2aJKabEoAJoqldAUvoS00lvlkLj2vo3O4NFg> <xme:I-eQZNt6IARHOctk6rjnJKvRV7P8_KxzYyBDglwdHswBhjuAzBQELfDuyvmDBzija jEJ1fVu58NylDMz4w>
X-ME-Received: <xmr:I-eQZHBpeRPjzhv2tSNdO2oUwQhhFGrUhct6SrLZCMspmeroVIUbFtuaAxUTpMQjuMashRkTWNv-b2fSMBb2k2kPdV2S7hMYV1phVRu5rZFgScb4Gi6Y8QDX>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrgeeffedgvdegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurheptggguffhjgffvefgkfhfvffosehtqhhmtdhhtddvnecuhfhrohhmpeforghr khcupfhothhtihhnghhhrghmuceomhhnohhtsehmnhhothdrnhgvtheqnecuggftrfgrth htvghrnhepkedtueduteeiheehvdefleettdffudfhveeigfeuleffffevheetveffteej heejnecuffhomhgrihhnpegvgigrmhhplhgvrdhnvghtpdhivghtfhdrohhrghdpihgrnh grrdhorhhgpdhmnhhothdrnhgvthenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgr mhepmhgrihhlfhhrohhmpehmnhhothesmhhnohhtrdhnvght
X-ME-Proxy: <xmx:I-eQZNfwj_di6CuMaBidySLb0rPsE2rOWVVs5SyZOaBuRTSq7zwC6w> <xmx:I-eQZON5Im-eTcSLXuQag2kAV6tb-kctKp1vaiR_Z4_kmaTNkr_QcA> <xmx:I-eQZPlzWgOm0xLxvfY-3N4ifk4jiVhH5aZRelL8MS3gyJ8-9jOghg> <xmx:I-eQZA2gjcMPAGu7Bxd2C1Xhr3umREniCoAm8OGdn8_OjaZl_Lr_Sg>
Feedback-ID: ie6694242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 19 Jun 2023 19:39:13 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <5bc5be3f-19f2-ea2b-17e3-5d1b6bab9d37@uliege.be>
Date: Tue, 20 Jun 2023 09:39:11 +1000
Cc: drafts-expert-review@iana.org, opsec@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <B52E5702-8DAA-4CA4-8972-B6D55BC936A9@mnot.net>
References: <RT-Ticket-1274499@icann.org> <rt-5.0.3-2205261-1686155005-884.1274499-37-0@icann.org> <rt-5.0.3-2207827-1686155260-1464.1274499-37-0@icann.org> <35684062-23D9-46F9-9EAC-329FBE7F7B11@mnot.net> <fbed81e1-8723-8f8e-2260-b03421c10bfa@uliege.be> <F924ABDE-8D59-4D78-834A-A38265F4A847@mnot.net> <5bc5be3f-19f2-ea2b-17e3-5d1b6bab9d37@uliege.be>
To: Justin Iurman <justin.iurman@uliege.be>
X-Mailer: Apple Mail (2.3731.600.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/DUzxQ5VkQRtztSdQk2SESwVOIiw>
Subject: Re: [OPSEC] [IANA #1274499] expert review for draft-ietf-opsec-probe-attribution (well-known-uris)
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jun 2023 23:39:21 -0000

Hi Justin,

Thanks for that.

Reading the updates, the document still assumes the reader knows what is meant by 'active measurements' and 'probes' -- it isn't clear whether these are purely IP-layer, or they might be application-layer (e.g., in HTTP or SMTP) as well, or somewhere in between. Clarifying what is and isn't an active measurement / probe -- even if the definition is expansive -- would be very helpful.

Cheers,


> On 18 Jun 2023, at 1:11 am, Justin Iurman <justin.iurman@uliege.be> wrote:
> 
> Hi Mark,
> 
> We just published a new version (-06) that addresses your comments.
> 
> Thanks,
> Justin
> 
> On 6/9/23 07:34, Mark Nottingham wrote:
>> Hi Justin,
>>> On 9 Jun 2023, at 6:32 am, Justin Iurman <justin.iurman@uliege.be> wrote:
>>> 
>>> Hi Mark,
>>> 
>>> Thanks for the review. Please see inline ([JI]).
>>> 
>>> On 6/8/23 05:07, Mark Nottingham wrote:
>>>> Hi Sabrina et al,
>>>> The registration is approved.
>>>> Feedback on the document:
>>>> * Section 2.2 says 'As defined in Section 8, the probe description file must be made available at "https://example.net/.well-known/probing.txt"'. This is not correct, as it hardcodes the domain 'example.net' and the scheme 'https'. If you want to only use the scheme 'https', that should be explicitly required (remember, Well-Known URIs are defined for many URI schemes).
>>> 
>>> [JI] Would "/.well-known/probing.txt" be better instead?
>> Yes.
>>>> * It would be helpful to more clearly state the purpose of the Probe Description up front; to a new reader, it's not clear whether it's describing a particular probe, or a policy for probing (which could be implied by the normative reference to RFC9116). It might help to more clearly and definitely describe what a probe is and is not.
>>> 
>>> [JI] We'll craft some text to make that clearer.
>>> 
>>>> * What is "URI inclusion" (mentioned in Section 3)?
>>> 
>>> [JI] "URI inclusion" is the in-band probe attribution (the mention was removed, it was rephrased based on Peter's review).
>>> 
>>> Thanks,
>>> Justin
>>> 
>>>> Cheers,
>>>>> On 8 Jun 2023, at 2:27 am, Sabrina Tanamal via RT <drafts-expert-review@iana.org> wrote:
>>>>> 
>>>>> Hi Mark (cc: opsec wg),
>>>>> 
>>>>> As the designated expert for the Well-Known URIs registry, can you review the proposed registration in draft-ietf-opsec-probe-attribution-05 for us? Please see
>>>>> 
>>>>> https://datatracker.ietf.org/doc/draft-ietf-opsec-probe-attribution/
>>>>> 
>>>>> The due date is June 21st.
>>>>> 
>>>>> If this is OK, when the IESG approves the document for publication, we'll make the registration at:
>>>>> 
>>>>> https://www.iana.org/assignments/well-known-uris
>>>>> 
>>>>> Thanks,
>>>>> 
>>>>> Sabrina Tanamal
>>>>> Lead IANA Services Specialist
>>>>> 
>>>> --
>>>> Mark Nottingham   https://www.mnot.net/
>>>> _______________________________________________
>>>> OPSEC mailing list
>>>> OPSEC@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/opsec
>> --
>> Mark Nottingham   https://www.mnot.net/

--
Mark Nottingham   https://www.mnot.net/

v2.23.0 | Report a Bug | By Email