Re: [saag] SSH & Ntruprime
Michael StJohns <msj@nthpermutation.com> Wed, 10 April 2024 16:58 UTC
Return-Path: <msj@nthpermutation.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62253C14F6A0 for <saag@ietfa.amsl.com>; Wed, 10 Apr 2024 09:58:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.894
X-Spam-Level:
X-Spam-Status: No, score=-6.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ul7b6rQuBlHy for <saag@ietfa.amsl.com>; Wed, 10 Apr 2024 09:58:13 -0700 (PDT)
Received: from mail-qv1-xf2e.google.com (mail-qv1-xf2e.google.com [IPv6:2607:f8b0:4864:20::f2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99321C1CAF26 for <saag@ietf.org>; Wed, 10 Apr 2024 09:57:52 -0700 (PDT)
Received: by mail-qv1-xf2e.google.com with SMTP id 6a1803df08f44-699320fcbc1so42325016d6.3 for <saag@ietf.org>; Wed, 10 Apr 2024 09:57:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20230601.gappssmtp.com; s=20230601; t=1712768270; x=1713373070; darn=ietf.org; h=in-reply-to:from:content-language:references:to:subject:user-agent :mime-version:date:message-id:from:to:cc:subject:date:message-id :reply-to; bh=YOvIW+ewn06M1+gNTd/Fjo46B0C7cr7LtTXxPfrE+dY=; b=X5TDdcO/A+7QP6if2JUMHE9+LzTHYTAx3XIRZp30GpR2SI1rFC9mgx5Gj2kFv+gIUa 1lINi0BkmmCeJeSmR83b3ZNiEWbFWzSbXeJRUWDY7yrAt34BC9aWrAA86nfaP8QxbihE IfAM8sUgVGAZM9j7uucj1ne0S3q2JKe0ZrmM+glxkGxLsYSTdzOABm28ec7hC9AAqLPC 5PCYioAScPpE57TbvF2dN9fz7uzELdopQyL10CEmmmfvtUzJswMR1sKF2jhWmBD9BSiS O3ugT+6OckQbbBL/uIlrPJy6BzBaJIGf7J2oQNx2f6C7//QTEXDZJLnBbbE8JuXZ7tbh L/pg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712768270; x=1713373070; h=in-reply-to:from:content-language:references:to:subject:user-agent :mime-version:date:message-id:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=YOvIW+ewn06M1+gNTd/Fjo46B0C7cr7LtTXxPfrE+dY=; b=RYQmlG7b3ayLJHn0rdaSCGcVOrlnC87qB6Zile37AuIB2q59Bdw60X5oA+6YC7EO01 9+yp7VNusGY34Yd7ho3m5ndwtGKSq17I6QvdUKpI8nAwdlAxzkCJMYX/tg1ZKHYX9Ddm fQaHRAD4JawgEt1oLnj1G6tHURNThBZGP30vJJnL6kRGWIMqB5ig9I++Gdu+6irScXca 9nIF+VPRhNoDTswNZ+kzrY9OvzqaTkLb7WshsaH6piCem58zYKYsQuGpbGvt1taMYYm9 lMtzc2MmN3OIPG5/RvMwEq4W8wEosvXuheKs/uQKN8zuVZwEXLFSN+/Fd04PptVAFfoN gxuA==
X-Gm-Message-State: AOJu0YwtpRKuHadVRLKjss/rf0zC3896T+sReyosqLnd0JxovTfjMQ5j +g2XzZUZGBxUSnwKp0l0r9OUGolmFhMVrz5QuzdVbucI/1sRKZwCpu3Z2awYExdt/6bv+wPO560 z
X-Google-Smtp-Source: AGHT+IE3BPy884oFpvQZlbozPw3Hq5df0NcJkb750sMpXwvFiilNHqlAaMP61seCECBho/1DS3oRFQ==
X-Received: by 2002:ad4:5aa7:0:b0:69b:aa1:791c with SMTP id u7-20020ad45aa7000000b0069b0aa1791cmr3991038qvg.39.1712768270180; Wed, 10 Apr 2024 09:57:50 -0700 (PDT)
Received: from [192.168.1.23] (pool-108-31-156-76.washdc.fios.verizon.net. [108.31.156.76]) by smtp.gmail.com with ESMTPSA id x13-20020a0ce0cd000000b006960f65e08esm5299883qvk.132.2024.04.10.09.57.49 for <saag@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 10 Apr 2024 09:57:49 -0700 (PDT)
Content-Type: multipart/alternative; boundary="------------F0G0NIjfVEMzr30PCL3dCXCg"
Message-ID: <9da5e8a6-b329-41cd-89c1-4423f6739341@nthpermutation.com>
Date: Wed, 10 Apr 2024 12:57:48 -0400
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: saag@ietf.org
References: <05D73B77-ECFB-43E9-A2A8-00D46F63FC32@aiven.io> <20240405162821.1801419.qmail@cr.yp.to> <CAGL5yWaJXRDyiQ=w2XJcoFhCQ3JDriqO+jAcOKz7J4kW2PY=uw@mail.gmail.com> <87o7ahzi8c.fsf@kaka.sjd.se> <CABcZeBO-_k3pTsLAqOm3c5F8Cnbnd1mtdpuaoQicoCRBLPZLLg@mail.gmail.com> <d2bd2378-4de4-4426-b2f4-fbcff6de5d2a@cs.tcd.ie> <CABcZeBPtRoGg=diFd2MjRXn0SD+KMJSC65ROe55SpsdcLL_m_g@mail.gmail.com>
Content-Language: en-US
From: Michael StJohns <msj@nthpermutation.com>
In-Reply-To: <CABcZeBPtRoGg=diFd2MjRXn0SD+KMJSC65ROe55SpsdcLL_m_g@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/aOj14vMMWedZxJs-uK-DXbjrBoc>
Subject: Re: [saag] SSH & Ntruprime
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2024 16:58:17 -0000
