Re: [tcpm] Feedback request on draft-ietf-tcpm-tcp-security

Lars Eggert <> Tue, 02 March 2010 03:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4D40B28C6BF; Mon, 1 Mar 2010 19:23:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.275
X-Spam-Status: No, score=-6.275 tagged_above=-999 required=5 tests=[AWL=0.324, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Nbd2bTmqHy3r; Mon, 1 Mar 2010 19:23:20 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 6A43328C637; Mon, 1 Mar 2010 19:23:20 -0800 (PST)
Received: from ( []) by (Switch-3.3.3/Switch-3.3.3) with ESMTP id o223MP7Y002304; Mon, 1 Mar 2010 21:22:29 -0600
Received: from ([]) by with Microsoft SMTPSVC(6.0.3790.3959); Tue, 2 Mar 2010 05:22:18 +0200
Received: from ([]) by over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Tue, 2 Mar 2010 05:22:18 +0200
Received: from ( []) by (Switch-3.3.3/Switch-3.3.3) with ESMTP id o223MGwR011294 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 2 Mar 2010 05:22:17 +0200
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.95.3 at
Mime-Version: 1.0 (Apple Message framework v1077)
Content-Type: multipart/signed; boundary="Apple-Mail-35--717371626"; protocol="application/pkcs7-signature"; micalg="sha1"
From: Lars Eggert <>
In-Reply-To: <>
Date: Mon, 01 Mar 2010 19:22:00 -0800
Message-Id: <>
References: <> <> <>
To: Fernando Gont <>
X-Mailer: Apple Mail (2.1077)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.3 ( []); Tue, 02 Mar 2010 05:22:06 +0200 (EET)
X-OriginalArrivalTime: 02 Mar 2010 03:22:18.0346 (UTC) FILETIME=[903B9CA0:01CAB9B7]
X-Nokia-AV: Clean
Cc: "" <>, " WG" <>, The IESG <>
Subject: Re: [tcpm] Feedback request on draft-ietf-tcpm-tcp-security
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 02 Mar 2010 03:23:22 -0000


On 2010-3-1, at 17:58, Fernando Gont wrote:
> Lars Eggert wrote:
>> More importantly, you claim that some group of people has "redefined"
>> the WG consensus. This is a serious accusation against the chairs and
>> me as AD. Please provide specific details or retract this accusation.
> Lars,
> I had made this comment a month ago or so, and at the time I preferred
> not to answer you "provide details" request, in the hope of looking
> forward.

the exact phrasing in your earlier email was that I "seemed to ignore WG consensus". Alfred now says that I "redefined" WG consensus. Both are very serious accusations. I believe that I did not mishandle things here (see below for details), but I'm obviously biased. I encourage others to speak up.

If you really believe I acted improperly, please start a recall petition. Otherwise, please stop accusing me of misconduct and apologize. This is the last email I'm going to send on this topic.

> However, given that this has been raised again, I'll respond
> this time:

Thank you. 

> Earlier this year this working group was specifically polled about
> adopting draft-gont-tcp-security as a WG item. The WG had unprecedented
> strong consensus in this respect (with people even offering to spend
> cycles on document review), and this consensus was even noted in the
> slides the wg chairs used in the TCPM meeting at IETF 75 (see:

no disagreement so far - there was strong consensus to adopt a work item on describing a security assessment of various TCP aspects.

> At the meeting, you (IIRC) raised the question about whether we wanted
> to work on this document, or start with a new one (!).

I don't think this is quit accurate. What happens when a WG takes on new work is that they decide to take on a work item, and then they decide which individual document (if any) can be adopted as the basis for progressing this work item forward.

As I said, there was strong consensus to take on the work item. When we discussed whether the CNPI document was a good starting point, I wanted to make it clear that we'd be taking on a very substantial piece of text that had already been published.

If I recall correctly, the WG did discuss for a while if there would be any argument for basically republishing the CNPI document through the IETF, and my take away from the discussion was that the WG felt that an IETF document in this space should say something more or differently than what the CNPI document had said.

That's why we arrived at the decision to come to consensus on an new document structure first and then merge in content from the (long) CNPI document in a piecemeal fashion.

> -- basically
> throwing out of the window the 2-year effort of writing the CPNI TCP
> security assessment on which draft-ietf-tcp-security is based.

The CNPI document is published. Nothing the IETF can do invalidates the effort that went into it. Starting with a different outline (that's what the WG decided on) and merging in content from the CNPI document is not "throwing out the window" all that effort.

> IMO, that's part of obstructing, and/or "not invented here" (NIH) syndrome.

But neither of the two (irrespective of whether they are true or not) are indicative of me ignoring WG consensus.

The discussion of whether to adopt this specific draft as a basis for the work item (and in which form) was still in full swing on the list and during the meeting week. Sure, I spoke up during this discussion. But that's not ignoring WG consensus.

> FWIW, It's interesting to note that IAB's Gregory Lebovitz was there at
> the TCPM meeting, and commented that "WGs don’t need drafts to 100%
> right to become WG items". (and, btw, only two or three people at that
> meeting said that they had actually read the document.)

It may be interesting to note, but it is unrelated to the accusation you make.

> After the meeting, you argued (off-list) that wg consensus (allegedly as
> a result of IETF 75??!) was to submit a "fresh" (i.e., blank/brand-new)
> document

The WG consensus after IETF-75 *was* to start with a new document structure. That's why after IETF-75, you posted a revision that contained just the outline and we discussed it. See and follow-ups.

> , when we already had consensus *before* the meeting, on the
> *mailing-list* (as the IETF mandates it should be) for adopting
> draft-gont-tcp-security.

The discussion started in was still in full swing during IETF-75 - the chairs had not declared consensus. That happened at the end of IETF-75:

> You even suggested that tcpm should assemble "a
> team of editors"

Yes, probably. As I said during the meeting, I believe that this would be the largest work item in TCPM in terms of effort, so strong support is required.

> (when you should have probably made this observation
> for the non-progressing tcp-ao, rather than for this newly adopted I-D).

Irrelevant for the discussion at hand.

> Last, but not least, anybody interested in the meeting I'm referring to
> are advised to listen to the meeting recordings, rather than reading the
> tcpm meeting minutes.

What specifically in the audio recordings backs up your accusation that is not also in the minutes? You're making the accusation that I'm ignoring WG consensus, so it's on you to provide the data.

To summarize (because below is about a different instance): I have seen no evidence that I mishandled anything in this case. But I'm obviously biased. I encourage others to speak up. 

> Another instance (but this one older, and in tsvwg):
> I could also mention that when tsvwg was polled years ago (you were
> co-chair of that wg at the time) about adopting
> draft-larsen-port-randomization (now draft-ietf-port-randomization) as a
> wg item, at some point something like 5+ people were supporting the
> adoption of the document as a tsvwg item (targeting *std* track)... but
> you mentioned that that didn't represent wg consensus.
> Then the voice of three people (yours included) changed the target from
> Std track to BCP. (And no... I'm not arguing that std track was more
> correct than bcp. I'm just arguing that the process, and your view of
> "consensus", are not clear to me).

If you want to make that accusation, please dig through the minutes to back this up with facts to make a case, instead of giving an anecdotal summary. I will point out that I acted as chair during the adoption of an individual document as a WG work item, and it is normal procedure to try and determine what the correct document type would be. The consensus is what concludes this process, and it is called by the chairs (three in this case).  

If you really believe I acted improperly, please start a recall petition. Otherwise, please stop accusing me of misconduct and apologize. This is the last email I'm going to send on this topic.