Re: [pcp] I-D.ietf-pcp-base needs UNSAF Consideration, c.f. RFC 3424

Sam Hartman <hartmans@painless-security.com> Tue, 14 August 2012 18:55 UTC

Return-Path: <hartmans@painless-security.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAE4E21F8564 for <pcp@ietfa.amsl.com>; Tue, 14 Aug 2012 11:55:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 4.407
X-Spam-Level: ****
X-Spam-Status: No, score=4.407 tagged_above=-999 required=5 tests=[AWL=-1.370, BAYES_05=-1.11, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0FuMWNbpezty for <pcp@ietfa.amsl.com>; Tue, 14 Aug 2012 11:55:52 -0700 (PDT)
Received: from ec2-23-21-227-93.compute-1.amazonaws.com (ec2-23-21-227-93.compute-1.amazonaws.com [23.21.227.93]) by ietfa.amsl.com (Postfix) with ESMTP id 3860321F853F for <pcp@ietf.org>; Tue, 14 Aug 2012 11:55:52 -0700 (PDT)
Received: from carter-zimmerman.suchdamage.org (c-98-217-126-210.hsd1.ma.comcast.net [98.217.126.210]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.suchdamage.org (Postfix) with ESMTPS id 81054206EE; Tue, 14 Aug 2012 14:46:36 -0400 (EDT)
Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id 80F7B4350; Tue, 14 Aug 2012 14:46:33 -0400 (EDT)
From: Sam Hartman <hartmans@painless-security.com>
To: james woodyatt <jhw@apple.com>
References: <C6EC0D3D-B90F-42AF-B647-C161AA48A24B@apple.com>
Date: Tue, 14 Aug 2012 14:46:33 -0400
In-Reply-To: <C6EC0D3D-B90F-42AF-B647-C161AA48A24B@apple.com> (james woodyatt's message of "Mon, 13 Aug 2012 14:33:22 -0700")
Message-ID: <tsly5lhia5y.fsf@mit.edu>
User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: Re: [pcp] I-D.ietf-pcp-base needs UNSAF Consideration, c.f. RFC 3424
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Aug 2012 18:55:52 -0000

>>>>> "james" == james woodyatt <jhw@apple.com> writes:
    james> The predecessor specification to the PCP Base draft, the NAT
    james> Port Mapping Protocol [I-D.cheshire-nat-pmp], has three pages
    james> of UNSAF Considerations in Section 4, and I don't understand
    james> why the PCP Base draft doesn't contain a similar section.


I don't know how this came about.
However as a matter a process, I don't think it appropriate to add this
to the PCP base spec nor hold up the PCP base spec for this issue post
iesg-review.
If you brought this up as an IETF last call comment, a WGLC comment or
earlier, I'd probably agree we should address it.

However as specs get more and more done I think the bar for changes
needs to get higher and higher.  I mean I guess someone could file an
appeal based on that issue and the IESG would have to consider such an
appeal.  However I'd suggest a more constructive approach than either
appealing the approval of the base spec when it happens or delaying the
base spec would be to write up a draft about UNSAF considerations for
PCP and see if people are interested in publishing it.

--Sam