IETF Logo Mail Archive

Re: [lamps] [EXTERNAL] IESG review of draft-ietf-lamps-cmp-updates-20

Mike Ounsworth <Mike.Ounsworth@entrust.com> Thu, 02 June 2022 19:06 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 767C2C14F73A for <spasm@ietfa.amsl.com>; Thu, 2 Jun 2022 12:06:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Level:
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QQKURPL8RLNa for <spasm@ietfa.amsl.com>; Thu, 2 Jun 2022 12:06:34 -0700 (PDT)
Received: from mx08-0015a003.pphosted.com (mx08-0015a003.pphosted.com [185.183.30.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A02CC14F72F for <spasm@ietf.org>; Thu, 2 Jun 2022 12:06:34 -0700 (PDT)
Received: from pps.filterd (m0242863.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 2526Mwvx001135; Thu, 2 Jun 2022 14:06:29 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=mail1; bh=/AWjCOGPFYPxigpSjNJ7TsruLKpGeMOKfQAbaIohoMk=; b=CafZI/uDd60mmBraFqhdv/Agql82/KAdmKIRno8jdbKyFk3wkfYVWtgfe2ilKQH2GmPf j08plXkS1VMY+bFKNmV4z3t4lQCvBg0CJP9E0tBZmeDpdrD3E4g5h9oxc2nBzcx0PO1y Pmk5XWVf2Tz8hTtuqsn7JCKSj3XmxQYguDKCUz+wAvZSzIOqtaQe/3g+wi7tfnXF6PVx ubgTCQ87ZwleeZruA81S2Sg41U3NIsP8nrba4jMF8PProtmc/jTYkiDmMm1GdnQZaFJ3 senktwJl04F9kUueU7zmmmFcipKvRfOE2/IMkI75M27tOIhfVnXl4hp2mOxpbM1KEaeq 4g==
Received: from nam12-dm6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2168.outbound.protection.outlook.com [104.47.59.168]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3gbeqnegwh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Jun 2022 14:06:28 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PNyEJABfqQXJiQcVcI+5eZUlymtSMHYsZaBrmFPshW/Dy7E0R9l00hSL5vOJ0DxbeFuSntGzKS1n/sU8DKImwXtMIGL74btSzr8/7xQkBM2wxIcQViZca6fAXhYDvojwTWbPxac0GbiZ18N1wmqhUMEXspQAyA+PJsOaMQoFEuS1YepVnE2tzHvvAjDckfK86nimWzmUvMGsbJ92JgZT+NaQ0wCD9m72Ep+LF7d/F/m/SQT4osdMwMI5oRYDE/1H7S5+YvDbU03/G+/qG0xG7JCVfWCxQnkXKQkn5bPKI19nAedDoCKTS2cN8pOtkn3fMB2SsMYobrSHETUNrDT4mQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/AWjCOGPFYPxigpSjNJ7TsruLKpGeMOKfQAbaIohoMk=; b=NClAH7boEXRMTA1AvxEFFq2yQfgoGMRIWUjbe8E44/3OWU/1pXV6YvHZMcZUjAPcSbZkaxDzwz5G8HMvYlUYRl/q0o9Dl6s435FTLZ4rTwQ4O/cBLg4Q9oYqSSjYP6i+nCb03M+4ijg8ijFHY0QhmoBmOwmHW5DUV5FLo5y2+RMJ9aGSg3R/E2oHB4oWQkq28kmE5A08t9pMLsO9BVEeU5uMz1FGOz5KEMonHPGSyYlJciQzGE29cYEO9/AlUG7fvZPh1oRksB4B7u9cBfqFM/OqJ7yrQRc+FM98qM9h0NoJJno97hXd/3chgQhr8NJgVb/ga1GOICXdsLa0+/k3Cg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by SA2PR11MB5100.namprd11.prod.outlook.com (2603:10b6:806:119::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.13; Thu, 2 Jun 2022 19:06:26 