Re: [Sidrops] I-D Action: draft-ietf-sidrops-https-tal-06.txt

Chris Morrow <morrowc@ops-netman.net> Tue, 26 February 2019 19:26 UTC

Return-Path: <morrowc@ops-netman.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D5BD1277CC; Tue, 26 Feb 2019 11:26:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.101
X-Spam-Level:
X-Spam-Status: No, score=-1.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LDsILKTcf2Ud; Tue, 26 Feb 2019 11:26:47 -0800 (PST)
Received: from relay.kvm02.ops-netman.net (relay.kvm02.ops-netman.net [IPv6:2606:700:e:550:5c82:28ff:fe25:4960]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC77D1228B7; Tue, 26 Feb 2019 11:26:47 -0800 (PST)
Received: from mail.ops-netman.net (mailserver.ops-netman.net [199.168.90.119]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by relay.kvm02.ops-netman.net (Postfix) with ESMTPS id DA0F33FE40; Tue, 26 Feb 2019 19:26:45 +0000 (UTC)
Received: from mailserver.ops-netman.net.ops-netman.net (localhost [127.0.0.1]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.ops-netman.net (Postfix) with ESMTPSA id BD91E30055D39; Tue, 26 Feb 2019 19:26:45 +0000 (UTC)
Authentication-Results: mail.ops-netman.net; dkim=none reason="no signature"; dkim-adsp=fail (unprotected policy); dkim-atps=neutral
Date: Tue, 26 Feb 2019 19:26:45 +0000
Message-ID: <87h8cqtkp6.wl%morrowc@ops-netman.net>
From: Chris Morrow <morrowc@ops-netman.net>
To: Tim Bruijnzeels <tim@nlnetlabs.nl>
Cc: Chris Morrow <morrowc@ops-netman.net>, sidrops-chairs@ietf.org, SIDR Operations WG <sidrops@ietf.org>
In-Reply-To: <6E9126B5-FE2E-428F-9E90-DD89A0BD205A@nlnetlabs.nl>
References: <154823467586.7485.17416366729552218933@ietfa.amsl.com> <4350CE4E-5E77-4101-932E-E164652F4425@nlnetlabs.nl> <0502BBB4-06E0-49B5-8A16-82FADABB7F35@nlnetlabs.nl> <0B80B695-2739-490E-8F2C-D715C2A70118@nlnetlabs.nl> <yj9owolnys7l.wl-morrowc@ops-netman.net> <6E9126B5-FE2E-428F-9E90-DD89A0BD205A@nlnetlabs.nl>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/24.3 Mule/6.0 (HANACHIRUSATO)
Organization: Operations Network Management, Ltd.
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/qkEeEHJA34kx-fmnJh7zOzQ4F3w>
Subject: Re: [Sidrops] I-D Action: draft-ietf-sidrops-https-tal-06.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Feb 2019 19:26:50 -0000

At Tue, 26 Feb 2019 15:46:01 +0900,
Tim Bruijnzeels <tim@nlnetlabs.nl>; wrote:
> 
> Hi Chris,
> 
> Thank you for moving this forward.
> 
> However, the version -06 differs from the -05 version for which the last call was done in November. Based on feedback on the list after last-call the following changed:
> >>>> * There is now no blank line between the comments and the URIs.
> >>>> * Relying Parties MUST now do TLS verification (from SHOULD) and text that was there arguing that unsafe transport is not a huge issue when there is object security has been removed.
> >>>> * Job Snijders is acknowledged for suggesting the comments section.
> 
> I am happy to see this progress, but I leave it to your judgement whether last-call should be re-assessed for version -06 with these changes.
> 

I didn't think the changes were significant enough to constitute a need for a second wglc round.

