IETF Logo Mail Archive

Re: [saag] SSH & Ntruprime

Melinda Shore <melinda.shore@gmail.com> Mon, 25 March 2024 17:25 UTC

Return-Path: <melinda.shore@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C746FC14F5F1 for <saag@ietfa.amsl.com>; Mon, 25 Mar 2024 10:25:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SUfkJRnixYlC for <saag@ietfa.amsl.com>; Mon, 25 Mar 2024 10:25:02 -0700 (PDT)
Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B129C14F5EC for <saag@ietf.org>; Mon, 25 Mar 2024 10:25:02 -0700 (PDT)
Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-1e00d1e13a2so27358995ad.0 for <saag@ietf.org>; Mon, 25 Mar 2024 10:25:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1711387501; x=1711992301; darn=ietf.org; h=in-reply-to:autocrypt:from:references:to:content-language:subject :user-agent:mime-version:date:message-id:from:to:cc:subject:date :message-id:reply-to; bh=fdnrsANYViHWReyS5HU17hOCtzHQtwJjB7kdX0kiB6A=; b=Y1A/Y6JdCJAuR+r79ONTfkmr82M2/kH/atLyfb6fZTPWI8fyc44RcHCUlf9n/JWPy2 IbpYUhzZtfHljaPKjob9thO5N2/c6b91V6zN5u/qmlDIzpN+dnXtfrrMxNPiO7zLp0G4 FN45uPwv1sOSocfarJVyuGwXODtRZZGzqIqVMdGqsm0K4mXZAGIgmVP4Nlro64JyWKIw lYavUSKOuW5LzXA7m2OYHoTxdUC5rX9aT4OaH88n3kVhEr50hlg19We/gyE/wP0JUxbu 5p9Whv9qZQFxuiEmCOyGelQpi2t4r1PTxcK5Xk0KOCy14MH9qvh+nmXW7IlIUrCd6jHz /06w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711387501; x=1711992301; h=in-reply-to:autocrypt:from:references:to:content-language:subject :user-agent:mime-version:date:message-id:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=fdnrsANYViHWReyS5HU17hOCtzHQtwJjB7kdX0kiB6A=; b=bg73mtE6aXFJInY4Kq9KA2PVrsYehTqOUT6OMCGhz+GVZttlOrHG4UQWB9myNjBq1I Jnxj86grqGmVUdameeOke4pDzXi/8K2SJRTT4IKWHQqzbkylCX7WMp1+KX2Qii0atd1G G6teKm5ylHbF+Ai6940coEKPE9vSDGW9wUezGq4dvcADF+m8u6GOCfcO8RHVhmhDxHYS IWMY6FAfcPcS3LQbLrrsBhzn7M0P5u4vb+t3YE/sHI10UPmrE1J/cXVIl5bmnY5UN835 /UKJtBZKZ6EoJAEWX9sxGp+o8WBpd5X8LluugaKM3uhmxeLZQ0R2n4oM/Cyrvk2mbfZx XvQg==
X-Gm-Message-State: AOJu0Yym0SzryrEysm6s16jsImh/mR9fgly9s/UpntT36tfuRhykq9Gy +m/vZ67i93iXmVotM6myaZq+TunObdzt1ZmbwXPAsO1pz6jByiXg3WJXPHyL
X-Google-Smtp-Source: AGHT+IESH6jS23MV9ZXcb96h6fgyHwowsITeHhGbig5y4tA1JlBTKEc9pbEz4C77ahEjgGa+l8c6KA==
X-Received: by 2002:a17:903:1c8:b0:1e0:117d:b490 with SMTP id e8-20020a17090301c800b001e0117db490mr9620256plh.45.1711387501292; Mon, 25 Mar 2024 10:25:01 -0700 (PDT)
