IETF Logo Mail Archive

[TLS] Re: FATT Process

Watson Ladd <watsonbladd@gmail.com> Wed, 04 September 2024 21:13 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFD0DC1D5300 for <tls@ietfa.amsl.com>; Wed, 4 Sep 2024 14:13:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JIn8yroPESXE for <tls@ietfa.amsl.com>; Wed, 4 Sep 2024 14:13:20 -0700 (PDT)
Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11478C18DB83 for <tls@ietf.org>; Wed, 4 Sep 2024 14:13:20 -0700 (PDT)
Received: by mail-wr1-x435.google.com with SMTP id ffacd0b85a97d-374b25263a3so8646f8f.0 for <tls@ietf.org>; Wed, 04 Sep 2024 14:13:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1725484398; x=1726089198; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Um5MShfOMxXZjkpqkWyTUwDePf1tRxdH4wkBLde1v2s=; b=ghWPMTr8rISyYYunFeb1wUnA/WjPXJ1m0lwDYQ/csv4AQModnXClNCXKzgieS3HfEA wufm9NOfLFlYiD/miU996nhtjkcof14isTz+7CqKU6y1zWIWa2lWMF5b4ZHSjSo3lbXv +canOqMKrn80aDgFOsozw7DlrEvmSbFjscaEifUx/QgvnPhjbatIjziMVsBUfOuoBe7o vMJ78yo6ys8hGq+4oTx0knvMq1rYbadJeXXqoxruL3lB2dLLpD/m4mGaY12CubWIBMKz hxyRWo8pulImeX+kqyHqo1vrRI6CWJb2l0f+lbRCZwy0uPv53DGrMusCWzAHEQ2YxHqm EL1Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725484398; x=1726089198; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Um5MShfOMxXZjkpqkWyTUwDePf1tRxdH4wkBLde1v2s=; b=cpnaPyt4cPdoC5EdDrNDF2Ez27yU813sRO4dIkV3qKtZ+CdTsLcYOuLgOb0i3x9vhF pbh1/F0pPdxlNFK8UdnLfgVzHAWJlBaQkq+jCWUsYVzAFnuuRSRbw+rmerftPdIhdpRD 7MpCPTRhQuKBsJXULltwGaWeik1TcuCGk08ePuGZd5GSaBkXvnJ2M/YJetaGBVAsbTbv UyNGAJMTX/jvQATN8NDYSGc7q68qzRCGmNuhTmq7TNTHJBUauo2iAyx+gz3r3jMGP5MF O+uTveGAu3OR66Z9tWZXXHrNH3ASTYAY5TV78MD90RvtL/mYWlyTkEgVOx9VP1iuGHUz jRKw==
X-Forwarded-Encrypted: i=1; AJvYcCXgzQFy1sKbI/n5Ck1d/2X8ugWY8/nCQT1/yNF0AaB1XKBNsq+T0ckKZNO5ikfBa0OJp5U=@ietf.org
X-Gm-Message-State: AOJu0Yz6/GTiDFfK7u/1f5AZmZUx7tpkfG3zepirKxn/D8GHrsAYv/Kb eT18Z3eFS5WuGHpi4FE+PQI7Hy+o0YJVxfFA1t+n1k7Y208zz9w/1Zj+XmIK8WpMdwm0GLW3gIm iFwRTMXchOF5FTtIGN0F4v5xhRMQ=
X-Google-Smtp-Source: AGHT+IHCkxv0l1S/mMHroZJ2J3HRJLi9Doaix/SuLTjZXISINTti3hacInWWLm2fGUuOHTQXGKGioushcVQKc+Y08nU=
X-Received: by 2002:adf:a3d5:0:b0:374:ca43:cda5 with SMTP id ffacd0b85a97d-374ca43cfb2mr6570885f8f.0.1725484397651; Wed, 04 Sep 2024 14:13:17 -0700 (PDT)
MIME-Version: 1.0
References: <1E84DBF8-CA48-4CA9-A435-9E61E981D8DF@akamai.com> <6284E288-4F8E-4E2A-8335-5054D9D7A6DF@obtuse.com> <CAFR824xAxfUFrXyo5PZckJPqoM3fU8ESNrDHUfOKNzDF_jJZQA@mail.gmail.com> <A5E3474B-E3D5-4DA2-BCAD-D443B2A02B5A@akamai.com> <CAFR824y=stSf28Lt=bDoM2yCOHMAEt2OsaFPAY7dxGjx+-DHug@mail.gmail.com> <B7872890-71F2-41BC-9ED9-F085CB18FA95@akamai.com> <CAOgPGoBPtTmoKQOy27XbDUGr20VDYy7qDGoZWePhZhf9vX6SEQ@mail.gmail.com> <9857710d-b6ba-42b9-a690-6591a7030d61@cs.tcd.ie> <CAOgPGoDUkB_J-Wc_6NZEFqXG4iujJ4fTL++w=P44VFMsKJt9oQ@mail.gmail.com>
In-Reply-To: <CAOgPGoDUkB_J-Wc_6NZEFqXG4iujJ4fTL++w=P44VFMsKJt9oQ@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 04 Sep 2024 14:13:06 -0700
Message-ID: <CACsn0cm8XE4+-TJoFZyT4_rNkCbrENSBr=0NY_pHntNEUV8zQw@mail.gmail.com>
To: Joseph Salowey <joe@salowey.net>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: H3BHGUKK2L33YX6IOQDYUDPPB6QZMWVL
X-Message-ID-Hash: H3BHGUKK2L33YX6IOQDYUDPPB6QZMWVL
X-MailFrom: watsonbladd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, "TLS@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS] Re: FATT Process
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/1HE1ocL3eyHyl37q_LXa2S9hW0E>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On Wed, Sep 4, 2024 at 10:08 AM Joseph Salowey <joe@salowey.net> wrote:
>
>
>
> On Wed, Sep 4, 2024 at 9:45 AM Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>>
>>
>> Hi Joe,
>>
>> On 9/4/24 17:23, Joseph Salowey wrote:
>> > The
>> > current structure of the FATT does not allow for direct attribution of FATT
>> > feedback to specific individuals.
>>
>> That "does not allow" seems odd to me. Say if all reviewers are fine
>> with being accountable in the usual IETF manner, are you saying they
>> still could not be identified? If so, something's broken with that
>> process.
>>
> [Joe] As you say if all the reviewers are fine with being identified then they could be identified in the usual manner.  That is not the situation we are in right now.

Because of a massive disaster that some people decided we needed to
engage in out of a combination of (what in my admittedly biased view)
was equal measures optimism, and a heubristic desire to do something
we aren't good at to displace NIST from a perceived role it doesn't
actually have, we antagonized a lot of people needlessly. A decade
later and we still haven't been able to move past it. And just to make
explicit: this working group decided to ask CFRG to do something that
wasn't going to go well, and the results were worse than anticipated.
Unless we acknowledge that we're not going to be able to come up with
fixes.

Sincerely,
Watson Ladd

--
Astra mortemque praestare gradatim

v2.40.4 | Report a Bug | By Email | System Status