IETF Logo Mail Archive

Re: [saag] SSH & Ntruprime

Michael StJohns <msj@nthpermutation.com> Wed, 10 April 2024 16:58 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62253C14F6A0 for <saag@ietfa.amsl.com>; Wed, 10 Apr 2024 09:58:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.894
X-Spam-Level:
X-Spam-Status: No, score=-6.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ul7b6rQuBlHy for <saag@ietfa.amsl.com>; Wed, 10 Apr 2024 09:58:13 -0700 (PDT)
Received: from mail-qv1-xf2e.google.com (mail-qv1-xf2e.google.com [IPv6:2607:f8b0:4864:20::f2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99321C1CAF26 for <saag@ietf.org>; Wed, 10 Apr 2024 09:57:52 -0700 (PDT)
Received: by mail-qv1-xf2e.google.com with SMTP id 6a1803df08f44-699320fcbc1so42325016d6.3 for <saag@ietf.org>; Wed, 10 Apr 2024 09:57:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20230601.gappssmtp.com; s=20230601; t=1712768270; x=1713373070; darn=ietf.org; h=in-reply-to:from:content-language:references:to:subject:user-agent :mime-version:date:message-id:from:to:cc:subject:date:message-id :reply-to; bh=YOvIW+ewn06M1+gNTd/Fjo46B0C7cr7LtTXxPfrE+dY=; b=X5TDdcO/A+7QP6if2JUMHE9+LzTHYTAx3XIRZp30GpR2SI1rFC9mgx5Gj2kFv+gIUa 1lINi0BkmmCeJeSmR83b3ZNiEWbFWzSbXeJRUWDY7yrAt34BC9aWrAA86nfaP8QxbihE IfAM8sUgVGAZM9j7uucj1ne0S3q2JKe0ZrmM+glxkGxLsYSTdzOABm28ec7hC9AAqLPC 5PCYioAScPpE57TbvF2dN9fz7uzELdopQyL10CEmmmfvtUzJswMR1sKF2jhWmBD9BSiS O3ugT+6OckQbbBL/uIlrPJy6BzBaJIGf7J2oQNx2f6C7//QTEXDZJLnBbbE8JuXZ7tbh L/pg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712768270; x=1713373070; h=in-reply-to:from:content-language:references:to:subject:user-agent :mime-version:date:message-id:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=YOvIW+ewn06M1+gNTd/Fjo46B0C7cr7LtTXxPfrE+dY=; b=RYQmlG7b3ayLJHn0rdaSCGcVOrlnC87qB6Zile37AuIB2q59Bdw60X5oA+6YC7EO01 9+yp7VNusGY34Yd7ho3m5ndwtGKSq17I6QvdUKpI8nAwdlAxzkCJMYX/tg1ZKHYX9Ddm fQaHRAD4JawgEt1oLnj1G6tHURNThBZGP30vJJnL6kRGWIMqB5ig9I++Gdu+6irScXca 9nIF+VPRhNoDTswNZ+kzrY9OvzqaTkLb7WshsaH6piCem58zYKYsQuGpbGvt1taMYYm9 lMtzc2MmN3OIPG5/RvMwEq4W8wEosvXuheKs/uQKN8zuVZwEXLFSN+/Fd04PptVAFfoN gxuA==
X-Gm-Message-State: AOJu0YwtpRKuHadVRLKjss/rf0zC3896T+sReyosqLnd0JxovTfjMQ5j +g2XzZUZGBxUSnwKp0l0r9OUGolmFhMVrz5QuzdVbucI/1sRKZwCpu3Z2awYExdt/6bv+wPO560 z
X-Google-Smtp-Source: AGHT+IE3BPy884oFpvQZlbozPw3Hq5df0NcJkb750sMpXwvFiilNHqlAaMP61seCECBho/1DS3oRFQ==
X-Received: by 2002:ad4:5aa7:0:b0:69b:aa1:791c with SMTP id u7-20020ad45aa7000000b0069b0aa1791cmr3991038qvg.39.1712768270180; Wed, 10 Apr 2024 09:57:50 -0700 (PDT)
Received: from [192.168.1.23] (pool-108-31-156-76.washdc.fios.verizon.net. [108.31.156.76]) by smtp.gmail.com with ESMTPSA id x13-20020a0ce0cd000000b006960f65e08esm5299883qvk.132.2024.04.10.09.57.49 for <saag@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 10 Apr 2024 09:57:49 -0700 (PDT)
Content-Type: multipart/alternative; boundary="------------F0G0NIjfVEMzr30PCL3dCXCg"
Message-ID: <9da5e8a6-b329-41cd-89c1-4423f6739341@nthpermutation.com>
Date: Wed, 10 Apr 2024 12:57:48 -0400
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: saag@ietf.org
References: <05D73B77-ECFB-43E9-A2A8-00D46F63FC32@aiven.io> <20240405162821.1801419.qmail@cr.yp.to> <CAGL5yWaJXRDyiQ=w2XJcoFhCQ3JDriqO+jAcOKz7J4kW2PY=uw@mail.gmail.com> <87o7ahzi8c.fsf@kaka.sjd.se> <CABcZeBO-_k3pTsLAqOm3c5F8Cnbnd1mtdpuaoQicoCRBLPZLLg@mail.gmail.com> <d2bd2378-4de4-4426-b2f4-fbcff6de5d2a@cs.tcd.ie> <CABcZeBPtRoGg=diFd2MjRXn0SD+KMJSC65ROe55SpsdcLL_m_g@mail.gmail.com>
Content-Language: en-US
From: Michael StJohns <msj@nthpermutation.com>
In-Reply-To: <CABcZeBPtRoGg=diFd2MjRXn0SD+KMJSC65ROe55SpsdcLL_m_g@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/aOj14vMMWedZxJs-uK-DXbjrBoc>
Subject: Re: [saag] SSH & Ntruprime
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Apr 2024 16:58:17 -0000