Received: from [192.168.1.111] ([63.140.70.76]) by smtp.gmail.com with ESMTPSA id i6-20020a17090332c600b001e0abeb8fb5sm4102361plr.271.2024.03.25.10.25.00 for <saag@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 25 Mar 2024 10:25:00 -0700 (PDT)
Message-ID: <bf19f37f-d8a0-40df-aafc-bea28fe9ec38@gmail.com>
Date: Mon, 25 Mar 2024 09:24:58 -0800
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: saag@ietf.org
References: <CABcZeBPWjXvLh06-DBO3Z0sfeb2hgzqzaSZ-J2-TZ7qesrSraA@mail.gmail.com> <AF7B6F32-9EE6-4810-A99A-833DEA917FA9@sonic.net> <CABcZeBPfXQckpZageogUxTYgX2j_Nr_O3bvf-a-x0S_82BHMxg@mail.gmail.com> <079A0AA3-FA02-440F-ABA0-6AF897570E86@sonic.net> <CABcZeBOxfYR+=61DV1XN0F9nrmbzLR2zq_ZvADw4UUy1uFafzw@mail.gmail.com> <8caa2d4d-bc80-4fcf-b8bc-839052371730@lear.ch> <CABcZeBMABJ89T0qY0-9C3xxd=mFfGyCh7_9GKbEUBm6JtR+_ng@mail.gmail.com> <6c491f5c-92da-4fb3-a8b1-da1de27b36a6@lear.ch> <CABcZeBN1w0QU6ug3LcMwC+hTMA_-iOs32FkZe+gpPuFrp1y+JA@mail.gmail.com> <64e81f68-5169-4469-b5a0-2851da912091@lear.ch> <CABcZeBOLKMJb5pw59J072FsfeMFcoz1eZYxa1qpXDLW0nAU0cg@mail.gmail.com> <7b4d38b8-b4c1-412b-8287-bd44d0c512a3@lear.ch> <CABcZeBOQYp49i_JjE7vdg6AjxwyvktW7LFTJ4Mh3jt0bmxxxDQ@mail.gmail.com> <CAN8C-_+QUpU2bTeSFmLB7v1qLirTXtypR2U7D54JeEaeKfSp+Q@mail.gmail.com> <CABcZeBNtE6PtEdmh-2rTC5y9U7yEL8JVNo1HMjZtOQw-DHjXQQ@mail.gmail.com> <976D3C37-F946-45D6-972E-4BC829BD3C7C@akamai.com>
From: Melinda Shore <melinda.shore@gmail.com>
Autocrypt: addr=melinda.shore@gmail.com; keydata= xsFNBFppZ0gBEADFwxAi5szDOsM/6+CH4pbYTX7D+2gjLY4xEE7ydQcAF1WVLvcWXrpZM0GO /eA4N1PJ+OT5o8o9zVr7izMJkiLwcnQmxHdlYgZ9E+Cm8hDtMyEPBQwsYTkE5kpbGCmBAZ+W rHNHjvDg366uZQHzJejenB1/V4+rxMZs1Ak34Az2MVOz9Doecaiadpw3NpH3+1VXY/qilqnM lznINSANqD0ktxB/CVKjxl3/K5JnVnLp0h2kiUqt19hQPX2JmLcgaHzu+Ceb34/HZWhs0CiF c4auhQ3A9PcccOprQh6IGW1xo6RP3OEbeRFqeovgBWS+DIWzMIM0a3G2LDid0889QYwEv0zZ RPDCcF3g15mlkeUUmwKQ6eAagPyTqLtTiOKULqy9bQahyX2eqlySrF+HqlwGeNoG+A4l1Z2Y S7NCBLPIzUk2RuSKMBaKw86ORzvg2Advrw4bdv7kbDkArGzywky61SEB/q+GqR466mekXx2F O+m8RuoSnWrBsKvD/bhELHcneorIBleGz+VL7i5adU0rIydG3jPTfUeXoCZIeNx1LannxnAR ihKdh5+FE26WiiK6VmZWkvFjaPFwWGjvAsi82Pd9QgHhnG/XzINpXw/3HF4wtBTU5nIExMzC +FbJxCPq1kXpqSxJqg7hgUFvD5jUD9lpN5Br/S2dUgJj95bbPQARAQABzSdNZWxpbmRhIFNo b3JlIDxtZWxpbmRhLnNob3JlQGdtYWlsLmNvbT7CwZcEEwEKAEECGwMFCQ2IJAUFCwkIBwMF FQoJCAsFFgIDAQACHgECF4AWIQRPaC2TKheW+CDyNMDfuJFymnbbjwUCZDxTTQIZAQAKCRDf uJFymnbbj6yfEACUfz4mrChuQ7tP8krkkp6LJt6yqS6Ht7m0AMLGfOe/TLv5/g2Bbv4GuRVs 3YCyYwbSQkTdDe5c2aQQCNCogbGGHlhuZaBrDwcBwsBP75RgLEVDOHz8FGlE6MtAO9T4iJIW