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::610d:1832:5a42:40ad]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::610d:1832:5a42:40ad%6]) with mapi id 15.20.5314.013; Thu, 2 Jun 2022 19:06:26 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Roman Danyliw <rdd@cert.org>, "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: [EXTERNAL] [lamps] IESG review of draft-ietf-lamps-cmp-updates-20
Thread-Index: Adh2o0JYP3nR9eAkQlKjAdN4Q8JQygAEDZ+A
Date: Thu, 02 Jun 2022 19:06:26 +0000
Message-ID: <CH0PR11MB573952D87AE2AE310820E05D9FDE9@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <BN2P110MB11076116EA041030B33A9CD8DCDE9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
In-Reply-To: <BN2P110MB11076116EA041030B33A9CD8DCDE9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5003ebd9-9bf3-49e2-2f9a-08da44cafdfd
x-ms-traffictypediagnostic: SA2PR11MB5100:EE_
x-microsoft-antispam-prvs: <SA2PR11MB5100627B1AC64DF1FE3B06F29FDE9@SA2PR11MB5100.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: tQCVaUkpqpLT4ufG3SCYi3jLNPhtqxjkrL7MQp0voRk1cjPTZ81Lq5flKNiXg3Se+nRaAoc1Vgxfy+4PLqWMFzhW81cHaY2N39qz0Bkx8YY9vrL6DV1cTAPWRcYpDJYg7NIv6sxQU3NfRzJ7PFR+Wf+jha8Ynd/hVNXG8n1113ZbI6/Xbdi80/NqQYOvfJ3xPSoIlZiON4x4EkmbKte+im1IBjvpPYRO/C8X0MxSi8LT+H9ISrp0w5DPHdBrIJOfUbNzeHPOvosGg6s+HN5n5F60W5/AJz8tw5Ql6qOnxW4ImwjiaNAr35ZOKhAqCvhOULUNYhkyKKw0bP3jGhuN+Ax38w+3yTsGyN08mAvAfmC+tRR+o/8Yv+ibZ7P5eTcfQ4aRYXsUpBr1iprvMBFLtaPISAKPAnxNXRqW2IU3ln4bT4g2EyKjskhdXbktDUZ4khP4NhC0jHcw3G91yg2t9RqhutZFRChE+V031nhJVRUdgYClQksZ4ztYmz0r4X/EuTFJ5EpNSO5GBzTIJdvp6hlix61fDeibCyTO2p52/uVhj+vRwFjEyMiswGZtH9phAAWuPfb+Y3JBpy+jUnW7HzlIPOGpr3as2yMygsrUt2+/dXfvyCWk6ygB3gGHLClw3qnY4/p4BqmH5dpf97Zw3Ju0PrC9NvF7+HM9zdP00uqVb3qVbp8B8QZNHNr5Z3eU58AbniDRVtiTCFpWlgL+7dHa48iHy57hlNxhU5Xj99ROdd1ZzQdnIBj4MjbQZTs73RwiOUCz2LahDyM4IaM7IZJreBFbQI7CPczhN0oWlZf/rV9tTDnQ2x2lqltmtQUqUSaNhmBe2Qr8qqyOfFvFBQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(55016003)(9686003)(64756008)(8676002)(966005)(26005)(38070700005)(122000001)(8936002)(186003)(508600001)(52536014)(86362001)(316002)(110136005)(83380400001)(5660300002)(7696005)(6506007)(53546011)(2906002)(71200400001)(76116006)(66946007)(33656002)(15650500001)(66556008)(66476007)(66446008)(38100700002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 