IETF Logo Mail Archive

Re: [P2PSIP] Barry Leiba's Discuss on draft-ietf-p2psip-diagnostics-19: (with DISCUSS and COMMENT)

Alissa Cooper <alissa@cooperw.in> Fri, 29 January 2016 19:12 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED0AC1B31E7 for <p2psip@ietfa.amsl.com>; Fri, 29 Jan 2016 11:12:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ULtx_EBzXoQL for <p2psip@ietfa.amsl.com>; Fri, 29 Jan 2016 11:12:42 -0800 (PST)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE49B1B31E2 for <p2psip@ietf.org>; Fri, 29 Jan 2016 11:12:41 -0800 (PST)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id B951C20995 for <p2psip@ietf.org>; Fri, 29 Jan 2016 14:12:40 -0500 (EST)
Received: from frontend1 ([10.202.2.160]) by compute5.internal (MEProxy); Fri, 29 Jan 2016 14:12:40 -0500
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=cooperw.in; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-sasl-enc :x-sasl-enc; s=mesmtp; bh=wCxHDgU0lciaPc+WobISQ9sIneY=; b=xcR0e2 t5M82+zpCYS2CRMkaBz2n1i2LpbcSsR50gyOgPNI8uPXw+SADxTAc8yv51knQJ/q LyMxXUoyOLqp7YaBC40FaMWMXQAvTakF2oCrgiuRvHQDG2sOs5zZp7JxPoV7FpcY TrclfGBiVrVUvNu+gA/xghjEJpLo1gyLzZ/OQ=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=wCxHDgU0lciaPc+ WobISQ9sIneY=; b=fO6jjkAOm+b3r5wYJ6qdUie2SPrFwwlG0v0yd7KFrshVVXk 6MQ8kkhh3nQ1sizGpzsMyuZAks0vineyf2gw8fLZBACB5JMZl0Hhg0ZrvWHahPmH itoqdDdRY6zs7GxIz39NS/71YWmT2zhm1CknKedDPkkrW6gGHhAKwEUawkFU=
X-Sasl-enc: BGnkBz+3XDZzmvEAWyQQPiSOxwDz8cyJyba7sUVfQAN8 1454094760
Received: from dhcp-171-68-20-130.cisco.com (dhcp-171-68-20-130.cisco.com [171.68.20.130]) by mail.messagingengine.com (Postfix) with ESMTPA id 15419C00018; Fri, 29 Jan 2016 14:12:39 -0500 (EST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: Alissa Cooper <alissa@cooperw.in>
In-Reply-To: <CALaySJ+QjHHfPxWFvG=8XvB9oz=1wpPQskw0-SwgVLt2uzUe3g@mail.gmail.com>
Date: Fri, 29 Jan 2016 11:12:37 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <E3A881B6-BC75-4A9E-947F-13C490C9C59B@cooperw.in>
References: <20151216041827.16193.95293.idtracker@ietfa.amsl.com> <E33E01DFD5BEA24B9F3F18671078951F65DAB4AF@nkgeml513-mbx.china.huawei.com> <D0BF613A-D35C-4BDF-8FD0-6BC8EB5B7E18@cooperw.in> <CALaySJ+QjHHfPxWFvG=8XvB9oz=1wpPQskw0-SwgVLt2uzUe3g@mail.gmail.com>
To: Barry Leiba <barryleiba@computer.org>
X-Mailer: Apple Mail (2.2104)
Archived-At: <http://mailarchive.ietf.org/arch/msg/p2psip/0uAapR7J1ZZ2nc8etvGluKXoZ_4>
Cc: "p2psip-chairs@ietf.org" <p2psip-chairs@ietf.org>, "p2psip@ietf.org" <p2psip@ietf.org>, IESG <iesg@ietf.org>, "draft-ietf-p2psip-diagnostics@ietf.org" <draft-ietf-p2psip-diagnostics@ietf.org>
Subject: Re: [P2PSIP] Barry Leiba's Discuss on draft-ietf-p2psip-diagnostics-19: (with DISCUSS and COMMENT)
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/p2psip/>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jan 2016 19:12:44 -0000

I looked through the mailing list archives and the meeting minutes from the meetings around the time when the registration policy was added to the document (the -01). I did not see any discussion of the registration policy. 

I fully agree with Haibin’s analysis, though, which is that the potential for introducing sensitive diagnostic types (e.g., location) is sufficient to make Standards Action or IETF Review a good choice. These should get IETF-wide security review before being added to the registries. 

Alissa

> On Jan 28, 2016, at 1:47 PM, Barry Leiba <barryleiba@computer.org> wrote:
> 
>> Does Haibin’s answer clear up your concern?
> 
> Sorry, it must have gotten lost in the end-of-year mess.
> 
> No, it doesn't: Haibin gives his thoughts on the question, but I asked
> about what discussion the working group had in coming to the decision.
> Further comment:
> 
>>> For Sections 9.1 and 9.2, I would like to see some evidence of discussion that
>>> resulted in the decision to make the registry policies Standards Action.  Did
>>> the working group actually discuss this and make a decision that Standards
>>> Action is right?  What's the reasoning for not using some softer policy, such as
>>> "IETF Review" (which might allow for registrations from Experimental
>>> documents) or Specification Required (which would allow review by a
>>> designated expert of a non-RFC specification)?  Why is Standards Action the
>>> right thing?
>>> 
>> The thought was that if a new value would be used for experimental
>> purpose, then there are reserved values accordingly for overlay local
>> use (0xF000-0xFFFE). And then if people want that value can be used
>> across different RELOAD overlays, then they'd better need a standard
>> track document to define it (that's why we assume it would be standard
>> track). "Specification Required" allows non-RFC specifications, not
>> sure that would reflect the IETF consensus (certain concerns might
>> exist about certain kinds of diagnostic information).
> 
> Yes, "Specification Required" allows non-RFC specifications, with a
> designated expert to review the request and sanity-check it.  Why does
> the working group think this registry needs only Standards Track RFCs
> to make registrations?  Why can't IETF consensus approve a
> non-Standards-Track RFC (as with "IETF Review")?  Why couldn't a
> designated expert handle the review, consulting with whatever
> appropriate working group(s) exist at the time (as with "Specification
> Required")?
> 
> I'm honest OK with Standards Action if that's really what the working
> group wants, and they have a reasonable explanation for why that's
> necessary here.  I'm asking because I can't see any evidence that it
> was actually discussed, and I'm concerned that we consistently use
> too-strict registration policies because we think they're necessary,
> and that often bites us later on, when we wish we hadn't been so
> strict.
> 
> Can you point me at any messages or minutes that show the working
> group discussion about the registration policy?  Can the working group
> explain what harm could be caused if registrations were allowed to be
> made without Standards Track RFCs?
> 
> Barry

v2.23.0 | Report a Bug | By Email