Re: [tcpm] Feedback request on draft-ietf-tcpm-tcp-security

Alfred Hönes <ah@TR-Sys.de> Mon, 01 March 2010 22:00 UTC

Return-Path: <A.Hoenes@TR-Sys.de>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 78F4A28C5D2 for <tcpm@core3.amsl.com>; Mon, 1 Mar 2010 14:00:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.751
X-Spam-Level: **
X-Spam-Status: No, score=2.751 tagged_above=-999 required=5 tests=[AWL=1.500, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ywZUs+5fXNbc for <tcpm@core3.amsl.com>; Mon, 1 Mar 2010 14:00:03 -0800 (PST)
Received: from TR-Sys.de (gateway.tr-sys.de [213.178.172.147]) by core3.amsl.com (Postfix) with ESMTP id DD8AA28C1A4 for <tcpm@ietf.org>; Mon, 1 Mar 2010 14:00:01 -0800 (PST)
Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3.2) id AA211010777; Mon, 1 Mar 2010 22:59:37 +0100
Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id WAA15069; Mon, 1 Mar 2010 22:59:35 +0100 (MEZ)
From: Alfred =?hp-roman8?B?SM5uZXM=?= <ah@TR-Sys.de>
Message-Id: <201003012159.WAA15069@TR-Sys.de>
To: wesley.m.eddy@nasa.gov, tcpm@ietf.org
Date: Mon, 1 Mar 2010 22:59:34 +0100 (MEZ)
X-Mailer: ELM [$Revision: 1.17.214.3 $]
Mime-Version: 1.0
Content-Type: text/plain; charset=hp-roman8
Content-Transfer-Encoding: 8bit
Subject: Re: [tcpm] Feedback request on draft-ietf-tcpm-tcp-security
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Mar 2010 22:00:04 -0000

Wes,
sorry, I'm seriously concerned, and I oppose strongly.

You wrote:

> There is a sentence that can simply be removed without any loss:
> "For some reason, much of the effort of the security community on the
> Internet protocols did not result in official documents (RFCs) being
> issued by the IETF (Internet Engineering Task Force)."  This doesn't
> consider the fact that protocol specifications in the IETF and many
> (if not most) other SDOs are focused on producing interoperable
> specifications with implementation detail left to individual vendors
> to differentiate their products.  In the case of many of these TCP
> vulnerabilities under discussion, many clearly fall into the realm of
> implementation issues rather than protocol issues, and are thus outside
> the traditional scope of IETF process.  As nearly all of the vendors
> who have implemented these fixes participate in the IETF, it seems they
> haven't felt a compelling urge to have their implementation practices
> codified in RFCs.  At least explaining this seems more valuable than
> the nebulous "For some reason" which makes it sound like this is just
> a strange occurence with no clear explanation, though I believe the
> sentence can just be completely removed without any loss to the
> document.

Did you mean this all ironically?   (I can't believe that.)

This kind of arguing badly confuses reasons and results.

Shall it now really be impossible to speak out in a very polite
manner what happened in this WG?

Do you really not want to realize that so many folks do not contribute
any more to TCPM because work in this WG is continually obstructed?

The subject matter is not a matter of implementation details.
This is a matter of the experience in interoperable implementations
being silenced by stereotypous arguments over many years in this WG.

A message sent to this WG at Fri, 19 Feb 2010 15:22:49 -0800
once more concluded with:

> I have criticized these documents for proposing changes to standards;
> I do not have an issue with merely documenting those changes.


This clearly restates the goal of all this obstruction we had over
several years and that has caused so many folks to stop active
participation in this WG.
That's why this WG does not fulfill its mission and does not perform
actual maintenance of the protocols it pretends to shepherd.

I cannot imagine a more concise proof of the diagnose I had placed
in a recent posting.
As a mathematician, I can't resist to say:  Q.E.D.   !


It therefore now seems due to stop the exaggerated politeness
pretending not to know what has been going on and avoiding to spell
out the actual reasons for the lack of progress.
It is "the WG", who prohibits this, not _the WG at large_ that has
been silenced more and more.
Continuing to obfuscate this reason would be inhonest and a kind of
self-deception.

For me personally, it does not make much sense to waste time and
energy for further technical and editorial reasoning on documents
on this list, as long as the frequency of postings iterating the
same position ad nauseam and the voices of a few folks that happen
to attend many IETF meetings and get recruited to a WG sessions are
allowed to redefine the consensus of the WG and to take IETF WG
procedures ad absurdum.

Apparently the continued camouflage of the broken procedures need to
be stopped now visibly and publicly, or otherwise it would be better
to shut down this WG, the sooner the better.

I hereby request that the above quote from the TCP security draft be
actually clarified by making "For some reasons" much more explicit,
to spell out the truth and send out a clear message to the listeners:

|| "Because a small minority continually has happened to silence
||  interested parties in this WG and discouraged and distracted them
||  from contributing to constructive work to enhance the standards,
|   much of the effort of the security community on the Internet
|   protocols did not result in official documents (RFCs) being issued
|   by the IETF (Internet Engineering Task Force)."


This sentence gives the guideline and motivation to continue work on
this document.  Stripping it off the document would be a stab in the
back of the author who has patiently sustained all the tortures so far.

I now expect a clear committment of the leadership that the personal
favorite "anti-tank obstacles" of one WG member that obstruct any
normative improvements be stopped.  It's almost only "the WG" who
always says he admits (other authors) to only document behavior of
the predominating code bases and who opposes to bring the Standards in
agreement with what has been proven much better working interoperably
in the current hostile environment of the Internet than the
'clean room' standards text cut in stone decades ago.

Please either shut down the WG now, or (what I would prefer much more)
encourage implementors to return and raise their voice again in the WG,
and commit to adhere to the principles Jari Arkko had recalled recently,
namely that the IETF should much more listen again to running code and
experience.

We also need such clear signals now for the IESG, that we want to
overcome the lethargy and revive the WG -- isn't it, Jari?


Kind regards,
  Alfred Hönes.

-- 

+------------------------+--------------------------------------------+
| TR-Sys Alfred Hoenes   |  Alfred Hoenes   Dipl.-Math., Dipl.-Phys.  |
| Gerlinger Strasse 12   |  Phone: (+49)7156/9635-0, Fax: -18         |
| D-71254  Ditzingen     |  E-Mail:  ah@TR-Sys.de                     |
+------------------------+--------------------------------------------+