0eTfUOyzLYJtoSClj6V7qgi4fdO2BObkaNDytL7nfDrNdeQvTSfzGyyaKroOsqzYrlYU+SFZTjTEAA9swD+cNdIHv5DSYBRSv66pCBNVp0+RbOW+5TBRgjKXMlJSFkl1ZT+5XQpawxzhSSwMaEoKjWbWbgCtl/DxuBSyWbgrEW+OgAxylQXZkSlhFJsoBakRmsBkTKYaVm1hpN2seEBxHGMLE5hf6NXdQGHWO+psdR85id2SntMiQtKj4qguwnJoUTtPOt2S4YB+oTuv6VH6x1lRiFam90EZcIDyBkKBlYspGyKSGJxdKIW1m2sCJ1uSgcb1l1SR0IqatcGpfHzBYOfGGrwF5zllsTvH11xrm1immTx4sF/B4ndt0wQNr9XYYe7+E/YPgusbLhzvGn7wloJfxiZ9S7Yq1xEOK0xGSu/rpCfbWlv/GV1GmQUncuhxRgdLraNwhSTaHNk2/nih9wIKyBfBbLJaXb+gWANgHPaaeo51P1NDPwAKMRDseNJatKIv7dzFVU2Gvk9AKcsDi2ZUeY+EvwvAVvRs93GnLEO9WMFweMCkoiwaNV1yfiiCKKT5+NZB3qzCVRUSM2gIXnu+ITQcmVmw66G0Z1IzQoTs25HnmUDEKhAsL0I2O8L4Fl0XYj4UyQDkexBJZrKHHAY6mPfIEF3+cei4UQ0jXwGiXyC66G1y/hNsX6gpv9CegF0C8IOXlt8V2LEV91+Y1D7ajzvynsCSBarvzYWsWWIT9iVFl2cWHcJ+208LcDMhS7ZAWuEpl2/PNUw4C5semR5KUKlfXibqEjvxB4vp8hUMGZTEz7Qp11je1bdbY1x8w45hnc+afqB0Uwlwb1w/kZAZWak+7C5xc/gGy4orU0CPorCNkraiskEbxL7rtBs0WIF3vsQ6veLiRe5a7ky7TL7eounPH4hJTYh9ysejg0TIrqxcTo7Ine44U6UlKWv0DwNH6J4fv/TayyCCruqeFriP11QxYvglp5y42LTcLW+z5qIi7iPrO7I7gha6odWdRsZwwR0q0GjlVTGJ99yCzN5BU9V0/l8fU8HYOUQ59YDxu86jjw10Mg/lrrp4A6kRorKuZCYxbluyKuNXaIxLoDzsgNPsIAcheMrkLO87y6/HQiTOqnxjukCKCFeH5EHycm/N2fDUWjIXPLqKuMt5kQTkAQwg51t241RJoslWeBUQJH/vhW4TjRWxuFN1iGz3tXmemETtLK4ak106CSvuHUOpUW6M9seADWA/D5SqSYpz3tzkEWoZk8WEulgSdZOqKINBmBhAo6qyIXwcas5wL7kcT0zhoijm3qc+8YOMIPCvqgIkebbZ9tScDsoUBUPfD6kYIfTR824RAHsdoKDER9kiM44xHJQcMMCoM96fY++bMZFYACLz5/kby+Dhc0aIssb1yFrKtfsvsD5AJ2FMD5MGdDXFNECdxXNz67+MNAZAuXw78sGomj9xtGA8v5kMBLdwSzG2IfnETfOEr15EPH3rFpc52ksJnxSPkK6jJ6G6CjA/HUs7TTQbj5L/L+XpxArhxXxraGC5TMOX6xpn4RJwLjsmUjVRph4pMdSxY/PeNMzaE6Z1xW68Y5vcQn0Q8/JMbhOGox8GuArEhmwQ6+4sqiKNbbx4p5rgWP4ihaALIWvR29Xffl/wHWJZyMVXN7T5ZBXgPUmwm+OxzDxRh9b1sloZcFTTsMWvtB7VpsaQTfYLZ4qQrpEv7ULTC5QO8fS0MEzjOlmGoF72G+suFQ==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 5003ebd9-9bf3-49e2-2f9a-08da44cafdfd
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jun 2022 19:06:26.1345 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: WP5+T/5t9cIu9lVk5NWXejW0Eru/YFyB/lQcvWOXrzVC1Nk7XSaYmQCJRyM5OR+tm8luMR36/uVx77PDempzzkEm/ettSUy/quoqNsmpfzo=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA2PR11MB5100
X-Proofpoint-GUID: 1xsLYrn1fUjZuLJAXeIlEtZQhUqiKrpI
X-Proofpoint-ORIG-GUID: 1xsLYrn1fUjZuLJAXeIlEtZQhUqiKrpI
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.517,FMLib:17.11.64.514 definitions=2022-06-02_05,2022-06-02_01,2022-02-23_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 suspectscore=0 priorityscore=1501 phishscore=0 impostorscore=0 bulkscore=0 adultscore=0 clxscore=1011 spamscore=0 mlxlogscore=999 malwarescore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2204290000 definitions=main-2206020081
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/SDXzBnoOjzoolLwQFWvQ88c8B4Q>
Subject: Re: [lamps] [EXTERNAL] IESG review of draft-ietf-lamps-cmp-updates-20
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jun 2022 19:06:38 -0000

