Re: [OPSEC] [TLS] OpSec WGLC for draft-ietf-opsec-ns-impact

"Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com> Tue, 28 July 2020 22:41 UTC

Return-Path: <ncamwing@cisco.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 300783A09E8; Tue, 28 Jul 2020 15:41:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.62
X-Spam-Level:
X-Spam-Status: No, score=-9.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=bHyrHEU2; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=HoVCL3nR
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XlLcQvKe4vmI; Tue, 28 Jul 2020 15:41:02 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CE553A09E7; Tue, 28 Jul 2020 15:41:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3002; q=dns/txt; s=iport; t=1595976062; x=1597185662; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=gQVtlerOwLO1CcoVrurfKMU4M1EQfQQsyKitUn2EklI=; b=bHyrHEU2zuHjQQaNB2Xc4+U8fNfki0rJBn3jCjQi692rsA9FDUgGsI6u 3XXUhh+O0QS9v3uJU6ZTgKyOZ0JjBvvD2pYRrbL+5PECiFtlcB+ipVsKO itsmJ21BfV3qHrFd0kLw8zQe4KMzBPuQ9vpDHzKhlMHBXYWH/NbwAlKR/ k=;
IronPort-PHdr: 9a23:O9WAHhZ8cXRE8RPfgmwWRuD/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el21QaVD4re4vNAzeHRtvOoVW8B5MOHt3YPONxJWgQegMob1wonHIaeCEL9IfKrCk5yHMlLWFJ/uX3uN09TFZXxYlTTpju56jtBUhn6PBB+c+LyHIOahs+r1ue0rpvUZQgAhDe0bb5oahusqgCEvcgNiowkIaE0mRY=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BBBwCwqCBf/4wNJK1gHAEBAQEBAQcBARIBAQQEAQFAgUqBUiMuB29YLywKhCqDRgONMiWKAo5fgUKBEQNVCwEBAQwBARgLCgIEAQGETAIXggkCJDgTAgMBAQsBAQUBAQECAQYEbYVcDIVxAQEBAwEBARALBhEMAQEsCwEPAgEIDgoCAiYCAgIfBgsVEAIEAQ0FIoMEAYJLAw4gAQ6kYgKBOYhhdoEygwEBAQWBR0FCgmYNC4IOAwaBDiqCbYNZgjOEBBqCAIERJwwQgk0+ghpCAQEDAYEhBQESASGDFjOCLY8ngz+iQ04Kgl+IWIwjhHUCAR6faZIXii6CYZILAgQCBAUCDgEBBYFqI2dwcBU7KgGCPlAXAg2OHgwXg06FFIVCdDcCBgEHAQEDCXyOawGBEAEB
X-IronPort-AV: E=Sophos;i="5.75,408,1589241600"; d="scan'208";a="550738275"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 28 Jul 2020 22:41:01 +0000
Received: from XCH-RCD-005.cisco.com (xch-rcd-005.cisco.com [173.37.102.15]) by alln-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id 06SMf1T7021560 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 28 Jul 2020 22:41:01 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-RCD-005.cisco.com (173.37.102.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 28 Jul 2020 17:41:01 -0500
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 28 Jul 2020 18:40:59 -0400
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Tue, 28 Jul 2020 18:40:59 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Bj+buaj87zeKaeOghv7ITaZh5dNcJzyZznGyEdu/qPdmE6J1Z1Zuxp9oudUIbzL0w/fEZYjUu10vMxWIXeFFNNjtM/uWTr3AVEkqNheY7Ys+oYZwEcGFyepdwUO4zWrPicTaTnVDH9jUaiN17vaK+PSHByV4bp4wCB5/ppjj3CRSVCH8DmvJ24imWqW/7Uvub7ilo67AdHuHwsjigy4vEQGoNnJoGYo7Vx+Yhu7onbdD7N5ZpDQ9St5I9Pt5ZBCcxainf+qe/d2Q/+qn9+UALG29/ycuf1HZgxNWa0aEOAbPghRP0yNlT5ikTRd2BNrchnm7SlP0S06bt4AthEiQjw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gQVtlerOwLO1CcoVrurfKMU4M1EQfQQsyKitUn2EklI=; b=F/3lwov9MxfliRa1yb1vMAY0O9iBP3lbGMiy4cOvNJUro9PqyTnajqleY9CMvNYl2tTUXPJcmXZZ56SC4XQv1mbaREezFs7/9CARbmTevt+tkhrCGmEOVBgry1WMeeLv6QvGTEb01bCeW8k/ZZy7fj3PCb3DKQAB2ee1v39e65HqMtf1F1ngkJ9xPUupYutRdwsixhtO3+ukti9oDzqtuf+vcjMG6khHU7cH1WXx27bZsrHZYMj3iWyHy2yrdpwboDlhLWem8Q27Y+g5WKsk37XVK23B9lzKxnKfY+o23glNq97IwedBYCCQJD3boXFoIcjd3GrnIsi8qfxZK9tg9w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gQVtlerOwLO1CcoVrurfKMU4M1EQfQQsyKitUn2EklI=; b=HoVCL3nRX1Fr2w3D2nqmn2eT7sFXo8hfxWyuTLolOObxwdrtY0NEFnR9robZcX3eTKZ4WgRG94bjDHJ9VfYDS/cA3FgwdktlrkyOXFI3HupWReV08aaE+j5SuO7/GyAb1xDzgfjk6e+QjlsKXDgqcHrwq2vq6q1vWovJz+sJR6c=
Received: from BY5PR11MB4070.namprd11.prod.outlook.com (2603:10b6:a03:181::16) by BYAPR11MB2981.namprd11.prod.outlook.com (2603:10b6:a03:83::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.16; Tue, 28 Jul 2020 22:40:58 +0000
