[Secdispatch] Re: [Alldispatch] [dispatch] Re: IANA policies "... with expert review" (Re: IETF-Wide Dispatch – Call for topics)

Carsten Bormann <cabo@tzi.org> Mon, 27 May 2024 06:42 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DF94C14F614; Sun, 26 May 2024 23:42:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yfpqzlPx6dGl; Sun, 26 May 2024 23:42:36 -0700 (PDT)
Received: from smtp.zfn.uni-bremen.de (smtp.zfn.uni-bremen.de [134.102.50.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86D34C14F685; Sun, 26 May 2024 23:42:28 -0700 (PDT)
Received: from smtpclient.apple (eduroam-0315.wlan.uni-bremen.de [134.102.17.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4VnmKY5sxhzDCbj; Mon, 27 May 2024 08:42:25 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.600.62\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <948B28ECBEDAA82302196237@PSB>
Date: Mon, 27 May 2024 08:42:14 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <458EF10A-34CD-4C0D-AC83-E236872777C6@tzi.org>
References: <CADNypP-t3r_978s3ZgrpBmwV1g9mMrWuHqqibAKSgvEA==j8Pg@mail. gmail.com> <886F613C-D942-4D07-879C-817BFC74455A@tzi.org> <CAF4+nEEaObL_KtwfoaMu9EJm1NUtC0x=9t2yY1FFsQ3=KwdrQA@mail.gmail.com> <948B28ECBEDAA82302196237@PSB>
To: John C Klensin <john-ietf@jck.com>
X-Mailer: Apple Mail (2.3774.600.62)
X-MailFrom: cabo@tzi.org
X-Mailman-Rule-Hits: max-recipients
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dispatch.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-size; news-moderation; no-subject; digests; suspicious-header
Message-ID-Hash: HJYLDRJ3HHY7IMLXBLOFTZ7CAZHEPUYV
X-Message-ID-Hash: HJYLDRJ3HHY7IMLXBLOFTZ7CAZHEPUYV
X-Mailman-Approved-At: Mon, 27 May 2024 04:27:42 -0700
CC: Donald Eastlake <d3e3e3@gmail.com>, gendispatch@ietf.org, Alldispatch@ietf.org, secdispatch <secdispatch@ietf.org>, dispatch@ietf.org, rtgwg@ietf.org, opsawg@ietf.org, int-area@ietf.org, ops-area@ietf.org, witarea@ietf.org, core-chairs@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Secdispatch] Re: [Alldispatch] [dispatch] Re: IANA policies "... with expert review" (Re: IETF-Wide Dispatch – Call for topics)
List-Id: Security Dispatch <secdispatch.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/x66Bio4Az7hb7SHEBMnLBEjnF4M>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Owner: <mailto:secdispatch-owner@ietf.org>
List-Post: <mailto:secdispatch@ietf.org>
List-Subscribe: <mailto:secdispatch-join@ietf.org>
List-Unsubscribe: <mailto:secdispatch-leave@ietf.org>

Hi John,

> […] Another part of  the problem, sort
> of mentioned and partially addressed in my draft, is that there
> appear to be a growing number of topics in which there is tension
> between the value of trying to be sure everything relevant gets
> registers and getting high-quality review and engagement.  

I think that a two-tiered system (permanent/provisional, the one your draft proposes, the recommended flag) generally is the best answer to this problem.  Not sure there is a one-size-fits-all here that could go into the BCP.

> For those
> reasons and, I gather, others  with less sweeping possible
> implications, it seems clear that RFC 8126 is in serious need of
> reexamination and revision.

My draft specifically did not want to wait for such a grand “second systems syndrome” draft to be developed.
I’d rather do incremental steps.
Once we have taken a few of them, we might do an editorial round and merge them into a bis.
Litigating all open issues at once plus trying to achieve editorial perfection is not what I’d want us to aim at.

> Unfortunately, at least as I understand it, a draft revision for
> community discussions was promised over two years ago and has been
> promised and/or requested by various ADs several times since.  The
> draft has not appeared and, if progress is being made, I, at least,
> have seen no sign of it: certainly there has been no I-D.

Right.  Let’s not get mired in such an effort.

> p.s. to save some reading, at least until it is necessary, your
> comment and my draft are about the same idea: taking two well-known
> registration policies and combining them in a way that meets a
> particular set of needs.  

Note there the are different ways to “combine”.  My draft is a conjunction (logical AND).  Other approaches are a disjunction (logical OR), potentially with a semantically meaningful indication in the registration which path was taken.

Grüße, Carsten