idzyh5ikZg+rtvFcrpfP5AITf+nWLDG0QUCzAewyognQuPdhMDYZtz7XZWV7s6zMrIDNlejl IlvERzYB5uCTC2tmx1b4kzx49XP4aEm+iAD7CrKHNr5TWiihi2lgmHPXuMJQfLpVBl9BvRi1 1iwt9Uz0DtSUAoafHs4fjq1IV/hzfoBvh7OrdLFpWxrun8dkIAC2HjZYYIYpRBez066Q/Z67 8kkdCPaTwJn8Rb/PLjVq3cJe2MrfcyumoB9Nhw14Ko0QIZGbvEEieRNwwHryNv5UTOzPAo2J 9kJOc4Y1IQsTVEhKS+IhLrCXDAvMjbYn9WRvXo+yPzEGDQVvMQOQPIDyPJmZs5OQ46McdMov sfYT4o82qvRDZ/6tfrKcrnhdMbKnodc/e+QfD2+6P7zw5tVZVPC87DYCvxwK3mvnN4/du2fQ g/9sX/FhY2tQysivSooGeZSXSiRwHz31M+OSh+nSFd21jhZ6IeV/xlVFMLHTCmmpdq3PS8gQ JsVIDKD/xyPraTOgU5q2o1kepYVb18FvQT7eCZwo5vS53ZmfRM7BTQRaaWdIARAAoGbjNfII c0robr/p9JFslgnhFq8fRMtNxIBY+WpQbeefji793TrHcgRycY7XdHGUtV2imZYK9WGdDqUD b/1ssvLkltgWeochtUijff9TJnySzZ448WgUD+MmjMA3Ut8F+4aFmNfSKVT2R2A0d+RQIEpx v7OsHviDiEzNUyaDibOPsoHiuXQuy30aI/pZBB2K03IJWFbsLMithTc/7BfJCVtXxGRzOuqY Um4Qr8GxAlm2+Hgxl2ymWPdltUU0OVObXfAzC18mIqUKYa3KHkV6W9fA2zpxNFsCEFdMgYHP 604lLf8FY2rHdUa7AjwUAv7ifmR5J769jKMSFgQbEbSmBxuumji/pw1fF9Zorheo+HM7b4Jn aq8Dx6QClcYX8HfxuLLjQbp2MOP5AFfW9vnonV+XptzbTzzZf6jY7JhB0Bp/+SSkR0b0LNMr ooFw4TdjdJHqB62xghPJMgP3fNy+xPXfeYbH9ycaUc5nmk83vjaXCGl+bl3SjmggYy7cdbTq wwOF1+2N52PsGimWGt0bwu8rpRSYin2Fg0q4lnkF3F49OqfB+rxerMvS3l/cUUY0yO6gxxcc LjECChqoLn17cbtKccXDKl0xFD2Z8VFlL7hY42LxJrTvdvjrfzbqLVfCb0T8INjp2IzCaHVN V+4cxLPHY7YGRvrdxRBit4tRCVEAEQEAAcLBfAQYAQoAJhYhBE9oLZMqF5b4IPI0wN+4kXKa dtuPBQJkPFNNAhsMBQkNiCQFAAoJEN+4kXKadtuPbw4P/3XswONGyZL4hyczKAI8FpwFM8cH Chgw6N0qG80KbG/yWewJimXKvpqoROrOd5AHJDco38/FIPMOlz+wno0UV2+VLDyHabGPhwll oyJ1aOz92gDu7KZYMaAN99BmmDeCztaxLDlvWqU4YCTInNY4d2nGPQMVNY5X0IAOkG19iY7m TOaYZ2K702cgIHmB2gO+EJdyzjDhv2AJUOYMOrSzL9zb2jVo88PmVfLg/CNuoiG6/pjVR3ri 67EhxeQuuakyMd6aHX9WQwtPTPXVJXQI1zQ2hQ0deS3Hfa+thMmOvuTm4QxKMB8ZV59/sg2H EUhiptaJQCgO49Qh9RrIpi3SoWmIM9euBOQPLkmOSSY4zp0GepYMEcvS5RD7dn5Ayi/16iG6 EzndvD2SpulH+6+Eo5cxM7h9cuF3qyXTNDKDZASAGvqetHpl2pJMbVN4ltnmJJ46P0h9H0gH OLZmKTowdWI9YHfgg0z+SvvKI9xHAjuPsntitpC7yiYS/FuUTHI0yiSkvPjMUzNUgmUg1ZSI kgakEpvJIpeIUfVJ5228Dh3x5eZdsHmOMcvD5ubmtj21fLnU6vOQhbwvb3gVVafBpFci04ZK LFOttBd4+3kjA1pykXIbKRH1pbvpZ5Tf7xl+/YfTNUwyBxcQwpAJMyyvbjN3wBIRD9DwxYSH iGfPgwFv
In-Reply-To: <976D3C37-F946-45D6-972E-4BC829BD3C7C@akamai.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------XCqHjJKniOzflFXWOXcswF0x"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/8oCQkN-atcXmmeAY5IBCDVv_Nyk>
Subject: Re: [saag] SSH & Ntruprime
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2024 17:25:02 -0000

