IETF Logo Mail Archive

[saag] Re: New Version Notification for draft-rsalz-crypto-registries-00.txt

Eric Rescorla <ekr@rtfm.com> Sat, 30 November 2024 01:37 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FC02C151710 for <saag@ietfa.amsl.com>; Fri, 29 Nov 2024 17:37:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CpiiB00sHEzB for <saag@ietfa.amsl.com>; Fri, 29 Nov 2024 17:37:20 -0800 (PST)
Received: from mail-yw1-x1132.google.com (mail-yw1-x1132.google.com [IPv6:2607:f8b0:4864:20::1132]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADCA0C14F706 for <saag@ietf.org>; Fri, 29 Nov 2024 17:37:20 -0800 (PST)
Received: by mail-yw1-x1132.google.com with SMTP id 00721157ae682-6eeb31b10ceso19962127b3.1 for <saag@ietf.org>; Fri, 29 Nov 2024 17:37:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1732930640; x=1733535440; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=sPWwm9hcFGD4oxmAhrSKN6scesZY5KFc2z0188OVMSE=; b=VTcVl0vMbrIaCHCvyueHrvI05TTBeZuWs2so1fpjuWH4Tr6PKd8NSiSEFWA6kdFzgz FwMKJXYE2XF/Nzw0jAonI6KERXNRkiH3U8EoUrl68220tr/H2ChzGBbx9nJiIsgaEVTV b2AtffGDQQ0G0MDr+L2E75U5bPbtLCaBSYa+Zn59SAySaUgk0fKpWyDIoMV0K25KHgRo aAqsTzAkDy6SXV2NKT9lOZUhPYviXCgxreXZasdrpjCIplUVzlysNdyxq2GEhP9ro0ui z5nkrOrEgygIMHuUTfkjlKwVODMJ4M1t9aBE0AnFQ+WC29y7kASClJRGvVm9Lw/IBteZ yEkg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732930640; x=1733535440; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sPWwm9hcFGD4oxmAhrSKN6scesZY5KFc2z0188OVMSE=; b=nKk4buiWhxeaJjO8Wh1Rc8/fOFuHryI9uJ37+IKOdFppj1ylAeLOT42q5xLjZzzWj2 Qadxion4hTtvgAMRcvkuO/GEsIhSuwi6ypXbCg7GK4jD9lgzwv5+L0IIlYcbHjckxUkz Inx/gwhpGkFG/OLZuwtrfrDwFoH6rgrZtdYku0XOe6giy7lcYo5bXil6ycl1Qu8w8UMn 10AwTo8uRNoO1oQ6Xl1KSHOQN6WoBK+BrU6eXzEW7HTV38nbFQS5Pdx4Rt/5zCiec36e G13h1gLYxAQ4A6z3aQXUTccfpeYdRqI2y8bNzRZTRgbBRp1yl6l48REq+3E90F29a6p7 ciXA==
X-Forwarded-Encrypted: i=1; AJvYcCWJyfMzVt5R2/zEjzMBfgz1h6/KrbhH/cZtuclE3w73TFMvO5uDrlIOdljHBcUMBF+K4wxE@ietf.org
X-Gm-Message-State: AOJu0YzKP9fUlRBxJFMYkS32fHRpPiAbmW4kbSlAHcsSn2mi027bh2hP DD+/MZEU7IgbB7wkysZDhEjm5rPNZk5HCzYQSp7iB3e5Hs4FXNn/sJkK4rguYWu2NZ2x3097JO+ 8KCn5e/3KKyrcb/3zM01DimKLT6+gIuvoL3Gupw==
X-Gm-Gg: ASbGncs0BJdiZ4+7Le/idPjmWy/ROI8kwn7rt8xWNQvZhMmMBUD0AlEjWGE/A0jUQwX aPnQPekYkT4yzmeugY97NQdJZ9PLcDfjnOA==
X-Google-Smtp-Source: AGHT+IH5Blh/KyBoK1Rll4VgEiXTcKMJ4By5Yuw5wGhQo4SgIudbnTadlBIECdpRs8Pyz+XK6YsMj7haqxewJqoNdNQ=
X-Received: by 2002:a05:690c:6e0c:b0:6ec:b108:8b43 with SMTP id 00721157ae682-6ef371eb8b2mr139720597b3.9.1732930639908; Fri, 29 Nov 2024 17:37:19 -0800 (PST)
MIME-Version: 1.0
References: <BE95E617-C929-43BA-BB40-41E189A8158B@akamai.com> <87ldxl5zp9.fsf@kaka.sjd.se> <26424.40383.605711.370013@fireball.acr.fi> <71bcb4f8-e147-a6cb-3c67-b6daef61f309@mindrot.org> <26439.33533.129915.244853@fireball.acr.fi> <SY8P300MB0711C796AB6095C788556516EE292@SY8P300MB0711.AUSP300.PROD.OUTLOOK.COM> <15450.1732763286@obiwan.sandelman.ca> <3029EB03-6E7A-47CB-9682-F511CB51EE17@akamai.com> <10065.1732826193@obiwan.sandelman.ca> <CACsn0cmWVeFdJ3dzMj5SV4XpJF4rssULtfQ1moeefoq-Evhk=g@mail.gmail.com> <CAGL5yWb=tLvMOYFKT3ffVbcy7BAD=i4B0VHEUdkvwRvZ3X3Bsw@mail.gmail.com> <m2mshh4v8l.wl-randy@psg.com>
In-Reply-To: <m2mshh4v8l.wl-randy@psg.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 29 Nov 2024 17:36:00 -0800
Message-ID: <CABcZeBMjxNbBMYU2p3_a8-5VCExgmY-7XLof7die05YOEX-38A@mail.gmail.com>
To: Randy Bush <randy@psg.com>
Content-Type: multipart/alternative; boundary="000000000000366d560628175b32"
Message-ID-Hash: EECYX4JEOWYC2SJMWTJDH6W3HRWW5XEK
X-Message-ID-Hash: EECYX4JEOWYC2SJMWTJDH6W3HRWW5XEK
X-MailFrom: ekr@rtfm.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-saag.ietf.org-0; header-match-saag.ietf.org-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Paul Wouters <paul.wouters=40aiven.io@dmarc.ietf.org>, IETF SAAG <saag@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [saag] Re: New Version Notification for draft-rsalz-crypto-registries-00.txt
List-Id: Security Area Advisory Group <saag.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/IObJed9eLJjkNOSqrFvpFq7_CzM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Owner: <mailto:saag-owner@ietf.org>
List-Post: <mailto:saag@ietf.org>
List-Subscribe: <mailto:saag-join@ietf.org>
List-Unsubscribe: <mailto:saag-leave@ietf.org>

