IETF Logo Mail Archive

Re: [sidr] comments on draft-ietf-sidr-rfc6485bis

Sandra Murphy <sandy@tislabs.com> Wed, 16 April 2014 15:32 UTC

Return-Path: <sandy@tislabs.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1693D1A019B for <sidr@ietfa.amsl.com>; Wed, 16 Apr 2014 08:32:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.274
X-Spam-Level:
X-Spam-Status: No, score=-0.274 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rCPkizDtAS9R for <sidr@ietfa.amsl.com>; Wed, 16 Apr 2014 08:32:01 -0700 (PDT)
Received: from walnut.tislabs.com (walnut.tislabs.com [192.94.214.200]) by ietfa.amsl.com (Postfix) with ESMTP id AADDC1A01E6 for <sidr@ietf.org>; Wed, 16 Apr 2014 08:31:40 -0700 (PDT)
Received: from nova.tislabs.com (unknown [10.66.1.77]) by walnut.tislabs.com (Postfix) with ESMTP id 7359628B003A; Wed, 16 Apr 2014 11:31:37 -0400 (EDT)
Received: from [127.0.0.1] (localhost.localdomain [127.0.0.1]) by nova.tislabs.com (Postfix) with ESMTP id 561901F8036; Wed, 16 Apr 2014 11:31:37 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Sandra Murphy <sandy@tislabs.com>
In-Reply-To: <CA41B216-012F-40FF-BDF3-EA8AC66EEAC4@apnic.net>
Date: Wed, 16 Apr 2014 11:31:36 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <072277B8-10B1-46ED-A4F0-94CE6A06C0E6@tislabs.com>
References: <E293915D-2FA8-487C-AE8C-15A13263E559@tislabs.com> <60ECB09C-3502-48CD-A152-076AE5BF6E39@tislabs.com> <CA41B216-012F-40FF-BDF3-EA8AC66EEAC4@apnic.net>
To: Geoff Huston <gih@apnic.net>
X-Mailer: Apple Mail (2.1510)
Archived-At: http://mailarchive.ietf.org/arch/msg/sidr/xXJzRhnCJwFZODw-giI0UAXebx4
Cc: "sidr@ietf.org" <sidr@ietf.org>, Sandra Murphy <sandy@tislabs.com>
Subject: Re: [sidr] comments on draft-ietf-sidr-rfc6485bis
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Apr 2014 15:32:06 -0000

Ruefully, I note that the chairs requested that the comments be limited to those needed to introduce the correction.

It is ironic that it was a discussion at IETF76 Nov 09 about this very part of draft-ietf-sidr-rpki-algs-01 that led the Security AD to instruct the wg to produce a transition plan that became RFC6916.

I withdraw this comment.

My other comments, however, were focussed on incomplete melding of the correction with the existing text.  RC6485 mentions only one OID and algorithm so there was no question of what OID and algorithm should be used wherever such things were mentioned.  Now, with three OIDs and algorithms, the text needs to be clear as to what is used where.

--Sandy, speaking as regular ol' member


On Apr 15, 2014, at 6:00 PM, Geoff Huston <gih@apnic.net> wrote:

> 
> On 15 Apr 2014, at 12:43 am, Sandra Murphy <sandy@tislabs.com> wrote:
> 
>> And one "I forgot":
>> 
>>  CAs and RPs SHOULD be capable of supporting a transition to allow for
>>  the phased introduction of additional encryption algorithms and key
>>  specifications,
>> 
>> Is this any different than the algorithm agility in RFC6916?  If so, I'd think
>> a reference would be good. If not, could you explain?
>> 
> 
> 
> Yes, I could explain. 
> 
> <explanation>
> The RFC numbers should be a huge hint here.
> 
> So why didn't RFC6485 have a reference to what was a non-existent document at that
> time? 
> 
> Do I really need to answer that question?
> </explanation>
> 
> So why doesn't RFC6485bis fix all this, as you are suggesting here?
> 
> So should a reference to RFC6916 be included in this draft? Well on the
> one hand I can't see why not, but...
> 
> All this started out as a potential erratum note to RFC6485,
> and following advice from <random AD> that this constituted a technical change
> that was beyond the scope of an erratum, a bis update to RFC6485 itself was
> called for, with a narrow scope to address this particular issue. Section 8
> of the draft describes the nature of the change, to allow the IESG and IETF LC
> review of this bis document to concentrate on precisely that change, as advised
> in the WG meeting at the time from <random AD>.
> 
> But it seems that you are advocating an expanded brief for this bis document
> and when cleaning up the references to related work then we should also look 
> at the rest of the document to see how it meshes with later published
> RFCs as well. Right?
> 
> (Parenthetically, the expanding scope of this work is a worry, and I can't
> help but wonder if all this is productive use of everyone's time. Maybe we
> should also be reflecting on http://gigaom.com/2014/04/12/why-i-quit-writing-internet-standards/
> and contemplate the nature of the difference between adequacy and a quest for
> perfection.)
> 
> Thanks,
> 
>   Geoff
> 
> 
> 
> 
> 
> 
>

v2.23.0 | Report a Bug | By Email