Received: from BY5PR11MB4070.namprd11.prod.outlook.com ([fe80::e42f:216e:af3e:8ce5]) by BY5PR11MB4070.namprd11.prod.outlook.com ([fe80::e42f:216e:af3e:8ce5%7]) with mapi id 15.20.3216.033; Tue, 28 Jul 2020 22:40:58 +0000
From: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
To: Jen Linkova <furry13@gmail.com>, tom petch <ietfa@btconnect.com>
CC: opsec WG <opsec@ietf.org>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] [OPSEC] OpSec WGLC for draft-ietf-opsec-ns-impact
Thread-Index: AQHWZPlVwHJkW1nKsUCD9A1wLaLJ+qkdjwQA//+SAoA=
Date: Tue, 28 Jul 2020 22:40:58 +0000
Message-ID: <15572610-7090-441F-B0AF-DEE789DBC42D@cisco.com>
References: <CAFU7BAT9LxVJJxE8OhhzTXgrbS6SHYb7U9LQdMvOZQQREC2Etg@mail.gmail.com> <DB7PR07MB5340B0AB5194B177DA1E6C38A2730@DB7PR07MB5340.eurprd07.prod.outlook.com> <CAFU7BARaFX0TfbZ4ixZardo5pc8r3A_f6p8TPbj-oEjC3RYx=w@mail.gmail.com>
In-Reply-To: <CAFU7BARaFX0TfbZ4ixZardo5pc8r3A_f6p8TPbj-oEjC3RYx=w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.18.200713
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [73.162.233.180]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2297f609-ec14-4af1-ae60-08d833474c55
x-ms-traffictypediagnostic: BYAPR11MB2981:
x-microsoft-antispam-prvs: <BYAPR11MB298151834CB90285B51CAC32D6730@BYAPR11MB2981.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 7BbmhPD47xqL43hT5QeJj7ZcDJGcxzi5XpL/l1edoDUdaw5oCeNNL2rNPTCfhgMVX1QaFNXgXs2gvTn2SlrHONu8oXNcGm7DhbnOjauAuWWl0BxaSzUT/bCUzyLRArV9IF9mZkXiVeM2tzd5LEpgKNEKPKZ7eDqMzRTlz9wsPxVLvr66UgUprVZiXnsrbss3+hTs8ZPQot/w8KZWN5qcHyUQZlRpSIL1GZU0CLE1Q04uy9RQD4Vu/E7Qx+KJSmsL0SSROm+QLdcduiDGdWi+P3V+3sBHTrA/bpDCXo2NkTBPoNJkDzUKXxqy9gYQwwAQI+l/5qNovIXjoT9YQ9hitzbe8y1q9GFb5I9QZFWV7kqntXNHHkgl9efFaIYXrR8Ne5LlVCarPxmEvLgSDkBvEg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4070.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(6029001)(4636009)(346002)(396003)(136003)(39860400002)(376002)(366004)(64756008)(4326008)(6486002)(86362001)(2616005)(316002)(2906002)(66556008)(71200400001)(66446008)(8936002)(478600001)(6512007)(36756003)(54906003)(76116006)(26005)(6506007)(53546011)(186003)(8676002)(966005)(5660300002)(83380400001)(110136005)(33656002)(66476007)(66946007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: rkhtlq9kwlSmfq8IS8ZI2aF10yDrcDb+zVm+2dDuJEZG+t70wrReWaJIDkM03WP5Z2IYI68onGL6GBxkJ558yHWbKd+s0as06EvBXkdI1xqn7K/ulXoXHtEjclLi7IUCcwi/OEG/fcLVWR/IryyGbeUBh04HuHtO2LHJlHhJeSh9KbAFW5CO1bBSzNmtRDnguI8zKoqd2zTHW3JF3B3hmgIc3H8auR93X0LLm/R8fhB8ijTI0fo7gW9hoEaYoV2L+mTgmWL4jg9e8XtUOywbl848WxXmTEsJShVwfEVR0My7+vmxNh7tlqUsjb6p9QHQnfXdZ3NphHsGOjzy2/yMmtBLVmk8hEz3QwhOmH5byRjdPl6Cxngvb6T+vfenPzcFAONzw+NlhPBNjOFnT18e0OnrWHjrAZlx0dSl5zdbUVVI9CL3YjNkHa1xQM+Uszl27Cji4H+EL6scsiwwVRmae01EZPhixTcjGe83KAFmDlVLHef4xP9shlLKm16pF+v3xu8YSJQRj0uIG/lBwt2BFzDBCtmMkLvwkV/DzXy6UgQjpcFSh4I199HAbpcVAI+JGW/d8/RkcDjC8IS58ePWVLdlzcNxAUDoz19ccXgLzIhl0VRsdja9bICEm6WPwrpr4in4Pfv612YlxQx4hEhklA==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <30C4C47146282D47938EC885D183C5A5@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4070.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2297f609-ec14-4af1-ae60-08d833474c55
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jul 2020 22:40:58.7714 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mWHOB81LM+HnpIBzhpFvVgjF+PrUTpFuO738zFD5BsZUbdtDbGYZv397twzE4JVkYwElacOWhJm+yvGd2CRnsA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB2981
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.15, xch-rcd-005.cisco.com
X-Outbound-Node: alln-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/JbZxSOxPHl4JrOzAMqwRYO5bUp4>
Subject: Re: [OPSEC] [TLS] OpSec WGLC for draft-ietf-opsec-ns-impact
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 22:41:05 -0000

