IETF Logo Mail Archive

[perpass] "Its an attack" BCP draft

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 20 November 2013 22:17 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5990B1AE150 for <perpass@ietfa.amsl.com>; Wed, 20 Nov 2013 14:17:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.425
X-Spam-Level:
X-Spam-Status: No, score=-2.425 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.525] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XCZR1MHq-pBT for <perpass@ietfa.amsl.com>; Wed, 20 Nov 2013 14:17:05 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 0FC981AE01C for <perpass@ietf.org>; Wed, 20 Nov 2013 14:17:05 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 95E30BE68 for <perpass@ietf.org>; Wed, 20 Nov 2013 22:16:57 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tdhEesfdzhGi for <perpass@ietf.org>; Wed, 20 Nov 2013 22:16:56 +0000 (GMT)
Received: from [10.87.48.12] (unknown [86.44.78.110]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id E132EBE63 for <perpass@ietf.org>; Wed, 20 Nov 2013 22:16:55 +0000 (GMT)
Message-ID: <528D34D7.1010303@cs.tcd.ie>
Date: Wed, 20 Nov 2013 22:16:55 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
To: perpass <perpass@ietf.org>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [perpass] "Its an attack" BCP draft
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2013 22:17:07 -0000

Hi all,

Following up on item 3a from the status/plan mail [1] I sent
last week, Hannes and myself have written up an I-D [2] that
tries to capture the consensus in the room from the Vancouver
tech plenary and we're proposing as a BCP.

We're deliberately trying to keep this short and sweet and to
not (yet) go beyond what was the gist of the hums - we think
progressing e.g. the threat model or the privacy BCP or other
bits of related work is liable to take longer and there's value
in documenting that the IETF as a whole has consensus on the
most significant bit first so those and other bits of work
don't all have to re-establish that as they are processed.
Hopefully we can all easily agree that that's a useful target
and focus comments on whether on not we've expressed that
consensus well or not.

<boring-bit>
We've been bouncing versions of this around amongst the IESG
and IAB for the last week, and process-wise, that has been
fun already. As you'll see from section 3 of the draft, we can
no longer just shoot out an RFC agreed by the IESG and IAB so
the plan for this is that when Hannes and I figure this looks
ready, based on your comments, then we'll ask Jari to start a
4-week IETF LC for it. When he thinks that's ok he'll start it
and then we'll see how that goes. Assuming that goes well, then
sometime during IESG evaluation the IAB will decide if they
like the final text (or not, which'd be "interesting") and if
they do then an IAB note saying "yep, we like it" will be added
sometime during/after IESG evaluation before this goes to the
RFC editor. In an ideal world, you'll all love the -00 already
and tell us that and we'll be done with all of the above super
duper process stuff by the end of the year. (Haven't we built
ourselves a lovely crazy process? ;-)

I really hope we don't end up with a process debate over this,
since the above, silly and all as it is, should achieve the
desirable outcome which is a simple BCP, approved by the IESG
after an IETF LC and also supported by the IAB. The value in
that is that it seems to be as close as we can get to the same
setup as RFCs 1984 and 2804 which is the right kind of heritage
for this one. So there is a reasonably good reason for the
process-crap.
</boring-bit>

Anyway, ignoring process, comments on this are welcome, so
please take a read of the two pages of content and let us know
what you think. If you do think its already good enough for
starting an IETF last call, then saying that is useful as well.

And since the IETF LC will happen on the ietf@ietf.org list,
using this list for initial processing should be fine.

Cheers,
S.

[1] http://www.ietf.org/mail-archive/web/perpass/current/msg01016.html
[2] http://tools.ietf.org/html/draft-farrell-perpass-attack

v2.23.0 | Report a Bug | By Email