On Fri, Nov 29, 2024 at 12:54 PM Randy Bush <randy@psg.com> wrote:

> < rant >
>
> >> A draft may be stable.  The spec in the draft is not.  Authors
> >> may choose to update that spec at any time.  Therefore, if
> >> implementers are looking for spec stability, drafts are the wrong
> >
> > As long as the code points are references by versioned drafts,
> > this is not an issue. We are looking at the few cases where this
> > was done using an unversioned draft and working with IANA to
> > resolve those.
>
> it is not about control, our delicate egos, blah blah blah
>
> standards are for the *users* so that we have vendor/implementation
> choice.  the screw from vendor A must fit the nut from vendor B.
> this would seem to require long lived immutable documents.  to
> create them is why we go through the review process from hell.  as
> eliot points out, internet-drafts do not make that bar, period.
> neither does github.
>

I fear that this rant (your words, not mine) manages to elide a lot of
context.

To recap, the situation is that many IETF protocols allow the use of
multiple
algorithms, which are indicated by code points drawn from a given namespace
[0].
The IETF defines and standardizes some algorithms and registers them in
the namespace. Those specifications of course go through the IETF review
process that you are referring to, with the associated interoperability
benefits
(at least ideally).

However, it is also frequently the case that vendors wish to register their
own algorithms and get an associated code point even if there is little or
no
interest in the IETF in standardizing those algorithms. There are a number
of possible responses to that type of request, including but not limited to:

1. No, you can't register
2. You can register, but only meeting a certain minimum bar, either in terms
    of technical quality (this seems OK) or document quality (this seems
    to be documented sufficiently to allow interoperability), or both. This
might
    be something like a light WG review or more likely Expert Review.
3. You can register without meeting any quality bar at all (e.g., FCFS).

In my opinion, the IETF has three primary interests here:

1. Ensuring that there are not conflicting usages of a single code point.
2. Efficiently using IETF resources to promote IETF work.
3. Ensuring quality and interoperability even for proprietary protocol
extensions.

However, these points are in tension: ensuring quality of proprietary
extensions
requires that the IETF spend time reviewing documents even when there
is no real interest in standardization, as well as withholding code point
assignments
from vendors while we review the documents. This costs IETF resources and
also runs the risk that vendors will just use code points without
registering
them ("squatting"). Moreover, in my experience vendors are often quite
resistant
to changing their specifications in response to this kind of review (again,
we're
talking about cases where we're not standardizing), so now everyone is
spending
a lot of time on a mechanism which won't really change, even if it's not
very good.

For this reason, some WGs (TLS, QUIC, etc.) have decided to instead
make it very easy to register code points with only limited review, thus
minimizing the use of IETF resources at the cost of providing no real
guarantees for non-standardized mechanisms. The question then becomes
what the minimum documentation ought to be for these code point
registrations.

I actually think a reasonable case could be "none", on the theory that
we're
not trying to ensure quality at all for these mechanisms, but so far what
these WGs have settled on is that some document must exist, but that
the Experts do not really need to review it for completeness. What we're
discussing
here is to a great extent whether that largely unreviewed document needs to
be an RFC or not. Obviously, YMMV, but I think in that case the arguments
you are offering for why said document needs to be permanent and immutable
(leaving aside that I don't really agree with your characterization of the
properties
of I-Ds and GitHub) are quite a bit weaker

-Ekr

[0] This is a specific case of a more general class of extensibility
mechanisms.

v2.29.0 | Report a Bug | By Email | System Status