On 3/25/24 9:04 AM, Salz, Rich wrote:
> As for whether an Internet-Draft is acceptable, the IETF community 
> decided some time ago that drafts do not get deleted, so they meet the 
> requirements. This is also a good thing for several reasons. For 
> example, several of the examples I quoted above would not come to the 
> IETF if they had to write an RFC. Even if they do come, things change – 
> SPDY becoming QUIC for example – so should we not register SPDY? Also, 
> not every individual or organization has the wherewithal to have 
> long-lasting links to documentation, and in many cases the IETF would 
> probably prefer those things be kept as an IETF resource.

When things are moved or deleted it's not, unfortunately, commonly
the case that people check to see what depends on the reference.  So
I think that would be an argument for keeping supporting documents
for stuff that's assigned an IANA codepoint in the IETF namespace.
I'm unconvinced that requires publication as an RFC.

Bibliographic description assumes that new editions or revisions of
a document (or thing being cataloged) can be released, which is why
it includes elements like edition number, date, publisher, etc.,
and it seems to me that if the goal here is to associate an IANA
mumble with a definition of its use, an internet draft is probably
sufficient.  The assignments of these codepoints don't represent
any sort of assurance about the quality, stability, etc. of the
associated protocol, and it seems odd to me to require much beyond
expert review and an identifier that's highly likely to be stable for
the instance of the document that was used for the review.

Melinda

-- 
Melinda Shore
melinda.shore@gmail.com

Software longa, hardware brevis

v2.23.0 | Report a Bug | By Email