Re: [secdir] Security review of draft-ietf-dnsop-onion-tld-00.txt

joel jaeggli <> Sat, 29 August 2015 21:16 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 52C6A1B3861; Sat, 29 Aug 2015 14:16:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=unavailable
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id umROKRHVZbUf; Sat, 29 Aug 2015 14:16:27 -0700 (PDT)
Received: from ( [IPv6:2001:418:1::81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0E7B21B37D7; Sat, 29 Aug 2015 14:16:27 -0700 (PDT)
Received: from mb.local ([IPv6:2601:647:4200:7a31:143b:716:a08f:81ad]) (authenticated bits=0) by (8.14.9/8.14.9) with ESMTP id t7TLGAgJ046081 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sat, 29 Aug 2015 21:16:11 GMT (envelope-from
To: Mark Nottingham <>, Barry Leiba <>
References: <007601d0c2c3$7615b610$62412230$> <> <> <> <> <>
From: joel jaeggli <>
X-Enigmail-Draft-Status: N1110
Message-ID: <>
Date: Sat, 29 Aug 2015 14:16:09 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Thunderbird/40.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5UkCekP1UdpVMaSPfWANFjJwxBNUlFKi4"
Archived-At: <>
Cc: secdir <>, Alec Muffett <>, Kathleen Moriarty <>, "" <>, The IESG <>, Brad Hill <>
Subject: Re: [secdir] Security review of draft-ietf-dnsop-onion-tld-00.txt
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 29 Aug 2015 21:16:28 -0000

On 8/29/15 3:10 AM, Mark Nottingham wrote:

> If the IESG would like to set a clear, unambiguous policy about this,
> I'm sure it would be welcomed; personally, I've heard advice both
> ways, and have not yet figured out how to make everyone happy.

Well... you can ask me. imho the situation looks like the following to me.

I think it's fine to have the discussion, propose the updates and hold
the draft update till the end; or to roll a new version as the product
of the discussion. The former runs the risk of accumulating a discuss
either from me or from another AD due to something that "really needs to
be addressed" prior to exit from iesg review. the later that we need
more time, if it comes shortly before thursday. ( the call is now at
0700 pacific) so it's extremely unlikely that I will manange to
re-review something submitted late wednesday evening.

I'm kind of waiting on the update to the iana language I asked for on
8/15 and that is a barrier to publication, but I expect we know what
it's going to say in that respect already so I'm not going to hold up
the dicussion on that...


> Cheers,
> -- Mark Nottingham