IETF Logo Mail Archive

Re: [secdir] [Last-Call] Secdir last call review of draft-foudil-securitytxt-08

Benjamin Kaduk <kaduk@mit.edu> Sun, 29 December 2019 03:31 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A1EE12022A; Sat, 28 Dec 2019 19:31:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g-QPX3Aub56V; Sat, 28 Dec 2019 19:31:07 -0800 (PST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3213120227; Sat, 28 Dec 2019 19:31:07 -0800 (PST)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id xBT3V264021081 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 28 Dec 2019 22:31:04 -0500
Date: Sat, 28 Dec 2019 19:31:01 -0800
From: Benjamin Kaduk <kaduk@mit.edu>
To: Randy Bush <randy@psg.com>
Cc: last-call@ietf.org, secdir@ietf.org
Message-ID: <20191229033101.GE35479@kduck.mit.edu>
References: <157720267698.19361.11750709876624228448@ietfa.amsl.com> <CAAyEnSOx-MH0Ua6o9j-zMKwLktvYGXzBUw1ZkuO49BWD+1yxRQ@mail.gmail.com> <24070.38156.658126.30539@fireball.acr.fi> <760F7FE4-B10B-42FA-B3FF-0F73BEFEC953@akamai.com> <F73568E4-2AD0-4C9F-AD03-EBA831D569AB@nohats.ca> <CACsn0c=KkDzwXYMzWW88_OcX8GpJ92e3yrXeWR=v0SdQRYzxFQ@mail.gmail.com> <m2sgl4i92o.wl-randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <m2sgl4i92o.wl-randy@psg.com>
User-Agent: Mutt/1.12.1 (2019-06-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/YG0vxjN0nBwKy5uhSoElAN1e6ns>
Subject: Re: [secdir] [Last-Call] Secdir last call review of draft-foudil-securitytxt-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Dec 2019 03:31:10 -0000

Hi Randy,

On Sat, Dec 28, 2019 at 10:44:31AM -0800, Randy Bush wrote:
> > Right now the standard is begging on twitter for a chain of
> > introductions.
> 
> and it works, i am embarrassed to say.  and one hears about outages on
> the ops lists before one sees the automatic outage detector reports.
> sitting across the hudson, i heard of the wtc attack on nanog almost two
> minutes before it came on television.

I do hear many stories about twitter letting people get in touch with the
right organizational contact; a lot of them even "make the news" for some
definition of "news".  I wonder if they remain newsworthy because achieving
success is far from guaranteed, whether by "traditional" methods or by
twitter.

> these half-assed "the market demands something" panaceas provide false
> solutions we have to clean up later; emphasis on that last clause.
> rwhois anyone?  the highway is littered with whitepages roadkill.  today
> there is a massive problem with authority in the IRR (which some RIRs
> throw in with whois); and retrofitting a solution is now years in blah
> blah blah.
> 
> no one is asking for the perfect over the good.  but it is our
> obligation, before putting the ietf stamp on it, for it to be as good as
> we can reasonably get for the time.  this proposal is not, as has been
> enumerated time and again as it has been shoved through the process over
> objections.
> 
> imiho, tero's review stands.

I do note the second 'i', but I have to say that to me, "shoved through the
process over objections" sounds like a pretty serious process violation
that ought to be remedied.  I'd like to better understand what you see as
the process violation (if any) here, so that I can try to remedy it.  I
note that the IETF LC period is still open, and I am closely reading all
the feedback (e.g., including Paul Hoffman's note that arrived a bit after
yours) and will make an assessment of whether there is IETF consensus to
publish the document based on the feedback received during the last call.
(Which is to say, I do not consider consensus to be a foregone conclusion.)

Thanks,

Ben

v2.23.0 | Report a Bug | By Email