Re: [tcpm] WGLC for draft-ietf-tcpm-2140bis

["Scharf, Michael" <Michael.Scharf@hs-esslingen.de>]

Hi all,

I have not seen follow-up discussions. 

Regarding 1): As far as I can see, the security section was rewritten in -02, but as far as I recall the intention was mostly to _add_ considerations (on fingerprinting). What text would be needed to sort out this comment?

Regarding 2): The appendix is in there for quite some time already, but out of my head there was not much recent discussion on part of the document. Well, it is an appendix in an informational document... Are there other views on the appendix in the TCPM community?

I'd like to sort this out in order to conclude the WGLC.

Thanks

Michael
(as shepherd)

> -----Original Message-----
> From: Joseph Touch <touch@strayalpha.com>
> Sent: Friday, June 19, 2020 8:40 PM
> To: Mirja Kuehlewind <mirja.kuehlewind=40ericsson.com@dmarc.ietf.org>
> Cc: Scharf, Michael <Michael.Scharf@hs-esslingen.de>; tcpm@ietf.org;
> tcpm-chairs <tcpm-chairs@ietf.org>
> Subject: Re: [tcpm] WGLC for draft-ietf-tcpm-2140bis
> 
> Hi, Mirja,
> 
> > On Jun 19, 2020, at 11:31 AM, Mirja Kuehlewind
> <mirja.kuehlewind=40ericsson.com@dmarc.ietf.org> wrote:
> >
> > Hi Michael, hi all,
> >
> > sorry for being late here but times are busy... so thanks for the extension.
> >
> > Thanks to the authors for all the work on this bis doc. I only managed to
> have a brief review of the draft but I think it an interesting read with a lot of
> good updates. I think the document is basically ready for publication,
> however, I have two comments/questions. tThe first one is more a
> suggestion but the second point is something I think we should be should we
> have support for in the group before we move ahead.
> >
> > 1) The security section could maybe also discuss if there are any
> implications for likability when caching any of these information and how to
> handle that. Looking at the diff, there was a section in the security
> consideration about information sharing of application-specific settings. So
> why was that removed? However, I think the document could even say
> more!
> >
> > 2) I was quite surprised to see appendix C and that it is a FULL copy of draft-
> touch-tcpm-automatic-iw-03. I'm okay to discuss more considerations on the
> IW e.g. on the design principle level and most importantly maybe that a loss
> within the IW can/should impacting the cached value, and to do so even in
> the body of the doc, however, if I remember correctly there was a lot of
> discussion about the automated setting of IW in tcpm when the IW10 RFC
> was under discussion and no agreement reached in the group, so would
> rather just like to see a reference to the expired draft than copy and pasting
> the whole algorithm in the appendix of this draft.
> 
> The discussion was only whether there were specific settings that had been
> implemented. If we cite an expired draft, we need to basically add some info
> to explain what’s in the other doc (which we are supposed to treat as non-
> existent). I.e., if we’re citing an old draft for credit, it’s just a citation, but in
> this case we’re saying that the techniques in that draft *are* just a variant of
> what 2140 already suggests, only on a different timescale.
> 
> I.e., “discussing more considerations” is basically what that text already does.
> All the issues that are in the original doc were relevant for this one’s
> discussion on that issue.
> 
> Joe