Re: [sidr] comments on draft-ietf-sidr-rfc6485bis
Geoff Huston <gih@apnic.net> Wed, 16 April 2014 19:36 UTC
Return-Path: <gih@apnic.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC3751A02E9 for <sidr@ietfa.amsl.com>; Wed, 16 Apr 2014 12:36:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.063
X-Spam-Level:
X-Spam-Status: No, score=-102.063 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rfq7dOPlqDTD for <sidr@ietfa.amsl.com>; Wed, 16 Apr 2014 12:36:36 -0700 (PDT)
Received: from ia-mailgw.apnic.net (ia-mailgw.apnic.net [IPv6:2001:dd8:a:3::243]) by ietfa.amsl.com (Postfix) with SMTP id 262901A0306 for <sidr@ietf.org>; Wed, 16 Apr 2014 12:36:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=c3po; h=received:received:content-type:mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to:x-mailer:return-path; bh=D8J0y7wtMBnpvJR8j/Y8ba37uVufyBVAOM+g4wCqy6c=; b=1i6+sl/7NVao66VaRA+wPUAdt37EET3HimlghWxQWOf0cqDLi2PHin9vlAaZjJ7pSbKQUjPiCy8VY 8kfyU93j8qM+mr5tgG7lYU/Z07EvcmCZ2hYFzNgj8GSQEMo5DdZcryx4HhMlSDF8GgFeFkFyUoQfV5 gXti7qxfWBKFQmnc=
Received: from NXMDA1.org.apnic.net (unknown [203.119.93.247]) by ia-mailgw.apnic.net (Halon Mail Gateway) with ESMTP; Thu, 17 Apr 2014 14:44:22 +1000 (EST)
Received: from dhcp179.potaroo.net (203.119.101.249) by NXMDA1.org.apnic.net (203.119.107.11) with Microsoft SMTP Server (TLS) id 14.1.218.12; Thu, 17 Apr 2014 05:36:27 +1000
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Geoff Huston <gih@apnic.net>
In-Reply-To: <072277B8-10B1-46ED-A4F0-94CE6A06C0E6@tislabs.com>
Date: Thu, 17 Apr 2014 05:36:23 +1000
Content-Transfer-Encoding: quoted-printable
Message-ID: <D4305935-68B4-4825-BB6F-08C2D36D19AA@apnic.net>
References: <E293915D-2FA8-487C-AE8C-15A13263E559@tislabs.com> <60ECB09C-3502-48CD-A152-076AE5BF6E39@tislabs.com> <CA41B216-012F-40FF-BDF3-EA8AC66EEAC4@apnic.net> <072277B8-10B1-46ED-A4F0-94CE6A06C0E6@tislabs.com>
To: Sandra Murphy <sandy@tislabs.com>
X-Mailer: Apple Mail (2.1874)
Archived-At: http://mailarchive.ietf.org/arch/msg/sidr/vj07VA4AytcyLL2uC66F1adXMKA
Cc: "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] comments on draft-ietf-sidr-rfc6485bis
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Apr 2014 19:36:41 -0000
yes - I quite agree that your first set of comments were entirely within scope for this update to RFC6485, and well made. I will get around to a response to indicate how these issues will be integrated into the draft. Geoff On 17 Apr 2014, at 1:31 am, Sandra Murphy <sandy@tislabs.com> wrote: > Ruefully, I note that the chairs requested that the comments be limited to those needed to introduce the correction. > > It is ironic that it was a discussion at IETF76 Nov 09 about this very part of draft-ietf-sidr-rpki-algs-01 that led the Security AD to instruct the wg to produce a transition plan that became RFC6916. > > I withdraw this comment. > > My other comments, however, were focussed on incomplete melding of the correction with the existing text. RC6485 mentions only one OID and algorithm so there was no question of what OID and algorithm should be used wherever such things were mentioned. Now, with three OIDs and algorithms, the text needs to be clear as to what is used where. > > --Sandy, speaking as regular ol' member > > > On Apr 15, 2014, at 6:00 PM, Geoff Huston <gih@apnic.net> wrote: > >> >> On 15 Apr 2014, at 12:43 am, Sandra Murphy <sandy@tislabs.com> wrote: >> >>> And one "I forgot": >>> >>> CAs and RPs SHOULD be capable of supporting a transition to allow for >>> the phased introduction of additional encryption algorithms and key >>> specifications, >>> >>> Is this any different than the algorithm agility in RFC6916? If so, I'd think >>> a reference would be good. If not, could you explain? >>> >> >> >> Yes, I could explain. >> >> <explanation> >> The RFC numbers should be a huge hint here. >> >> So why didn't RFC6485 have a reference to what was a non-existent document at that >> time? >> >> Do I really need to answer that question? >> </explanation> >> >> So why doesn't RFC6485bis fix all this, as you are suggesting here? >> >> So should a reference to RFC6916 be included in this draft? Well on the >> one hand I can't see why not, but... >> >> All this started out as a potential erratum note to RFC6485, >> and following advice from <random AD> that this constituted a technical change >> that was beyond the scope of an erratum, a bis update to RFC6485 itself was >> called for, with a narrow scope to address this particular issue. Section 8 >> of the draft describes the nature of the change, to allow the IESG and IETF LC >> review of this bis document to concentrate on precisely that change, as advised >> in the WG meeting at the time from <random AD>. >> >> But it seems that you are advocating an expanded brief for this bis document >> and when cleaning up the references to related work then we should also look >> at the rest of the document to see how it meshes with later published >> RFCs as well. Right? >> >> (Parenthetically, the expanding scope of this work is a worry, and I can't >> help but wonder if all this is productive use of everyone's time. Maybe we >> should also be reflecting on http://gigaom.com/2014/04/12/why-i-quit-writing-internet-standards/ >> and contemplate the nature of the difference between adequacy and a quest for >> perfection.) >> >> Thanks, >> >> Geoff >> >> >> >> >> >> >> >
- [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Stephen Kent
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Geoff Huston
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Randy Bush
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Geoff Huston
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Geoff Huston
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sean Turner
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy