IETF Logo Mail Archive

Re: [saag] SSH & Ntruprime

Michael StJohns <msj@nthpermutation.com> Mon, 25 March 2024 17:05 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0082DC15109A for <saag@ietfa.amsl.com>; Mon, 25 Mar 2024 10:05:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ibel_IW_x3HP for <saag@ietfa.amsl.com>; Mon, 25 Mar 2024 10:05:23 -0700 (PDT)
Received: from mail-qk1-x731.google.com (mail-qk1-x731.google.com [IPv6:2607:f8b0:4864:20::731]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C2085C15153F for <saag@ietf.org>; Mon, 25 Mar 2024 10:03:59 -0700 (PDT)
Received: by mail-qk1-x731.google.com with SMTP id af79cd13be357-789db18e24eso306973185a.1 for <saag@ietf.org>; Mon, 25 Mar 2024 10:03:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20230601.gappssmtp.com; s=20230601; t=1711386238; x=1711991038; darn=ietf.org; h=in-reply-to:from:references:cc:to:content-language:subject :user-agent:mime-version:date:message-id:from:to:cc:subject:date :message-id:reply-to; bh=ePc30D0x2/tl+AK/JNyhxVOJDtxhaycv1QDmzT/9A0M=; b=DQC+FUAfN/qxKfW6o7qECKkrkQjcjt2PBww3qXQXzkEeszZG0o61GCIb8d1mKvPgMz MjOAsaX8U1hIA8WlXTJR5WDn+9iSC6NxiZZF1rfzIZhp/mZVSbsuLRmKRVYiRy1grK9e 19T52H65V9STEEypExboe/4SPOOzhUYmnxHPl6plOnVD4Jb3R/twT+g7Oxp4A7AP/aL3 CaoSchnqlxpFTORZjBOPPjOq2N1kg3q69ghRRFKkHdl2pslx7q/OIseBFP36cfJBdhO6 +sOi7ppVdYbpiVCel/kByCAByk7EQHjl75mDanaoWP+1x91FlzvJBC6Pm5eyG53urml8 MxTA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711386238; x=1711991038; h=in-reply-to:from:references:cc:to:content-language:subject :user-agent:mime-version:date:message-id:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=ePc30D0x2/tl+AK/JNyhxVOJDtxhaycv1QDmzT/9A0M=; b=J7Ng+RgKxBUkS4jIduk4qSwV+wu4y9QR6kMzf5EdWACQpR3pLitMRoCBsMp9NLDNrk 4/E3qOXArr3bKuZwIi+Ud2p1iTxlh7fbgS4ctTA/u2etzAjC5naHzfPG24SikbWLkFQ6 wJcvrHoUuSQ2S7KjvnxjwneP8Jw/HwXyLQcRqi/rXKkpp3NkIW+gLokTgr7t/4In3kF/ oZiapdOrTd0G7GuxK7PZB0R4XFeqvfKHSeJdCmJyEMrh9KMbVPasCbtmZnCc6e8IdqjF Lj+jkDopmoPnbHHFE5y4vx4J6wZgCxAqz/b8qtZ+WmvyKKwmcZtkwtHU3dON9tGa9S/X Dcwg==
X-Gm-Message-State: AOJu0YzV1PBfuCGZ84znyS+aAj//FZM+mmOy25LNNprn2QHzAmb9kq+R Q/XjFgnAill/kMUjeTDWtbm/N7/66pYlVIsImDvhY3rBakff/g1u4U8ld+WX58Y=
X-Google-Smtp-Source: AGHT+IHshO72tyNpYtTU4C+wQAURtjcI2KurkgQFi2639mE5/XHlAuSZRpk/wG5gWElBIRi/adHxWg==
X-Received: by 2002:a05:620a:1356:b0:789:f76c:a02d with SMTP id c22-20020a05620a135600b00789f76ca02dmr7885663qkl.22.1711386238396; Mon, 25 Mar 2024 10:03:58 -0700 (PDT)
Received: from [192.168.1.23] (pool-108-31-156-76.washdc.fios.verizon.net. [108.31.156.76]) by smtp.gmail.com with ESMTPSA id z21-20020a05620a101500b0078a469ada0fsm2082536qkj.67.2024.03.25.10.03.57 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 25 Mar 2024 10:03:57 -0700 (PDT)
Content-Type: multipart/alternative; boundary="------------RnUAi0bJUoFonu1T9cCSz0QK"
Message-ID: <ab9552a0-9971-4ae6-a046-36ca8201c8f7@nthpermutation.com>
Date: Mon, 25 Mar 2024 13:03:55 -0400
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: Eric Rescorla <ekr@rtfm.com>
Cc: saag@ietf.org
References: <CABcZeBPWjXvLh06-DBO3Z0sfeb2hgzqzaSZ-J2-TZ7qesrSraA@mail.gmail.com> <CABcZeBPfXQckpZageogUxTYgX2j_Nr_O3bvf-a-x0S_82BHMxg@mail.gmail.com> <079A0AA3-FA02-440F-ABA0-6AF897570E86@sonic.net> <CABcZeBOxfYR+=61DV1XN0F9nrmbzLR2zq_ZvADw4UUy1uFafzw@mail.gmail.com> <8caa2d4d-bc80-4fcf-b8bc-839052371730@lear.ch> <CABcZeBMABJ89T0qY0-9C3xxd=mFfGyCh7_9GKbEUBm6JtR+_ng@mail.gmail.com> <6c491f5c-92da-4fb3-a8b1-da1de27b36a6@lear.ch> <CABcZeBN1w0QU6ug3LcMwC+hTMA_-iOs32FkZe+gpPuFrp1y+JA@mail.gmail.com> <64e81f68-5169-4469-b5a0-2851da912091@lear.ch> <CABcZeBOLKMJb5pw59J072FsfeMFcoz1eZYxa1qpXDLW0nAU0cg@mail.gmail.com> <7b4d38b8-b4c1-412b-8287-bd44d0c512a3@lear.ch> <CABcZeBOQYp49i_JjE7vdg6AjxwyvktW7LFTJ4Mh3jt0bmxxxDQ@mail.gmail.com> <CAN8C-_+QUpU2bTeSFmLB7v1qLirTXtypR2U7D54JeEaeKfSp+Q@mail.gmail.com> <CABcZeBNtE6PtEdmh-2rTC5y9U7yEL8JVNo1HMjZtOQw-DHjXQQ@mail.gmail.com> <88a1bb16-b0ef-49b3-a661-c343b4faa7a9@nthpermutation.com> <CABcZeBOo7e=jgrkMa4iXYy-x_2o6eZjTpEyezQiu7AKHk4ZhFQ@mail.gmail.com>
From: Michael StJohns <msj@nthpermutation.com>
In-Reply-To: <CABcZeBOo7e=jgrkMa4iXYy-x_2o6eZjTpEyezQiu7AKHk4ZhFQ@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/JkjODk3we7fcq6N0WItwxAhEtzs>
Subject: Re: [saag] SSH & Ntruprime
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2024 17:05:28 -0000

