IETF Logo Mail Archive

Re: [secdir] [Last-Call] Secdir last call review of draft-foudil-securitytxt-08

Randy Bush <randy@psg.com> Sat, 28 December 2019 18:44 UTC

Return-Path: <randy@psg.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1ACA412011E; Sat, 28 Dec 2019 10:44:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lWSRJ2LpTYrs; Sat, 28 Dec 2019 10:44:33 -0800 (PST)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 924E112010C; Sat, 28 Dec 2019 10:44:33 -0800 (PST)
Received: from localhost ([127.0.0.1] helo=ryuu.rg.net) by ran.psg.com with esmtp (Exim 4.90_1) (envelope-from <randy@psg.com>) id 1ilH4h-0000PD-Qo; Sat, 28 Dec 2019 18:44:32 +0000
Date: Sat, 28 Dec 2019 10:44:31 -0800
Message-ID: <m2sgl4i92o.wl-randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Watson Ladd <watsonbladd@gmail.com>
Cc: secdir@ietf.org, Rubber Stamp <last-call@ietf.org>
In-Reply-To: <CACsn0c=KkDzwXYMzWW88_OcX8GpJ92e3yrXeWR=v0SdQRYzxFQ@mail.gmail.com>
References: <157720267698.19361.11750709876624228448@ietfa.amsl.com> <CAAyEnSOx-MH0Ua6o9j-zMKwLktvYGXzBUw1ZkuO49BWD+1yxRQ@mail.gmail.com> <24070.38156.658126.30539@fireball.acr.fi> <760F7FE4-B10B-42FA-B3FF-0F73BEFEC953@akamai.com> <F73568E4-2AD0-4C9F-AD03-EBA831D569AB@nohats.ca> <CACsn0c=KkDzwXYMzWW88_OcX8GpJ92e3yrXeWR=v0SdQRYzxFQ@mail.gmail.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/26.2 Mule/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Be9_SXoTZmGFeuJ5z4H6oI0ze4M>
Subject: Re: [secdir] [Last-Call] Secdir last call review of draft-foudil-securitytxt-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Dec 2019 18:44:35 -0000

> Right now the standard is begging on twitter for a chain of
> introductions.

and it works, i am embarrassed to say.  and one hears about outages on
the ops lists before one sees the automatic outage detector reports.
sitting across the hudson, i heard of the wtc attack on nanog almost two
minutes before it came on television.

these half-assed "the market demands something" panaceas provide false
solutions we have to clean up later; emphasis on that last clause.
rwhois anyone?  the highway is littered with whitepages roadkill.  today
there is a massive problem with authority in the IRR (which some RIRs
throw in with whois); and retrofitting a solution is now years in blah
blah blah.

no one is asking for the perfect over the good.  but it is our
obligation, before putting the ietf stamp on it, for it to be as good as
we can reasonably get for the time.  this proposal is not, as has been
enumerated time and again as it has been shoved through the process over
objections.

imiho, tero's review stands.

randy

v2.23.0 | Report a Bug | By Email