IETF Logo Mail Archive

[saag] Re: New Version Notification for draft-rsalz-crypto-registries-00.txt

Peter Gutmann <pgut001@cs.auckland.ac.nz> Thu, 28 November 2024 01:01 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01D70C1D5C4E for <saag@ietfa.amsl.com>; Wed, 27 Nov 2024 17:01:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.007
X-Spam-Level:
X-Spam-Status: No, score=-2.007 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.auckland.ac.nz
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O1qxBelm0c-y for <saag@ietfa.amsl.com>; Wed, 27 Nov 2024 17:00:57 -0800 (PST)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01on2146.outbound.protection.outlook.com [40.107.107.146]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A060BC1D52E5 for <saag@ietf.org>; Wed, 27 Nov 2024 17:00:57 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=WSuNoCuwXe7uRAYs5Ocjme0qMlnJakOjJ17yAABQ1h1VrzMSlkHZtXCtU2ELl8wgfOUMlamnNN/D3EjLZBUmKKjDhVj6rgwxxWdWQQKHr0YkXCG4Pch4bbGxPAXR9klBYTIa9TEEy93NaK6beSBXfd3QlLQrDCH9d+L9/s1JMAgILG+5WO6suc4jgi5bNq34beydZYRLCSMe1bxqIjPOjIHny6nafvNpWEkiDywORotwG3CVWMn7h8WKInRWentJX19eWrbcAr7SA86KdhFj7WeCvd4iXBE4HB45X9x438McbCDSEoOeMUG7d5goyl/i5mSRkqQOvtrYIigqqZgO4w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=X8KOH3XkFdLMoN3WJSBySRS9nQFILPG3IfMyYd4/sdk=; b=JwsvQ9eIQN3oeEDgkhcsX5hp2jP5SsuHYZLG59bCHM7aox3hxnQnpwGqKCC4UtCmToQcTbRJ0KMr++VoBtJyTR1ynoOuvkuEjZIfVHF4hgEnWUrb98fG41hvOPyA2vw0bd50gfWU6lvNA0kenkwdyhytmWXygV/pEMULvTL0jXXmXPdN6zSbEWhTxn5X/akPcJibJWC6ANe48AUdQ7kYjZZ7TaG9gCN6ige91J0+IK2wbyPoXaWQ6CN3x+7kEH6nSKMbQtT4nzylOxljDtFHVmdshhUik/ocjivxEkdBRCSmp0tCujLq+UosJ8TkBlrPY6/ycIsi4gORa3wP6ib2Yw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.auckland.ac.nz; dmarc=pass action=none header.from=cs.auckland.ac.nz; dkim=pass header.d=cs.auckland.ac.nz; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.auckland.ac.nz; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=X8KOH3XkFdLMoN3WJSBySRS9nQFILPG3IfMyYd4/sdk=; b=jpPI7oaWx3opX5aSpqm5cg1Hhp99QHbV2F+lFtYa49SPyqSgiez4GwiylhrRqrqlyxDCExZuTUE1siaWaVxhLSTbapsSb3lIz+lywI6bJjE3+J2nM/RKSrnHLikN92/OtxgG1SvaYD45pKBdJE8THd3qt1lqYR0FxkXEhB3bZHujp449yeszNyzVhJHGCJgu8KoJTYt+jl0Jze2NwSqv+zHQP8kr/V061iXJ+6PhnW1njMcEawWaHPFlioVUHSOn7AasakgBUN8R1aofS9kUwBSEtvhbkJH+oPEUwzXgKuukdJu4WilJMTd1fQoYxEAiRcocYmZtXGhRE3N/WxaCgg==
Received: from SY8P300MB0711.AUSP300.PROD.OUTLOOK.COM (2603:10c6:10:295::14) by SY7P300MB1420.AUSP300.PROD.OUTLOOK.COM (2603:10c6:10:2c2::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8182.20; Thu, 28 Nov 2024 01:00:51 +0000
Received: from SY8P300MB0711.AUSP300.PROD.OUTLOOK.COM ([fe80::92f2:d152:ed85:d49f]) by SY8P300MB0711.AUSP300.PROD.OUTLOOK.COM ([fe80::92f2:d152:ed85:d49f%6]) with mapi id 15.20.8207.010; Thu, 28 Nov 2024 01:00:51 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Tero Kivinen <kivinen@iki.fi>, Damien Miller <djm@mindrot.org>
Thread-Topic: [saag] Re: New Version Notification for draft-rsalz-crypto-registries-00.txt
Thread-Index: AQHbNqmf2XdRrMWI7k2A32UPzDPO97K3Odb+gAKvZYCAEYTsgIAAPNGAgABJUGE=
Date: Thu, 28 Nov 2024 01:00:51 +0000
Message-ID: <SY8P300MB0711C796AB6095C788556516EE292@SY8P300MB0711.AUSP300.PROD.OUTLOOK.COM>