On 4/10/2024 12:07 PM, Eric Rescorla wrote:
>
>
> I'm not proposing to push them away. I'm saying that that documentation
> does not require an RFC but rather that an ID is fine.
>
> -Ekr


Hi Ekr -

Saying an "ID is fine" does not make it so.

Let me ask a few clarifying questions which you haven't as yet answered:

1) If you're going to use the ID as a stable reference, do you use the 
entire name of the ID (including the version) or just a reference to the 
datatracker page?  What is the stable reference - a url to the text, 
pdf, html, xml version?  Where is this model documented?

2) If the ID changes (and hence there are later versions in the 
datatracker), is IANA required to track those changes?  Or was the ID 
that was current when the code point was assigned always and forever the 
document to which the assignment refers?

2a) Are you aware that for the existing ID refs in the IANA registry, 
the IANA makes its own copy?  And that for at least one ID ref, the copy 
in the registry is at least one version behind the current datatracker 
info - e.g. already obsolete?

3) If an ID - (draft-someone-mydraft-05) is abandoned and someone else 
picks it ups and runs with it under their own name 
(draft-someoneelse-samecontentasmydraft-00), is the IANA expected to 
track that?  Or is the new author expected to make their own non-stable 
reference request for a new code point?  Or is there a policy that lets 
them overwrite the existing registration?  [[NB - we don't do this with 
RFCs because RFCs have that nice "obsoleted by" "updated by" set of tags 
that allows us to figure out if the codepoint behavior has changed in a 
controlled manner]]

4) Let's say that someone gets tired of all of the ID mess and decides 
to make it an RFC, is a new code point necessary?  I ask because this 
seems different from the general early-assignment policy where we 
know/knew that the ID was planned to be ephemeral.

5) Has the LLC committed to never moving the datatracker from the 
current URL?  And maintaining the current naming scheme? Or can this 
disappear like ftp.ietf.org and tools.ietf.org already have?

So if you want IDs to be stable references, write an RFC that addresses 
at least all of the above, and get community buy-in in the form of RFC 
BCP publication.  Doing anything else is lazy and will be fraught with 
misunderstandings.

Later, Mike

v2.23.0 | Report a Bug | By Email