[Sidrops] Re: Murray Kucherawy's No Objection on draft-ietf-sidrops-signed-tal-15: (with COMMENT)
Tom Harrison <tomh@apnic.net> Thu, 16 May 2024 06:02 UTC
Return-Path: <tomh@apnic.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75769C1D4A7B; Wed, 15 May 2024 23:02:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.75
X-Spam-Level:
X-Spam-Status: No, score=-5.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=apnic.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4tZaULRYTQMP; Wed, 15 May 2024 23:02:51 -0700 (PDT)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01on2127.outbound.protection.outlook.com [40.107.108.127]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D33A3C1840C3; Wed, 15 May 2024 23:02:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kdoO+ISCMTQIVmMavtKC7whRuqGB8sfX/GdqUxxEgcOXmRfXo8Y/G1/y44o4I3xJxLtXKJiJKluKB2+E5X1n+W4/5jHxYwq5I0SjDAj3HSzOIs4dzRPJJZnwBHgXnxnJaOLorRy76prac0b4TXS4G1iUIO6vjj7STfNOhbn+HQUzHhg8WxZoBeES2jIrktNuSVzPi8ZsnZHMk11QrNNNFcnpzSVLc4vIvePU26e7OWbVVNjL7rg7RaTFYdl62uhQw2kZKETMYJjKJLTBdrNOrXa/aUwku/p7w6TqmfXkEZZW1xx2TF3eWGoEYbHQFvx5T3Ysi1oPTFpQOoxs6Aaz3Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kVevCpF8eETV4KAPrYcMCaxWF/4CByU+XMc+rWzcjks=; b=YhTMTKGNfmNUJYmevXWZVGV08Yhi9U+kn75Q5NxRqTT8U7ERqqmKHzuq1fE+/h6lKsXAFsz0H4aU+wm7HOOVLo7wB8oY2o7BPK3q47s3mB4lfebO/i61XjmRYvKqdBjsEOT3EWi4KjEt/bfW0X8ewTNmN6M/8ngA8tnwtXOOokidgJ9OI+T2aRfG/re2p2xDbf66fTvqVQuNd63vT9c9ofYwgvGTDewbyHnjy3you0AA1cVh4RVGJrkzWd7RU+0mYyv9iY1CWBYgUO8RTcy6F/L06TXLyQzLCr80jHjhsQ0ZEvSyHzLHjkADKVnbrO8RbcW0q3tiGMy/BiSlDubzOg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=apnic.net; dmarc=pass action=none header.from=apnic.net; dkim=pass header.d=apnic.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kVevCpF8eETV4KAPrYcMCaxWF/4CByU+XMc+rWzcjks=; b=pOh9cxnOIAQ40EYgJ8Visu+xsGu0OIMUtT7xdI9BaAUTtyX21WK1JCwzCbs0tcjrveA9aRyjLd+F5lvW2EVf1Zr9tiENzmVIjKpl6xAVo/TnC3+tZCF0gWi9J3wrwEYdrrJOjUDld1mM+QhQVn0dJ8SuO28fFgba3NdLPN5Q8CM=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=apnic.net;
Received: from SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:273::5) by SY5P282MB4793.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:26b::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.55; Thu, 16 May 2024 06:02:45 +0000
Received: from SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM ([fe80::9551:44e2:c0cb:9c49]) by SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM ([fe80::9551:44e2:c0cb:9c49%7]) with mapi id 15.20.7386.017; Thu, 16 May 2024 06:02:40 +0000
Date: Thu, 16 May 2024 16:02:39 +1000
From: Tom Harrison <tomh@apnic.net>
To: Murray Kucherawy <superuser@gmail.com>
Message-ID: <ZkWhfz8VUKIoB2QN@TomH-498551.lan>
Mail-Followup-To: Murray Kucherawy <superuser@gmail.com>, The IESG <iesg@ietf.org>, draft-ietf-sidrops-signed-tal@ietf.org, sidrops-chairs@ietf.org, sidrops@ietf.org, keyur@arrcus.com, housley@vigilsec.com