References: <BE95E617-C929-43BA-BB40-41E189A8158B@akamai.com> <87ldxl5zp9.fsf@kaka.sjd.se> <26424.40383.605711.370013@fireball.acr.fi> <71bcb4f8-e147-a6cb-3c67-b6daef61f309@mindrot.org> <26439.33533.129915.244853@fireball.acr.fi>
In-Reply-To: <26439.33533.129915.244853@fireball.acr.fi>
Accept-Language: en-NZ, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.auckland.ac.nz;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SY8P300MB0711:EE_|SY7P300MB1420:EE_
x-ms-office365-filtering-correlation-id: afbceb62-810b-43dd-2cbc-08dd0f481ac3
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|38070700018;
x-microsoft-antispam-message-info: M0UKOaFq51h4ciHMxxiEdJ9DX7n2Y9v3axglUPavWsL+ZykOvyqmyiOhDYW/stsE1CoSPGeyPZtHeT65d/5/O7S803OnOugXaBCFf5bH4u5+Wt40aghZ+ej04T1lLDkMzxuQmHnLpJRQyIOWVJirsYb7kCG2nQWSSi8wA/+2fE+vLS4yJIRROsuOsn3JiebWR9bVyfrKnSdHpCCyHGoWPtKyp1nFQna2S27TVqn6gvzlljn57A6A3lnLFckUAalgTbeu/vPV0QV1nb51ZJjsFDTNil933XOKac1tJk96G+nh1xgaK+pFHuQ6u8R3ZTaJ9SaxnBYTnY/1mgWaeT6aTHtXWf7uziwecUVB5XqcBfNF1TosE+BxULEtGKR5D+leuhHKyAqHIMng/P+HSxB6DIrCOTjSHLpj5LvWl3zUlNCOdrOUUYInr1GEvBQlTzYsxWrJaJ5SxzGv1PzsMCHdVUpFqeWUid6CqDi9TEiCM9okYrfsQ5VRMfimjOkqllsIIQnCtbEDNgogZ/TTHFUXKRf+1x6sQwxT69uyVptIbyT0FUSQDtTOfAogXETvQbVex+CBUkrcoXUQAn6ZimELeX9SeGJJyFhkJcUuoepnuh/eaM+NxGu37aoxqnNigLfCWjbpxxyrvbzgJxYEMq9PlwDTw3GQ8ZLDsT/0ApndlOZ7x4eFfdSHhpN0dpmhY021MlJToqt1sj+JAu+RizB+76NtezYhMU55IKYR+eTmxzfgYKaMCKMZGY4ex2C/jR+3jk1IGgHxEmwTJSzF6PdIPutlB1u6rEpIsqs57lXSgC0tTgb8/4NfXdO2322vwcZqLi15KLkAxsG2Y535H8nR8AOYDwWA18V/jzaR1ak0LFNP/WNyf9MZDTE2jnkVet+c6yqFBeVMO/kRjz6p21x2HUO6/LSmNbRgi29pm2nxYZm9c5CKSXnZPh1D8P7ha3OjRj0WDY5qfLJpHuBQtzTUd092ImQaDSOcnQVa3tDorG7Ncq3mIAr/rvQUWzVkNxV6SNzXx8NMFSavKImGNlnQNGCoP7MnH5vIJTZPdrunDgtJopv96PUWEYCbTK9h4Lbe3eLz/HhicxaneVpu+u+hXD0V/67xKywdD2CWCN239F5aad5+/wgvUbJGGO3qRNSdlOFq/QMvHlEmOVl7u4JKdxlcwPkHwGZ9c5/FUJFSR/5OV04GFKfAEwWOP/mf9GNhktUK4PYpSp6ZhyuWEbEJKwEXLHmqL35pXzjXVmz/LrMWwvdHZOQYGGSNBIef8udlcgiJPeYBVPiNuVYFYp64gUyoWWj57NF0ZJvM+uLHWTNFpw1Zlpbg7IUkzxYKflSwMQBvWZu+oALAZVvhS0BI5j637srAdGnKOsJhjj6YpF1bgQ9TvDIQNjpwxLo9cF8PNzf7S8X0ox6LDTroWyituA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SY8P300MB0711.AUSP300.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: JKXwL7uos5eX5zdpHRX0Qkwx0OamoweInkmQBzTxEOCyFy2R+dyHS7z7njroiC7ImEo19hWh3Sx8YnRjm573uB+pFhoPKoLHoXq7kFt/WHg8vNS2tRBysP5Ak6ko37IBuE1K82PYG80Ycbcw0N4qOp0UWuD3cMCfweOokCJMg6AG7mIlHEymIT8wQLxF85lYPoeg+15ZygYzWYgCRVlzOuX6bRRNpsplbMy9pFCc03QJN6F6EAmYbNd7JJP7ABrpdLQhgo9fuymiO3xfZN4us+EGX+7wn0KLh1bK3Z4rhnCxF6YDrBqDEN3Kn+LD6XGLGmZI8T1D5LWBa/udnUGhteX6r7m+6pTlLEdFJ4Udcu6X6em6mMFTa0j22D3x0C+n+WPmgR+P34llYtSrHtR4PGsNknNsQcfZzSOZF+OvMZlCH6A+gQMQnkLDvcri++CE/epdlV4TL/qu3kH1YscxycsbN4347nvNReAbFH/743I0vjkthJPbY5hcQK9NBfPqTBZU8DdWEo3TlxHB8w9OnpY886bLR5tWuVQrSII2PWL7CPb+EcAaGjRJIrrAKu+K/MPsfjWA61WU24YRKKOrJGYI0mvLfhm/e7dlXOKYEXlOozCpW3g6HJmSksdoSlN3Ji8gEOSKNIeRb0AR+fzoZeD7SR1lEmT8h2fHIyfjWPDHtpLggrXRNWmOZxVAIyoOCzdmk4R9WRBA51RzHCYTWn9DoAVfa9G6EgzuOizb8HtsrsyBdpxgnqNUA2+BOnAGiItocrQH9XdNond387VAmocr9okXnodb4g9ioV4A6a8eVlVFGl0kAY+jW69ni8oBeZ+Va4Qm9kp71KzHyPKncBI4c3Hepui1SUEbejpe1DBxdwSkFUdT1EZwvgFnx0TCyU/Kqm2s52RemjJ5nApPJ9dcXUeIInVsYBRHuTqJMbZnE312HQZy5qnUDipUlMq6rdV7SGQbs15M1Q6mI9hRaFLz51uazgiYH1TxTrPnR7rhjK+MQSyo02Th9c1HXwtRLjbObq77AxyDOPpWH1OFRkVgtUN