Re: [regext] [Ext] Alissa Cooper's Discuss on draft-ietf-regext-data-escrow-07: (with DISCUSS)

James Galvin <galvin@elistx.com> Fri, 17 July 2020 13:44 UTC

Return-Path: <galvin@elistx.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7329C3A093D for <regext@ietfa.amsl.com>; Fri, 17 Jul 2020 06:44:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=elistx-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rKeOWRVnCVAU for <regext@ietfa.amsl.com>; Fri, 17 Jul 2020 06:44:48 -0700 (PDT)
Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AC853A093B for <regext@ietf.org>; Fri, 17 Jul 2020 06:44:48 -0700 (PDT)
Received: by mail-qt1-x82d.google.com with SMTP id g13so7612813qtv.8 for <regext@ietf.org>; Fri, 17 Jul 2020 06:44:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=elistx-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=BmlGEE95leJoMWC3OLDQcKhX2mxwqrR+8z7HIHGEhGE=; b=1MxjJ8boDQYaeo3HC3gbLfbq4k2iFDA5uvVcVoRuNrQI0GJqZs/K5dKIhEWLT5mTY6 cV9FNp6cNYhXeKDIRmGT4u7QUVCMDSFThR4cRJy+3DVfE9gDsyznF7NJAXQnjgRdTh9q 29yHDLZWlG0IvsoK6vFLYefaUAE0U5CvFK6vkFry65ceX3okoD1jl2xLmyPvBuE81lFK qnBlC906SPyoJwBTLVXa2sm8kOWWIwHxWKBxHeUSyQjRsx2v6uvYZ7F8BGxUgzGnjc9J V6tkjsI1FrkZaZ0JTiIMvrYxgkexuv77BmloEB9tQTzbXv6PaV/3YuzTjjGzuKaXRnuG 0RVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=BmlGEE95leJoMWC3OLDQcKhX2mxwqrR+8z7HIHGEhGE=; b=s013YfQP3dE6UibxRCKABAV9H3cgIdEi5lJmSoNc0bOVKiixfpgTEMMCU1OhaRXb02 N38iCiH7KcvtugZXkyp1lyCanlnXAMwyVSWPV7H7vgxYP7GUBKxYCikfHGEjLFU6uXaO 1CSFcJ+MRZck8Lz0D3CzqkzC25YsTkdpuQ1Au0LT5blICiLLuLOzLtBvQSw7KgLGkeLz LYfAbGmNppxL4+YLGlSCgadwRQ3KiY5E/D2VNUDdlqC6IzvmQrtOuY1eFZltBIeNlith O920ZtvwFd161LMDspvnIEOABcLbEDOrLDMU8rb602YjmZU3Q7BBejXf9UV+9zHBbVfz kLdw==
X-Gm-Message-State: AOAM533k+XkJXhFi/1yNzpVzaLPD7ZqUvY72fxBV8rj/w+ZmKULHb2wX I3a0ptl7f9/8mCThoQ1akUZMYg==
X-Google-Smtp-Source: ABdhPJy5jsz+m9iGF3lNfpDEbjnKv4nbQaSoOrdNMaTA3xA9N0ugmsimG3EEaJaSw/w+x0mDt84bcw==
X-Received: by 2002:ac8:1972:: with SMTP id g47mr10483832qtk.180.1594993487211; Fri, 17 Jul 2020 06:44:47 -0700 (PDT)
Received: from [10.0.0.99] ([2601:154:c202:9d20:1808:6253:3c4c:a675]) by smtp.googlemail.com with ESMTPSA id a20sm11544494qtw.54.2020.07.17.06.44.45 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 17 Jul 2020 06:44:46 -0700 (PDT)
From: "James Galvin" <galvin@elistx.com>
To: "Barry Leiba" <barryleiba@computer.org>
Cc: "Alissa Cooper" <alissa@cooperw.in>, "Gustavo Lozano" <gustavo.lozano@icann.org>, "The IESG" <iesg@ietf.org>, regext-chairs@ietf.org, regext@ietf.org, jgould@verisign.com, draft-ietf-regext-data-escrow@ietf.org
Date: Fri, 17 Jul 2020 09:44:55 -0400
X-Mailer: MailMate (1.13.1r5671)
Message-ID: <81BF2409-57C4-4253-B4A6-6A0D8BBA8DE6@elistx.com>
In-Reply-To: <CALaySJKwUYTTeBdLuc=WdXH13mrGZM6S5W1cPMakr1zeDba6cg@mail.gmail.com>
References: <158644010413.3377.5705483345316701310@ietfa.amsl.com> <E96FFD38-A07C-4F3C-878B-4A758F07FD5C@icann.org> <CALaySJKwUYTTeBdLuc=WdXH13mrGZM6S5W1cPMakr1zeDba6cg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/eLzcmdUdD1cB4Rs65PnXQ3rbd48>
Subject: Re: [regext] [Ext] Alissa Cooper's Discuss on draft-ietf-regext-data-escrow-07: (with DISCUSS)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jul 2020 13:44:50 -0000

Alissa,

It’s been about 2 months and the REGEXT chairs would like to know the 
status of this document.  Have you checked Gustavo’s message and 
confirmed that your concerns have been addressed?