Thanks for the detailed meeting notes Roman!

If I'm reading properly, the outcome is:

* Add an intro blurb explaining the editorial style.
* Proceed with publication of this document in the short-term.
* Add a LAMPS milestone to produce a proper bis doc at a later date.
* Next IESG telechat is June 30.

---
Mike Ounsworth

-----Original Message-----
From: Spasm <spasm-bounces@ietf.org> On Behalf Of Roman Danyliw
Sent: June 2, 2022 1:47 PM
To: spasm@ietf.org
Subject: [EXTERNAL] [lamps] IESG review of draft-ietf-lamps-cmp-updates-20

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.

______________________________________________________________________
Hi!

draft-ietf-lamps-cmp-updates was on the IETF telechat today and the outcome of the ballot was an insufficient number of positions to pass.   See
https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-lamps-cmp-updates/ballot/__;!!FJ-Y8qCqXTj2!Yp56wz4Ie6UthSderEeOsxa7mi6tDyG1jBuEQlG7nSBEAVuV0s7A-nuHFWj9Ap-1MIXl-JU7SW62zskjxuEZ$ .  Procedurally, any Proposed Standard (PS) status document needs 2/3rds of the IESG (10 of the 14 members) to ballot "Yes" or "No Objection" to pass.  Unfortunately, the results we have is that 5 IESG members have balloted ABSTAIN, which means that irrespective of the two ADs clearing their DISCUSS positions, this document can't advance to publication.

The primary concerns of those ABSTAINing appeared to be that the editorial style of a large collection of OLD/NEW patches makes the document unreadable.  If you recollect, this was the reason why I asked for documentation of this editorial choice during the AD Review (https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/spasm/5yAA3RADNiqNRwvDe_8GCg3Q-WY/__;!!FJ-Y8qCqXTj2!Yp56wz4Ie6UthSderEeOsxa7mi6tDyG1jBuEQlG7nSBEAVuV0s7A-nuHFWj9Ap-1MIXl-JU7SW62zhboSPrv$  ). The IESG also questioned why the WG couldn't just publish a bis document.  There is a prior history of the IESG raising concerns with such an editorial style and ultimately sending it back to the WG (https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-nfsv4-mv1-msns-update/ballot/__;!!FJ-Y8qCqXTj2!Yp56wz4Ie6UthSderEeOsxa7mi6tDyG1jBuEQlG7nSBEAVuV0s7A-nuHFWj9Ap-1MIXl-JU7SW62ztna-Rfv$ ).

With the help of background from Russ and Hendrik, I reminded the IESG of:
** the history of  why this document grew to the length that it was, and that this patch style approach is not uncommon for PKIX documents

** that there are pending PRs in OpenSSL and BouncyCastle to support this document (and these communities are waiting for an RFC to accept them)

** one of the primary ways in which the PKIX community interacts with CMP is via libraries

The IESG also discussed if we need to put out a statement to better guide "patch-style update documents" in the IETF.  I was supportive of this but stressed that any such statement should apply to future work.

The ADs are sympathetic to blocking the work, so we defined the following steps to find a way to advance the document.  No guarantees, but these steps would provide structure for the ADs to revisit their ballots (and get us closer to the needed 10 positions).  These steps included:

** Returning the document back for IESG Review on the June 30 telechat (reason: certain ADs balloted ABSTAINed and didn't review all of the details of the document; with the benefit of this additional WG background described above, returning this document gives them more time for review)

** Plan and define a formal milestone in the datatracker that set expectations on when a CMP bis document would be published (reason: certain ADs would feel reassured that the WG has a plan to provide a more readable update document via bis and approval of this current document would be a stop-gap measure)

** Add text into the current draft-ietf-lamps-cmp-updates which explains why this patch style was used and alluding to WG plan for a full bis document

** Updating the shepherd write-up for the implementations of this document

Thanks for the WG's continue work on CMP.  This is an important technology for the community.

Regards,
Roman

_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/spasm__;!!FJ-Y8qCqXTj2!Yp56wz4Ie6UthSderEeOsxa7mi6tDyG1jBuEQlG7nSBEAVuV0s7A-nuHFWj9Ap-1MIXl-JU7SW62zjqE39C2$
Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.

v2.39.1 | Report a Bug | By Email | System Status