1l60dhUCtlZH/MLWiIs+aSWBl4McC12kYHF/RDF7KURgqxxZZQqVytcg7qrMpZi8Wa+nj/XBHKsW+1ne7gBkdl6TlBkp2O2KjL2xbA491EImqdeyILQOWUJgGn7v+fMdhL3YCD7QRL8Vqd8ovM908uvwD72igM6TEvVl7LX8A+mJl7DBXzqpniNq0IPWq2ZrQ3oAV8Ytz4YPmG/U1K4h5omNwmYqpX8lqRoABPXvrQTJmRp+1KRrccVi3wuqOgarB1++7OlEOdEIb+gkSPs3fazzBhEqJC2dgsjW/VCxFfkv5H6zirlL5/YLeBzb3a3TghMYPbgdIGIvKjXwMgtFYMx3/U7RCDhhEFJ18qMuU1sWI9/KeYWbiTwn8QaZzoc1DiH4Gk0yLZRtWxOpgL1fmTmA+Ae61+OWiwW3aFjUsC6iHd1uZNmQIfGyyWmrbek0V3hoDRuQ8k61ch6LjOFLHICfIh6s8Ttwu/dKXAvzlm7h6smw6xPgZg5pW2LjgA45BXGVSYMDdoPzGvy1ZQXoKDrtay3CUNXzH4PdUELEkgUDLmGzX0KNEw+fKBg==
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY8P300MB0711.AUSP300.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: afbceb62-810b-43dd-2cbc-08dd0f481ac3
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Nov 2024 01:00:51.7376 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 0NI7QvxvBFWtvKXGf2uFkddIbevipYvhcYuYlqCeiEdKFrP5jtmsrPDQPT4MK+7JZtONb2zVfR5j6wUpkWssr5FiAzJ5LAYlE689qRyZpnY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY7P300MB1420
Message-ID-Hash: ZH3PBF6KBBYH7W25MAKFU5JOVU4CGATE
X-Message-ID-Hash: ZH3PBF6KBBYH7W25MAKFU5JOVU4CGATE
X-MailFrom: pgut001@cs.auckland.ac.nz
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-saag.ietf.org-0; header-match-saag.ietf.org-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>, "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, "saag@ietf.org" <saag@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [saag] Re: New Version Notification for draft-rsalz-crypto-registries-00.txt
List-Id: Security Area Advisory Group <saag.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/WcHkxdABlolLXgWe5-omY1cK8uI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Owner: <mailto:saag-owner@ietf.org>
List-Post: <mailto:saag@ietf.org>
List-Subscribe: <mailto:saag-join@ietf.org>
List-Unsubscribe: <mailto:saag-leave@ietf.org>

Tero Kivinen <kivinen@iki.fi> writes:

>When someone (like openssh) creates a new thing with foo@openssh.org, they
>should include the documentation of that either on their web page, or inside
>the source distribution etc. Not everything needs to be an RFC, and most of
>those things that are defined that way are quite simple to document.

Ahh, no, this leads to the current mess where one of the OpenSSH folks invents
something, posts it (without any public review) to the bottom of a locked
filing cabinet stuck in a disused lavatory with a sign on the door saying 
"Beware of the Leopard", it gets added to the de-facto standard SSH
implementation that everyone has to be compatible with leading to a scramble
to find out where it's specified and how you're supposed to implement it, and
then a later scramble to patch it when the security vulns from the lack of
public review are discovered.

Looking at it from the other side of the fence, given the incredibly laborious
and painful process of getting anything through the IETF (ISO standards are
often considerably quicker and easier to do than IETF, and that includes the
time for translation into French) I have some sympathy for the folks who
choose to do it this way even if I don't really agree with what they're doing.

Peter.

v2.29.0 | Report a Bug | By Email | System Status