Thanks,

Jim and Antoin




On 26 Jun 2020, at 11:42, Barry Leiba wrote:

> Alissa, will you please check the current version of the data-escrow
> document < 
> https://datatracker.ietf.org/doc/draft-ietf-regext-data-escrow/
>> and see if Gustavo's changes address your concern?  And if not,
> please work with Gustavo to get it sorted out.  Thanks.
>
> Barry
>
>
> On Wed, May 13, 2020 at 3:08 PM Gustavo Lozano 
> <gustavo.lozano@icann.org> wrote:
>>
>> Thank you Alissa,
>>
>> Comments inline prefixed with GL-
>>
>> Regards,
>> Gustavo
>>
>> On 4/9/20, 06:48, "regext on behalf of Alissa Cooper via 
>> Datatracker" <regext-bounces@ietf.org on behalf of noreply@ietf.org> 
>> wrote:
>>
>>     Alissa Cooper has entered the following ballot position for
>>     draft-ietf-regext-data-escrow-07: Discuss
>>
>>     When responding, please keep the subject line intact and reply to 
>> all
>>     email addresses included in the To and CC lines. (Feel free to 
>> cut this
>>     introductory paragraph, however.)
>>
>>
>>     Please refer to 
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_iesg_statement_discuss-2Dcriteria.html&d=DwICAg&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=VbweciUcwYQpIOZDSxl0ezGd1hGDtd-0BvgAgfmwfE0&m=6KotPsZrrzq2bpn2K-y1yF2urMkEJOz0OITxaBun2Xs&s=hcpPqoVjnm9-aoinq9ndolZqJuxMFPlrXAwKp9NNEi4&e=
>>     for more information about IESG DISCUSS and COMMENT positions.
>>
>>
>>     The document, along with other ballot positions, can be found 
>> here:
>>     https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_draft-2Dietf-2Dregext-2Ddata-2Descrow_&d=DwICAg&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=VbweciUcwYQpIOZDSxl0ezGd1hGDtd-0BvgAgfmwfE0&m=6KotPsZrrzq2bpn2K-y1yF2urMkEJOz0OITxaBun2Xs&s=tOGRD4dNp47NFz1LacDypLNFM0wMf5om9bc9_HKbQMg&e=
>>
>>
>>
>>     ----------------------------------------------------------------------
>>     DISCUSS:
>>     ----------------------------------------------------------------------
>>
>>     I support Benjamin's DISCUSS and Roman's last DISCUSS point.
>>
>> GL - The latest version of the draft covers the feedback from Roman 
>> (DISCUSS cleared), and I also believe Benjamin's feedback (waiting 
>> for his response)
>>
>> Regarding Section
>>     11, there are often legal agreements in place that govern all 
>> sorts of things
>>     about how protocols transfer data between parties, but those are 
>> not the main
>>     thing to document in an RFC. Section 11 should be documenting the 
>> technical
>>     considerations for how to protect the data that may be escrowed.
>>
>> GL - draft-ietf-regext-data-escrow describes a standardized format 
>> for escrow, and it's not a document specifying escrow services (i.e., 
>> no definition of a transport protocol, signaling mechanism, etc.). 
>> Section 11 has been strengthen based on the comments from other 
>> IESG's members, and I believe it's in good shape now.
>>
>> Here are the differences between 07 and 08, and 08 and 09:
>> https://tools.ietf.org/rfcdiff?url2=draft-ietf-regext-data-escrow-08.txt
>> https://tools.ietf.org/rfcdiff?url2=draft-ietf-regext-data-escrow-09.txt
>>
>> I think that a draft describing the best security / operational 
>> practices for escrow service providers could be a good idea. In the 
>> case of the gTLD space, there is no urgency for such a document, as 
>> the security / operational requirements are detailed in legal 
>> agreements.
>>
>> Hopefully, this clarifies my previous comments.
>>
>>     _______________________________________________
>>     regext mailing list
>>     regext@ietf.org
>>     https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_regext&d=DwICAg&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=VbweciUcwYQpIOZDSxl0ezGd1hGDtd-0BvgAgfmwfE0&m=6KotPsZrrzq2bpn2K-y1yF2urMkEJOz0OITxaBun2Xs&s=gtb7G2HcGVH0Nkn1jQNw3zcDejr56jw5emEs2RK8ilw&e=
>>