References: <171583747574.12440.11083829647365072784@ietfa.amsl.com>
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <171583747574.12440.11083829647365072784@ietfa.amsl.com>
X-ClientProxiedBy: SY5P282CA0184.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:249::24) To SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:273::5)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: SY7P282MB4761:EE_|SY5P282MB4793:EE_
X-MS-Office365-Filtering-Correlation-Id: 5af965e5-c40c-4f33-a587-08dc756dcb40
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: KMOY4n5yLTbDYx/yBCexeEFjY4NbeOh7QnABsWhc4UCDkhEuSDNBCV5TVH+azyHjCYkakpjM8z5RhlUgvc0vEU2DbHNYqiaBqpeqxGleKNEbFKZdOcsF3mWf1d1F8dnJmwcnVoJc/fe/tSGhKTWDki73SRC++MkXlDOCwLfofUT6i11EgqSikHa+x4UahX8qM1s0sHYTKX9+GRsC9QvtCmllkFYjNShXBM2pTszZAuqWnsm/xQWVo2yPmnUazq/fVkQTC5/MQqzYlzHEPbL60QzboH42WUlqDG1Swh/D1qu7MS+ICNi/qhYjzm746V7xtGHLhX6W9gE0MlDvQGFMEdm3W5Xuhknp+KsdqFUJIaCCexkW8JTkpdqIik2ipUMJ0hib8WYyEibfIXllWxTJ5ZRvthN0GoavFX7QY2pRy1ZZkiU+sZJJMYsEDOcaeuSfdPagzfd8JBNsmTOwqEwyJr53lCMnRnKxmeLsA0rb4Ucj8xlyUfPkOv5v5B/Gkcht0RUDvsHy83KozCclMbNvM24kYmhYLdDyTEURkUn1U2aZFk1BKLJvE8rvC/SLttuuUUfIC+i13fp9xlnm5ErFrSMJv7RJXcMqqlrReHO1NIxEMUUTZzuFt1YP6J8Zhy4cmBzMSHOJ1Gjld9VST2Z0neirz+hvLpQ7WSNo6Fqv32JhDqwjQtOH4huJJKP8S/00l6ZfLFMoCH2xapGx6YGFyBCrBgkM1qJ8jh9xECwtwhUviDYeOGkX3Tg3Ux86KgID/dmDwmlT4q0kkXmo9OlSI7B8+BNrE9JL+XvMOjokUlOY302SfvY2/ozsSJJX/ZkbkX4kZL1k7hVecE/bWLN/2VO3OABW7FIoCHnRER+C9ou+CTbSDW4Uo8w80iRIYxD8fJrrUJWG9AOhcSfA+LCxzOO1ZIVH007UvxAkHpDcTdSEwBMirZzZ/wm0hYHe+wY6ZFKkZUJdLbVz7jITlaIz361fj150ep7rEo9MjlQ6w9JVskuhoC8OpzwcPAgnEn1eyxI5j5+XEUXkx4c01clwHZq06gSODMlyve5h/iKWQUVe21MWz95ApVadMkViVz5DuzLEAmeB9oyAXdNi7lBVEmXGqGPtm+WENUhNRkWpZZUh7ofdQvkXk3okxX1rJQiLATUVO3KX8/du8L6uktuVqbUhrdtPWUrLoaxMyHv4xoG+axcAR/PJs4iKD99tHhC0RrLgv1+YKjORbJVeML4IPqOq/0b5zjC3QZxzVx5b9hN08tNYFofvROG0LM+xKU64q26dNRzILX6wB9aoqULLAA==
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230031)(366007)(376005)(1800799015);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: r4RFHSydTjHslsTL4sIb+8XHDywCmXC8LqBBGSt4pL06BmVSCEzNQ3XWj52bai1Yl1hrQob9exZyO0hrGReglPuPTySXW1x0YAOuCFGL8/spCtpdH2bOrEAfjpVax0jv7RHKtzpbcCj1D/ITQqgXcNW2xgxWk8h5TauqkBA71PceleSZHpCE0nj3DrLUa/wWTNyadFLQ5UhWy0dyiKcYVRIFU8O3AZq70uuEqQW5YiTcHayHZuLVDk8Y6ZtJB4Hd6aRyxLnkK+DNMUajpD0IqLkgTk0IiQYYhFOJHrEtI2UPQrXly8yPCmw8noPtsXia6vW10Zk8XQVWcL1UcHbmGhFPJ7t6m+I1S5waimxUD6Pjodw8LC7B46NBp+RY//xcLjoDqJDxPiv2ofnI/TNhC+TEXFPLU4fj0cFUGgMrXzyi4d9V4VjCJZ8TNcV5DkEp3P/fiNj0ZiyGQkU1cWfLmgKDaN8/RG8kMmNkc9yKfy1jXrpQ5/B5jAJ0rRh2+V1u8RIUPdEsXVmNbuhPP04BHQpGPADhTVC9UA8N5GLLGiaXEkoHDhKCAkM+Opysvr0sz0gIES7ouQt8dwDr0NNd+EB/vn76M/EFwv3YqZBCvYiCAbJDMuXLYnwU4dauqaBdZv0hqyQjtOMO7Uh6iTH0HRC/B2T/bxehi7rWu9Tqw0FO2pTj70IzGHxZ3OQrpJw7KJvJX0djUW7Qz19VjlVO5ovHY9QcqV/jsrzQCFWu9JLJLq8WrYZCtiRklEdnBLM/hIt5oDh2qXsJdn9OS3uCkQ4cwPFZ8v1GkNCYEBPrlEZeoEsZKlKpM6n8po13T+JFCQU85hArmnL0+4Wj9pmApTAGmG3EsSNKbt8JocMhzUQ2uw73etgMXn7P8iqwFks7CYXkB1Lh/NeBLg/iKzJBD3SoIRRQlAfE54RIhop5wNHUh/6tFgst00t5chVhlMr557y0gBBu+cehi/ixfWNHjpPWeH9mX9uvm8rcDlWMWL45YVhy1z8dA1BO0RMN4fkZhMZoljbj6rXHBOS7dyhMa3WGVv3ASfSN80Ib1QRk7M62oiOreqNWEXVEyaIHOwtxj13n3ZHndzJKHFTwU+nR9xNkZtWSFLPcBd5oC+ygInNxtCJx8hlMlZTkvZsCmF2dkpLETpDvsG2FwSXMOcn6f0Wq/X7YH15qeLdwum4LeMQwtEC6OPUVoyU6VhEOq5DOWVEGZvRd2fODdgO/GVOT5Yf0iRoL+P1Ux7t7zCi8Ptl0l1M4MaFcvcrrADjAUEyeR17qJia6DntSDqG4orECsmfNwsf+A3XjVI16YlUFwlfn7j5SL8To2Mq3B55XQgLxpqOPwHiI1d535nhhAhH3yXakRz8Eh+FbUZD3Ek4mK6MsRRAKfSiHVJk0nFsOmDSfuyThHl4qmM1M+nYCJfcTrasNvZ3d4luBmllaLpNbNHhHEb10qkJWuDlCYP6oO711fPBo3Ngp1iuD0YvWwpG7mv0sJkt8UT3UmnqSeYFQjNoOc5p1OzRzyOh0lr5N62zuh0CN+ib1s9XbQZ8U6ERc4S/zKaVl5UkFyrTJ93k4garlt57PFqu7NYfi7IY+ZrRco6wtHectIBi0WKRr8Grmknh+e4sTT0Y/g4er5nxo4sCLtD6NQIPlcqE0wM97hIDM
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 5af965e5-c40c-4f33-a587-08dc756dcb40
X-MS-Exchange-CrossTenant-AuthSource: SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 May 2024 06:02:40.2588 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: mLECtX4Mz7loUDsho3FdYp2bPvXYQ6jw4Fd5lVKT7EfUZP9KbGdXYbz1R8OtGzvm
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY5P282MB4793
Message-ID-Hash: CZVJBJVVBVCK6ETCXZRXSQTR6WXYRAFH
X-Message-ID-Hash: CZVJBJVVBVCK6ETCXZRXSQTR6WXYRAFH
X-MailFrom: tomh@apnic.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, draft-ietf-sidrops-signed-tal@ietf.org, sidrops-chairs@ietf.org, sidrops@ietf.org, keyur@arrcus.com, housley@vigilsec.com
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Sidrops] Re: Murray Kucherawy's No Objection on draft-ietf-sidrops-signed-tal-15: (with COMMENT)
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/RhjYUy02u5tAWF52Jew0fepXJRc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>
Hi Murray, Thanks for your review. On Wed, May 15, 2024 at 10:31:15PM -0700, Murray Kucherawy via Datatracker wrote: > For the SHOULD in Section 4, what if I don't? This also came up in another review, which led to this paragraph being omitted. The response there, for reference: On looking at this again, this text doesn't really make sense under the current model, so it has been removed. (For the transition process to work, TAK objects have to be published under both the current TA key and the successor TA key, so there's no option with respect to the successor. With the predecessor, either it was involved in a previous transition to a successor key, in which case it must have a TAK object underneath it, or it wasn't, in which case it won't. (For reference, the original text was added in revision 02, where it made sense due to the difference in the model at that time, and was then retained in adapted form even after the model changed quite significantly.)) -Tom
- [Sidrops] Murray Kucherawy's No Objection on draf… Murray Kucherawy via Datatracker
- [Sidrops] Re: Murray Kucherawy's No Objection on … Tom Harrison