On 4/10/2024 12:07 PM, Eric Rescorla wrote: > > > I'm not proposing to push them away. I'm saying that that documentation > does not require an RFC but rather that an ID is fine. > > -Ekr Hi Ekr - Saying an "ID is fine" does not make it so. Let me ask a few clarifying questions which you haven't as yet answered: 1) If you're going to use the ID as a stable reference, do you use the entire name of the ID (including the version) or just a reference to the datatracker page? What is the stable reference - a url to the text, pdf, html, xml version? Where is this model documented? 2) If the ID changes (and hence there are later versions in the datatracker), is IANA required to track those changes? Or was the ID that was current when the code point was assigned always and forever the document to which the assignment refers? 2a) Are you aware that for the existing ID refs in the IANA registry, the IANA makes its own copy? And that for at least one ID ref, the copy in the registry is at least one version behind the current datatracker info - e.g. already obsolete? 3) If an ID - (draft-someone-mydraft-05) is abandoned and someone else picks it ups and runs with it under their own name (draft-someoneelse-samecontentasmydraft-00), is the IANA expected to track that? Or is the new author expected to make their own non-stable reference request for a new code point? Or is there a policy that lets them overwrite the existing registration? [[NB - we don't do this with RFCs because RFCs have that nice "obsoleted by" "updated by" set of tags that allows us to figure out if the codepoint behavior has changed in a controlled manner]] 4) Let's say that someone gets tired of all of the ID mess and decides to make it an RFC, is a new code point necessary? I ask because this seems different from the general early-assignment policy where we know/knew that the ID was planned to be ephemeral. 5) Has the LLC committed to never moving the datatracker from the current URL? And maintaining the current naming scheme? Or can this disappear like ftp.ietf.org and tools.ietf.org already have? So if you want IDs to be stable references, write an RFC that addresses at least all of the above, and get community buy-in in the form of RFC BCP publication. Doing anything else is lazy and will be fraught with misunderstandings. Later, Mike
- [saag] SSH & Ntruprime Loganaden Velvindron
- Re: [saag] SSH & Ntruprime D. J. Bernstein
- Re: [saag] SSH & Ntruprime Harry Halpin
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Simon Josefsson
- Re: [saag] SSH & Ntruprime Loganaden Velvindron
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Orie Steele
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Jan-Frederik Rieckers
- Re: [saag] SSH & Ntruprime Orie Steele
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Orie Steele
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Melinda Shore
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime S Moonesamy
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Ira McDonald
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Simon Josefsson
- Re: [saag] SSH & Ntruprime Christian Huitema
- Re: [saag] SSH & Ntruprime Russ Housley
- Re: [saag] SSH & Ntruprime Orie Steele
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Loganaden Velvindron
- Re: [saag] SSH & Ntruprime Loganaden Velvindron
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Michael Richardson
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime Simon Josefsson
- Re: [saag] SSH & Ntruprime Mark Baushke (ietf)
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime D. J. Bernstein
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eliot Lear
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime S Moonesamy
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime Watson Ladd
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime Simon Josefsson
- Re: [saag] SSH & Ntruprime StJohns, Michael
- Re: [saag] SSH & Ntruprime Watson Ladd
- Re: [saag] SSH & Ntruprime Stephen Farrell
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime Watson Ladd
- Re: [saag] SSH & Ntruprime Michael StJohns
- Re: [saag] SSH & Ntruprime S Moonesamy
- Re: [saag] SSH & Ntruprime Eric Rescorla
- Re: [saag] SSH & Ntruprime D. J. Bernstein
- Re: [saag] SSH & Ntruprime Salz, Rich
- Re: [saag] SSH & Ntruprime Paul Wouters
- Re: [saag] SSH & Ntruprime D. J. Bernstein
- Re: [saag] SSH & Ntruprime Deb Cooley
- Re: [saag] SSH & Ntruprime Christian Huitema
- Re: [saag] SSH & Ntruprime Simon Josefsson