Re: [saag] SSH & Ntruprime
Eric Rescorla <ekr@rtfm.com> Thu, 11 April 2024 21:23 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23AFBC14CF0C for <saag@ietfa.amsl.com>; Thu, 11 Apr 2024 14:23:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Level:
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UZPbeyX1BpEp for <saag@ietfa.amsl.com>; Thu, 11 Apr 2024 14:23:39 -0700 (PDT)
Received: from mail-yw1-x1129.google.com (mail-yw1-x1129.google.com [IPv6:2607:f8b0:4864:20::1129]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13CFDC14F739 for <saag@ietf.org>; Thu, 11 Apr 2024 14:22:11 -0700 (PDT)
Received: by mail-yw1-x1129.google.com with SMTP id 00721157ae682-618509f818eso12015857b3.1 for <saag@ietf.org>; Thu, 11 Apr 2024 14:22:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1712870530; x=1713475330; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=CI1CuMguvSZOnyhnftd0cYTkghuCNeP7MJDa8EpkWyc=; b=Ql/NGPyjvTnXxaQz7qDNzALdYqNfxVBQS63bXRcwwH+q7hIFgWzrftfzdoJZb4mjFf NUf448hYAeJSJHf3Q4S8bLJVnrB71AuiEWfQLCFTHC7uAbHRenNFSHOb9w0AtIPRMOfA AVsuKTh8bf2CwrLLGj6XoHctK+vdvhOLU71YhALu8pHHtKVRl6X25yZZ3Mjzs6DwANAn 9WOp6B5akvP7OEt4stEl9P7CkXGKadIZbQMjKKtoFmJYYcov3t00CJFmB5HAsahHT3b4 +WZJ3YQjBaC9lBY5mZkUI3Gqo97k98zoPwzexU8qAkYzXQ9iaoJsXWnwY0sxTJxqfbWQ 8Npw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712870530; x=1713475330; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=CI1CuMguvSZOnyhnftd0cYTkghuCNeP7MJDa8EpkWyc=; b=Dt0V0SCkgh413RCKr/Xezw0JxNlV8pqR63hCTnfZ8DYF99wfNIcmousSXFpwMmoTAV Y4OlMoW79Y+MvzZSkS1Wny9nmZfsCCJotLaybKLmqwwy91bkoycmTrW0O841eglUKqRF 9njDLGV4avAPwcJ7h7mbrzh3XefMNmYC6HkGz4+c1C6E+4PyfnZsObTOQ+uKzDLoK/m4 PfMDcVp7m9k+bpZVx1o5Wt4X0F3EbGMyuhIQPr+8nr+sHNThr/5zI3fRL6N74m0yYS1X rHXvtYuG8G6s/y06rm07jAYw64ko2dAmjtRnlcEZV2PcOqynR6OdxYeR0CDwqOQx5YiN E/Fg==
X-Forwarded-Encrypted: i=1; AJvYcCW8Jc2T/HNH5e6L1vG2tc/t03fpgZ4g5lEXpSk7wBRIbZiK5sU2EYDowCy2G10ftNEEM1un13UhsGPLLMU9
X-Gm-Message-State: AOJu0YxPcTzI6WL/r7emv0FkKhznJpNRGMJzeOl6TXBytjfRnc43eHYA IK9C4kqEj1G+6Q6yuaXist+AUpBVxtyXIhunNRxP8Eb9X3WgFJum4q6EqjmrtHMolPvyIyxM4QO GsKPu6R+VpzTQbNir9CjjfN2z1he2TCHR1bSUSA==
X-Google-Smtp-Source: AGHT+IEd5hSTGQ1RPP2DPmHswBrn+gt4G93bbH0Wh9KGOSTH+9n7koVOC+UNn8V8zErsr7Y6z3vLfUqyhQIsFAy+nrk=
X-Received: by 2002:a05:690c:f8d:b0:615:1ad1:d6e6 with SMTP id df13-20020a05690c0f8d00b006151ad1d6e6mr3960571ywb.16.1712870529881; Thu, 11 Apr 2024 14:22:09 -0700 (PDT)
MIME-Version: 1.0
References: <05D73B77-ECFB-43E9-A2A8-00D46F63FC32@aiven.io> <20240405162821.1801419.qmail@cr.yp.to> <CAGL5yWaJXRDyiQ=w2XJcoFhCQ3JDriqO+jAcOKz7J4kW2PY=uw@mail.gmail.com> <87o7ahzi8c.fsf@kaka.sjd.se> <CABcZeBO-_k3pTsLAqOm3c5F8Cnbnd1mtdpuaoQicoCRBLPZLLg@mail.gmail.com> <d2bd2378-4de4-4426-b2f4-fbcff6de5d2a@cs.tcd.ie> <CABcZeBPtRoGg=diFd2MjRXn0SD+KMJSC65ROe55SpsdcLL_m_g@mail.gmail.com> <9da5e8a6-b329-41cd-89c1-4423f6739341@nthpermutation.com> <CABcZeBN-Oy-vG=VYwqAmd=Fi7AWyp1pQPnMQMhe0-EzOPZwrsQ@mail.gmail.com> <7127f31a-bb6f-467a-aa67-55b46e7f95f2@nthpermutation.com> <3bef7fff-6a84-42ba-a2ee-a5e6bd60c816@cs.tcd.ie> <CANeU+ZDvWWd+HmtXx=4x0zgO6FNfeqwzybU+jjVHzFWqkgz2Rg@mail.gmail.com> <CACsn0ckmW9oSvUarqRYDVLJS6K-6_c2j7UhYTM6TpdYjr_GrQA@mail.gmail.com> <4148ae7e-80b9-4e24-8d61-a95882313600@nthpermutation.com>
In-Reply-To: <4148ae7e-80b9-4e24-8d61-a95882313600@nthpermutation.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 11 Apr 2024 14:21:26 -0700
Message-ID: <CABcZeBMusG+kTBsQstVbzRudSS1tH11B4u2bOr7ZvE7GrpQ9jA@mail.gmail.com>
To: Michael StJohns <msj@nthpermutation.com>
Cc: Watson Ladd <watsonbladd@gmail.com>, Security Area Advisory Group <saag@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007af6260615d8bf06"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/MsMl5Rcbrwd4Ct3lZHMO_E3psyw>
Subject: Re: [saag] SSH & Ntruprime
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2024 21:23:43 -0000
