Re: [secdir] Security review of draft-ietf-dnsop-onion-tld-00.txt

Barry Leiba <barryleiba@computer.org> Sat, 29 August 2015 12:32 UTC

Return-Path: <barryleiba@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C49F31B32B4; Sat, 29 Aug 2015 05:32:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lYndkhh74UT3; Sat, 29 Aug 2015 05:32:59 -0700 (PDT)
Received: from mail-vk0-x22f.google.com (mail-vk0-x22f.google.com [IPv6:2607:f8b0:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06FD31B3A85; Sat, 29 Aug 2015 05:32:28 -0700 (PDT)
Received: by vkhf67 with SMTP id f67so20439479vkh.1; Sat, 29 Aug 2015 05:32:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=I7x9SwnM9y6O0iCkzPl9WjElzLNPtQjYQMwQRnyBpRY=; b=X4vDeZQ//jM4epYkHAYc/ctNQH6El4mogWnuzugBbYShTOmwowsBaHPYFZ0FDOYZTo Vwqr9/9sdaHdEOa9Xz7szQl2iYloTboxriMTvyrj2q6oaqR6u9srZxosME8U27n+aXEV rUi96CQwZe1/sNjrTa45JLRygbQjEfShIrCLALP8GCrNnGkJnFbDJbtlZRLLPopxhTIT gpAOzZcXXi7+6puiqzaHpVqNPQt0knrHnZxdqTrw7OSViCeuSM2wKNWby1GCffoRGdga p0xlL+A6FEGnjdAfSWY7s80B5h4ghESGmUtdflGQTu1raz53jvCRuJeiWvbx6cFmQt45 I0hw==
MIME-Version: 1.0
X-Received: by 10.52.184.163 with SMTP id ev3mr2079183vdc.63.1440851547215; Sat, 29 Aug 2015 05:32:27 -0700 (PDT)
Sender: barryleiba@gmail.com
Received: by 10.31.88.196 with HTTP; Sat, 29 Aug 2015 05:32:27 -0700 (PDT)
In-Reply-To: <E178C22F-11F1-4FD7-89CC-5B2F8D1F3C44@mnot.net>
References: <007601d0c2c3$7615b610$62412230$@huitema.net> <CAHbuEH7RSdDmJK3i0e0W+kW0TSsbCNqQx7S+ZKp1Zx+7-uRjhw@mail.gmail.com> <841F8AF6-D800-4232-A900-7FB3872DE1D7@fb.com> <CAHbuEH66yK9JqnnK4UnoC1wtkL1d6S-JeL5twx6izM9o-R_BNg@mail.gmail.com> <CALaySJLD7WQG_2Zj2bU1_1TvTOVtVnw+YdirupFX5eAYu4CVOA@mail.gmail.com> <E178C22F-11F1-4FD7-89CC-5B2F8D1F3C44@mnot.net>
Date: Sat, 29 Aug 2015 08:32:27 -0400
X-Google-Sender-Auth: V_xCiA9ZAR4dYQRg4X1T1-jhZSs
Message-ID: <CALaySJJ59Xr5qZhtUDqm2eOWrOy6CAz5Ee9tsM=rLHu_dmmMJg@mail.gmail.com>
From: Barry Leiba <barryleiba@computer.org>
To: Mark Nottingham <mnot@mnot.net>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/Dz1dde3mqHgJjCkyU-IaoSegOA0>
Cc: secdir <secdir@ietf.org>, Alec Muffett <alecm@fb.com>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "draft-ietf-dnsop-onion-tld.all@tools.ietf.org" <draft-ietf-dnsop-onion-tld.all@tools.ietf.org>, The IESG <iesg@ietf.org>, Brad Hill <hillbrad@fb.com>
Subject: Re: [secdir] Security review of draft-ietf-dnsop-onion-tld-00.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Aug 2015 12:32:59 -0000

>> I'd rather have people reviewing the latest version, rather than
>> re-raising things that were already discussed and addressed.
...
> If the IESG would like to set a clear, unambiguous policy about this, I'm
> sure it would be welcomed; personally, I've heard advice both ways, and
> have not yet figured out how to make everyone happy.

I know, and I agree that we need to give clearer, consistent advice on
this.  Let's see if the IESG can get internal consensus on it, and go
from there.

In the meantime, the best thing is to let your individual responsible
AD say what her advice is for the particular document at the
particular time.  That way, you're not second-guessing that AD's
preference.

Barry