IETF Logo Mail Archive

Re: [stir] Review of: draft-ietf-stir-rfc4474bis-10

Dave Crocker <dhc@dcrocker.net> Tue, 09 August 2016 21:46 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1F4D12D7FE for <stir@ietfa.amsl.com>; Tue, 9 Aug 2016 14:46:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.999
X-Spam-Level:
X-Spam-Status: No, score=-0.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=dcrocker.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p5khCUraC1Rh for <stir@ietfa.amsl.com>; Tue, 9 Aug 2016 14:46:49 -0700 (PDT)
Received: from simon.songbird.com (unknown [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C6AF12D5AE for <stir@ietf.org>; Tue, 9 Aug 2016 14:46:49 -0700 (PDT)
Received: from [192.168.1.168] (76-218-8-128.lightspeed.sntcca.sbcglobal.net [76.218.8.128]) (authenticated bits=0) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id u79Lkp6Q027599 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT); Tue, 9 Aug 2016 14:46:51 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dcrocker.net; s=default; t=1470779212; bh=SBXyYQa7bYooRBFEkbXIP3RYfi1ZoQIsKo+V4xiGbG0=; h=Subject:To:References:From:Reply-To:Date:In-Reply-To:From; b=Hht7nkjggyDgGVqGPGGQJdS77ucZrmZEgOMxyZD/kEiaQNIx9i4Q4Yui6YWTPH5Ae IW5u2tjHbq/KggV4aY8wvxG9K+xcLpImRzoqx9xc485SPPXD4hP6BsSvWjOr7pV9lo MfdOL5y4kHKCZkzCiuH2VhA9V/T+Ri1npY8PQz9c=
To: "Peterson, Jon" <jon.peterson@neustar.biz>, "stir@ietf.org" <stir@ietf.org>
References: <c3a85ffc-8340-ac54-4d8e-21a16fefd032@dcrocker.net> <4B1956260CD29F4A9622F00322FE053101285D016E32@BOBO1A.bobotek.net> <D3CF2934.1A6EE6%jon.peterson@neustar.biz> <1dbc154e-1ffc-689a-6f4f-45321e1149f6@dcrocker.net> <D3CF35CD.1A6F89%jon.peterson@neustar.biz> <6ddb77b3-2b14-e4a7-ed09-cc5c2f5bcde7@dcrocker.net> <D3CF80E4.1A7013%jon.peterson@neustar.biz>
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
Message-ID: <956a5b73-f0e5-01a6-4924-646b073b8510@dcrocker.net>
Date: Tue, 09 Aug 2016 14:46:22 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <D3CF80E4.1A7013%jon.peterson@neustar.biz>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/kOIEt6AYI4urUM4wrnRCsp5H054>
Subject: Re: [stir] Review of: draft-ietf-stir-rfc4474bis-10
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Aug 2016 21:46:50 -0000

Jon,

On 8/9/2016 2:21 PM, Peterson, Jon wrote:
> While I hear your ask, I'm not sure I think giving individual answers to
> the 70+ questions in your review are warranted. I'll be looking to the
> chairs and the rest of the working group for guidance on this issue though
> - if the prevailing sentiment is that I should answer them all, then I
> will.

The idea that authors would seek working group consensus about whether 
to respond in detail to a detailed review is outside of my IETF 
experience.  I'm astonished at the very idea of it.


> In some cases, you pose questions related to a single incidental word

That why I made a point of acknowledging that there were minor issues 
and that eliding them is fine. Similarly, conflating a series of 
question to formulate a single response is likely to be fine.

I'm not clear what the point of raising something I already accounted 
for is.


> Others of your questions are simply forms of mild emphasis that have been
> disguised as questions for rhetorical effect. When we give an example of a
> JWT header, for example, your review comment is "How is reader to know
> what that long string means? Is the doc only for the cognoscenti? if so,

In fact item was raising a serious and basic question, and it's not 
about cognoscenti.


> A lot of your questions are one-word "why?" questions which are surely
> rhetorical.

Few if any of them were asked rhetorically.


> Also, for those questions that do have some technical meat, we may have
> already touched on them here on the list. Early on in the review, for
> example, in response to the line in stir-passport reading "Tokens are a
> convenient way of encapsulating information with," you interrupt, "Why?
> What are the alternatives? Why is this the starting point?" You are making
> rhetorical points here, that in your opinion using tokens for this purpose

The document doesn't explain what it means by token.  Yet it simply 
asserts their authority.  No context.  No justification.  Not even any 
definition.

So again, this wasn't a rhetorical query.



> As such, I feel like answering many of these question would just be
> busywork

That's a profoundly dysfunctional assessment.

d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net

v2.23.0 | Report a Bug | By Email