On 3/25/2024 12:25 PM, Eric Rescorla wrote:
>
>
> On Mon, Mar 25, 2024 at 9:22 AM Michael StJohns 
> <msj@nthpermutation.com> wrote:
>
>     Trimmed.
>
>     On 3/25/2024 12:06 PM, Eric Rescorla wrote:
>>
>>
>>     On Mon, Mar 25, 2024 at 8:28 AM Orie Steele
>>     <orie@transmute.industries> <mailto:orie@transmute.industries> wrote:
>>
>>         > Internet-Drafts (often referred to simply as "drafts") have
>>         no formal status, and are subject to change or removal at any
>>         time; therefore they should not be cited or quoted in any
>>         formal document.
>>         we are the ones hosting their drafts.
>>
>>
>>     Yeah, this seems pretty speculative.
>>
>>     Fortunately, we have a natural experiment here, because RFC 8446
>>     explicitly allows the registration of TLS code points based on
>>     I-Ds, so in five years I guess we can see how that worked.
>>
>>     -Ekr
>>
>     Hi -
>
>     I just took a look at RFC8446 and I can't find support for that
>     claim.
>
> My mistake, it's 8447. Muscle memory took over there.
>
> See https://www.rfc-editor.org/rfc/rfc8447#section-7
>
> -Ekr
>
I see it.  Thanks.

Orie - 
https://mailarchive.ietf.org/arch/msg/ietf/uuUJ6BiYGa0k-vtEltrXu482gSM/ 
has a discussion of the ephemerality of IDs from 2022 and might be 
applicable here.  This came up in the context of a document that had 33 
versions over 20 years.  And which was *finally* headed for 
Informational RFC status.  AIRC, the discussion was about how keeping 
the IDs around was good for IPR and for RFCDIFF, not as a stable 
reference for a specification.

While 8447 says what EKR says it says, I'm not sure this was done 
according to the general rules.

I'm not seeing a discussion of this added note in the voting history for 
RFC8447.  And I don't recall a general discussion of this on the IETF 
mailing list anytime in the last 10 years.  Of course, I'm old and my 
memory is fading :-).

Anyone have a reference to when the IANA started using that particular 
note and what the approval process was for it?  Is anyone aware of any 
other documents with this note?

Here's the note.

>     Note:  The role of the designated expert is described inRFC 8447  <https://datatracker.ietf.org/doc/html/rfc8447>.
>        The designated expert [RFC8126  <https://datatracker.ietf.org/doc/html/rfc8126>] ensures that the specification is
>        publicly available._*It is sufficient to have an Internet-Draft (that is posted and never 
> published as an RFC)*_  or a document from
>        another standards body, industry consortium, university site, etc.
>        The expert may provide more in-depth reviews, but their approval
>        should not be taken as an endorsement of the extension.

Thanks - Mike



>
>     The IANA considerations section refers to RFC8126 and only
>     "Specification Required" or "Standards Action" as the path to
>     registration.   Searching for "ID", "I-D", "internet draft" and
>     "Internet-Draft" doesn't get me anything.
>
>     AFAIK, "Specification Required" as defined in 8126 does not
>     include Internet Drafts, even under the heading of "informal
>     documentation" .  Maybe time to ask the IANA?
>
>     Later, Mike
>
>     _______________________________________________
>     saag mailing list
>     saag@ietf.org
>     https://www.ietf.org/mailman/listinfo/saag
>

v2.23.0 | Report a Bug | By Email