> 
> Tim
> 
> 
> > On 26 Feb 2019, at 15:33, Chris Morrow <morrowc@ops-netman.net>; wrote:
> > 
> > 
> > Questions sent to authors for IPR things.
> > thanks for the reminder.
> > 
> > On Tue, 26 Feb 2019 00:58:56 -0500,
> > Tim Bruijnzeels <tim@nlnetlabs.nl>; wrote:
> >> 
> >> Dear co-chairs,
> >> 
> >> Repeat. Can we please have an official last-call? Or some other verdict you deem fit.
> >> 
> >> Tim
> >> 
> >>> On 6 Feb 2019, at 18:20, Tim Bruijnzeels <tim@nlnetlabs.nl>; wrote:
> >>> 
> >>> Dear co-chairs,
> >>> 
> >>> I have waited a while but saw no further comments.
> >>> 
> >>> Can you please initiate a last-call for this version?
> >>> 
> >>> Kind regards
> >>> 
> >>> Tim Bruijnzeels
> >>> 
> >>> 
> >>> 
> >>>> On 23 Jan 2019, at 10:16, Tim Bruijnzeels <tim@nlnetlabs.nl>; wrote:
> >>>> 
> >>>> Dear WG,
> >>>> 
> >>>> This version address the comments made after the unclosed last call for -05.
> >>>> 
> >>>> * There is now no blank line between the comments and the URIs.
> >>>> * Relying Parties MUST now do TLS verification (from SHOULD) and text that was there arguing that unsafe transport is not a huge issue when there is object security has been removed.
> >>>> * Job Snijders is acknowledged for suggesting the comments section.
> >>>> 
> >>>> Please have a look and speak up if you see any remaining issues. This should have been a simple change, but we're talking about this for almost a year now. If I get no comments by the end of next week, then I will try asking for last call once again, but I hope to avoid having to make a version -07.
> >>>> 
> >>>> Thanks
> >>>> Tim
> >>>> 
> >>>> 
> >>>>> On 23 Jan 2019, at 10:11, internet-drafts@ietf.org wrote:
> >>>>> 
> >>>>> 
> >>>>> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> >>>>> This draft is a work item of the SIDR Operations WG of the IETF.
> >>>>> 
> >>>>>     Title           : Resource Public Key Infrastructure (RPKI) Trust Anchor Locator
> >>>>>     Authors         : Geoff Huston
> >>>>>                       Samuel Weiler
> >>>>>                       George Michaelson
> >>>>>                       Stephen Kent
> >>>>>                       Tim Bruijnzeels
> >>>>> 	Filename        : draft-ietf-sidrops-https-tal-06.txt
> >>>>> 	Pages           : 10
> >>>>> 	Date            : 2019-01-23
> >>>>> 
> >>>>> Abstract:
> >>>>> This document defines a Trust Anchor Locator (TAL) for the Resource
> >>>>> Public Key Infrastructure (RPKI).  TALs allow Relying Parties in the
> >>>>> RPKI to download the current Trust Anchor (TA) CA certificate from
> >>>>> one or more locations, and verify that the key of this self-signed
> >>>>> certificate matches the key on the TAL.  Thus, Relying Parties can be
> >>>>> configured with TA keys, but allow these TAs to change the content of
> >>>>> their CA certificate.  In particular it allows TAs to change the set
> >>>>> of Internet Number Resources included in the RFC3779 extension of
> >>>>> their certificate.
> >>>>> 
> >>>>> This document obsoletes the previous definition of Trust Anchor
> >>>>> Locators in RFC 7730 by adding support for HTTPS URIs.
> >>>>> 
> >>>>> 
> >>>>> The IETF datatracker status page for this draft is:
> >>>>> https://datatracker.ietf.org/doc/draft-ietf-sidrops-https-tal/
> >>>>> 
> >>>>> There are also htmlized versions available at:
> >>>>> https://tools.ietf.org/html/draft-ietf-sidrops-https-tal-06
> >>>>> https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-https-tal-06
> >>>>> 
> >>>>> A diff from the previous version is available at:
> >>>>> https://www.ietf.org/rfcdiff?url2=draft-ietf-sidrops-https-tal-06
> >>>>> 
> >>>>> 
> >>>>> Please note that it may take a couple of minutes from the time of submission
> >>>>> until the htmlized version and diff are available at tools.ietf.org.
> >>>>> 
> >>>>> Internet-Drafts are also available by anonymous FTP at:
> >>>>> ftp://ftp.ietf.org/internet-drafts/
> >>>>> 
> >>>>> _______________________________________________
> >>>>> Sidrops mailing list
> >>>>> Sidrops@ietf.org
> >>>>> https://www.ietf.org/mailman/listinfo/sidrops
> >>>> 
> >>> 
> > 
> > _______________________________________________
> > Sidrops mailing list
> > Sidrops@ietf.org
> > https://www.ietf.org/mailman/listinfo/sidrops