Hi Jen,
Yes, yes....and again apologies for missing Tom's comments.  For some reason we (the authors) did not see his email come thru, but I did cover Kathleen's and Jason's comments (and did respond to them when their comments came in).

Will try to do it in the next day or so....
Best, Nancy

On 7/28/20, 3:15 PM, "TLS on behalf of Jen Linkova" <tls-bounces@ietf.org on behalf of furry13@gmail.com> wrote:

    On Wed, Jul 29, 2020 at 2:07 AM tom petch <ietfa@btconnect.com> wrote:
    >> This email starts the WG Last Call for draft-ietf-opsec-ns-impact ,
    >> Impact of TLS 1.3 to Operational Network Security Practices,
    >> https://datatracker.ietf.org/doc/draft-ietf-opsec-ns-impact/.
    
    > <tp>
    > OPPOSE (yes, I am shouting)
    >
    > This is nowhere near ready and putting it forward so soon is ... well ludicrous comes to mind.
    >
    > After WG adoption, comments were made to which there was no acknowledgement, no response,  I was about to oppose the adoption of the other I-D from these authors on the grounds that until they respond to comments nothing else should happen because when they do there are more comments waiting to be aired.  I am still of that view.
    
    Sorry, it's partially my fault. I did explicitly ask the authors to
    address your comments and submit a new version. I should have
    double-checked that the new version incorporates the feedback.
    
    Dear authors, would you be able to address Tom's comments ASAP so the
    new revision can be reviewed during the WGLC?
    
    > I do see that a revised I-D has just appeared in among the thousand or so I-D that appear around the time of an IETF meeting, a timing that I sometimes think is designed to let it slip through unnoticed.  Given all those other I-D - silly authors - it may be more than three weeks before I get my thoughts together.
    
    Just to clarify: would you prefer not to have the WGLC around IETF
    weeks at all?
    
    -- 
    SY, Jen Linkova aka Furry
    
    _______________________________________________
    TLS mailing list
    TLS@ietf.org
    https://www.ietf.org/mailman/listinfo/tls