On Thu, Apr 11, 2024 at 9:26 AM Michael StJohns <msj@nthpermutation.com> wrote: > On 4/10/2024 10:07 PM, Watson Ladd wrote: > > According to the datracker, you were the document shepherd, but the shepherd report that Sean added to the tracker was done against the -03 draft (note the date of the report vs the post date of -04). The -04 draft was where the notes were added. None of the text in either the shepherd report nor the last call announcement text mentioned that IDs were now acceptable for Specification Required references. > > Why do you think that this applies to anything other than the > registries specifically named in the RFC? > Sincerely, > Watson > > Hi - > > Well context should have told you that the comment you snipped out was > specific to RFC8447, but still let's assume for argument's sake that it > wasn't completely clear: > > Not sure you read all of the thread, but a) 8447 refers to a specific set > of registries and rewrote the meaning of "Specification Required" for those > registries, b) EKR suggested that 8447 was enough of a precedent that this > new meaning could be carried to other registries > To be clear, my argument is *not* that this meaning can simply be adopted for other registries on the basis of RFC 8447. I agree that those registries would require their own RFCs. RFC 8447 is relevant in that this has worked well for TLS, not in that it empowers other experts to simply adopt that definition for Specification Required. It seems like your text below agrees with this analysis of the process (if not the merits of 8447), but I thought I should make what I am saying clear. -Ekr , c) I suggested that more work needs to be done before we give up on IDs > as "draft documents" and "to cite them as other than 'work in progress'" > and that RFC8447 was probably not vetted completely by the community for > this change - however limited. > > So - sort of? A well meaning participant could read 8447 and the related > registries and go "Ooooh - shiny - I want to do that too!" If that > document were as innocuous and registry boiler plate, its possible that > could make it through all of the filters that 8447 made it through. I'd > prefer that not happen without actually changing the process and resolving > what it actually means to cite an ID as a code point reference. > > So that's where we are. > > Or at least where I am. > > Mike > > (*sigh* too late to change the subject line - sorry should have been done > a long while back). > > > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag >
- [saag] SSH & Ntruprime Loganaden Velvindron
- Re: [saag] SSH & Ntruprime D. J. Bernstein
- Re: [saag] SSH & Ntruprime Harry Halpin
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Simon Josefsson
- Re: [saag] SSH & Ntruprime Loganaden Velvindron
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Orie Steele
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Jan-Frederik Rieckers
- Re: [saag] SSH & Ntruprime Orie Steele
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Orie Steele
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Melinda Shore
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime S Moonesamy
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Ira McDonald
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Simon Josefsson
- Re: [saag] SSH & Ntruprime Christian Huitema
- Re: [saag] SSH & Ntruprime Russ Housley
- Re: [saag] SSH & Ntruprime Orie Steele
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Loganaden Velvindron
- Re: [saag] SSH & Ntruprime Loganaden Velvindron
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime Simon Josefsson
- Re: [saag] SSH & Ntruprime Mark Baushke (ietf)
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime D. J. Bernstein
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime S Moonesamy
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Watson Ladd
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime Simon Josefsson
- Re: [saag] SSH & Ntruprime StJohns, Michael
- Re: [saag] SSH & Ntruprime Watson Ladd
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Watson Ladd
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime S Moonesamy
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime D. J. Bernstein
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime D. J. Bernstein
- Re: [saag] SSH & Ntruprime Deb Cooley
- Re: [saag] SSH & Ntruprime Christian Huitema
- Re: [saag] SSH & Ntruprime Simon Josefsson