IETF Logo Mail Archive

Re: [Roll] draft-ietf-roll-security-framework returned to working group.

"Adrian Farrel" <adrian@olddog.co.uk> Mon, 13 August 2012 10:06 UTC

Return-Path: <adrian@olddog.co.uk>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF76A21F872D for <roll@ietfa.amsl.com>; Mon, 13 Aug 2012 03:06:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.504
X-Spam-Level:
X-Spam-Status: No, score=-2.504 tagged_above=-999 required=5 tests=[AWL=0.095, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iIFcdu+A5u5S for <roll@ietfa.amsl.com>; Mon, 13 Aug 2012 03:06:46 -0700 (PDT)
Received: from asmtp2.iomartmail.com (asmtp2.iomartmail.com [62.128.201.249]) by ietfa.amsl.com (Postfix) with ESMTP id D2F9121F86B1 for <roll@ietf.org>; Mon, 13 Aug 2012 03:06:45 -0700 (PDT)
Received: from asmtp2.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp2.iomartmail.com (8.13.8/8.13.8) with ESMTP id q7DA6eal009427; Mon, 13 Aug 2012 11:06:40 +0100
Received: from 950129200 (dsl-sp-81-140-15-32.in-addr.broadbandscope.com [81.140.15.32]) (authenticated bits=0) by asmtp2.iomartmail.com (8.13.8/8.13.8) with ESMTP id q7DA6cSW009393 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Mon, 13 Aug 2012 11:06:39 +0100
From: Adrian Farrel <adrian@olddog.co.uk>
To: 'Abdussalam Baryun' <abdussalambaryun@gmail.com>, roll@ietf.org
References: <CADnDZ8_iguRy6wixyNRTXbn+P=OXQyU2zS07onx2A+DpJmU=3g@mail.gmail.com>
In-Reply-To: <CADnDZ8_iguRy6wixyNRTXbn+P=OXQyU2zS07onx2A+DpJmU=3g@mail.gmail.com>
Date: Mon, 13 Aug 2012 11:06:36 +0100
Message-ID: <088001cd793b$5376ac10$fa640430$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJdeXfQiWEpiGaXjedUdhvHXXEVf5Y3gKFw
Content-Language: en-gb
Cc: tzeta.tsao@cooperindustries.com
Subject: Re: [Roll] draft-ietf-roll-security-framework returned to working group.
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: adrian@olddog.co.uk
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/roll>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Aug 2012 10:06:46 -0000

Yeah, hi.

I think the thing you are missing is that it had become "impossible" to resolve
the final Discuss. Of course, as described in the references you cite, Discusses
must be "resolvable", but the work to resolve this Discuss is considerable and
results in a significant set of documents being produced.

The issue was as follows:

- During processing of draft-ietf-roll-rpl there was a Discuss that said
   (approximately) "You haven't done enough security work".
   The response was: "Don't worry, it will show up in the security 
   framework"
- However, the security framework (this draft) simply passes the
   buck to other future drafts.
- The Discuss says "show me the security work"

There was an option to keep this document hanging on while that security work
was done, or to put in place the plan (as explained by Michael) to run a series
of documents that will together comprise the security details for RPL. In that
plan, this document is reworked to be a Threat Analysis simply be removing some
of the text, and polishing a little. It will then be re-issued, run through the
WG and completed.

The I-D did not expire until I marked it "Dead" in the data tracker. That action
was in agreement with the chairs and as part of the plan for the set of security
documents.

Thanks,
Adrian

> -----Original Message-----
> From: roll-bounces@ietf.org [mailto:roll-bounces@ietf.org] On Behalf Of
> Abdussalam Baryun
> Sent: 12 August 2012 15:09
> To: roll@ietf.org
> Cc: tzeta.tsao@cooperindustries.com
> Subject: Re: [Roll] draft-ietf-roll-security-framework returned to working
group.
> 
>  I thought that this informational draft had in 2011 enough position
> to pass (subject to resolve discuss position), also not sure why the
> draft left to expire while it had a new version in 2012 without any
> discussion from January until July [1].
> 
>  There was no abstain or objection positions, but discuss positions,
> meaning things can be fixed [2-3]. Am I missing some thing?
> 
> [1] http://www.ietf.org/mail-archive/web/roll/current/msg06615.html
> [2] http://www.ietf.org/mail-archive/web/ietf/current/msg68450.html
> [3] http://www.ietf.org/iesg/statement/discuss-criteria.html
> 
> Regards
> Abdussalam
> 
> >
> > This document has sat in IESG Evaluation::AD Followup for 467 days.
> >
> > The blocking issue has been that the document does not actually provide any
> > security guidelines or mechanisms, and RPL itself (RFC 6550) is also sadly
> > lacking.
> >
> > Michael Richardson and I sat down with Stephen Farrell (Security AD) and
> > cooked
> > up a plan to generate some useful security documents for RPL. Inevitably
> > this
> > will introduce more delay, but at least there is a plan that we might manage
> > to
> > execute. Michael has introduced the plan to the WG and there seems to be
> > support.
> >
> > Part of this plan involves pulling draft-ietf-roll-security-framework back
> > from
> > the IESG, returning it to the WG, and re-casting it as a threat analysis
> > (something it does quite well at the moment).
> >
> > Thus, this document is returned to the working group for further work.
> >
> > Thanks,
> > Adrian
> >
> >
> _______________________________________________
> Roll mailing list
> Roll@ietf.org
> https://www.ietf.org/mailman/listinfo/roll

v2.23.0 | Report a Bug | By Email