Re: [Drip] Paul Wouters' No Objection on draft-ietf-drip-auth-47: (with COMMENT)
Robert Moskowitz <rgm@labs.htt-consult.com> Fri, 16 February 2024 15:02 UTC
Return-Path: <rgm@labs.htt-consult.com>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F937C14F6A6; Fri, 16 Feb 2024 07:02:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CeHlVAoEaXUH; Fri, 16 Feb 2024 07:02:41 -0800 (PST)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECA12C14F5E5; Fri, 16 Feb 2024 07:02:40 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 7B1B962574; Fri, 16 Feb 2024 10:02:04 -0500 (EST)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id e4ujfb1zXYYT; Fri, 16 Feb 2024 10:01:57 -0500 (EST)
Received: from [192.168.160.29] (unknown [192.168.160.29]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id B556C62434; Fri, 16 Feb 2024 10:01:56 -0500 (EST)
Message-ID: <44cf8907-7cd6-4922-8493-66416289d730@labs.htt-consult.com>
Date: Fri, 16 Feb 2024 10:02:26 -0500
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: Paul Wouters <paul.wouters=40aiven.io@dmarc.ietf.org>, mohamed.boucadair@orange.com
Cc: The IESG <iesg@ietf.org>, draft-ietf-drip-auth@ietf.org, drip-chairs@ietf.org, tm-rid@ietf.org
References: <DU2PR02MB101609FA44EA95A22D144DE72884D2@DU2PR02MB10160.eurprd02.prod.outlook.com> <090F3466-02A5-4D44-AE4C-EE333B9ECD90@aiven.io>
From: Robert Moskowitz <rgm@labs.htt-consult.com>
In-Reply-To: <090F3466-02A5-4D44-AE4C-EE333B9ECD90@aiven.io>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/_lGEQR7bsH-OYOTsq6kV6kjF3eU>
Subject: Re: [Drip] Paul Wouters' No Objection on draft-ietf-drip-auth-47: (with COMMENT)
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Drone Remote Identification Protocol <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Feb 2024 15:02:42 -0000
ASTM F3411 defined the Authentication messages but punted the actual content to others. They did not / do not have the expertise to do this. They DO show how an Internet-based validation service could work; but it has holes. So Yes, it "fell" to the IETF to do the heavy lifting to make this available to the aviation community. ASTM F3411-22a actually references the DRIP work (and Qualcomm's IEEE 1609.2) as registered Authentication methods. A year ago, I was consulting one EU cellular company on how they could get their approach approved by the F3411 experts. Nothing has come from this. I got the drift that senior management felt they would have to expose too much of their "secret sauce" to get approvals. And no way to make billions on the effort. With all due regard to others that have worked on trust for the UA Broadcast Remote ID, only the DRIP works is complete and open. Here we have that open, peer review, that keeps us focused on all the nits. Bob On 2/16/24 09:03, Paul Wouters wrote: > On Feb 15, 2024, at 06:09, mohamed.boucadair@orange.com wrote: >> >>> I'm a little puzzled why this is an IETF document. It feels more like >>> a [F3411] >>> extension ? >> [Med] The WG discussed that issues in "Explain why it makes sense to define an IETF extension to a scheme that is defined in an external body (ASTM)" (https://github.com/ietf-wg-drip/draft-ietf-drip-auth/issues/2) and the justification is recorded in the draft: > It justifies why a standard and registry is needed. It does not really say why the IETF should be that body. I just noticed that the entire document is basically about non-ietf protocols. > > >>> I understand transports being out of scope but not DNS security >>> options? If >>> pulling key material from DNS, I think one should call out DNSSEC, or >>> even >>> mandate it. >>> >> [Med] DNSSEC is called out in the sentence right after the one you quoted: >> >> [drip-registries] is the main specification for DNS operations in >> DRIP and as such will specify DRIP usage of best common practices for >> security (such as [RFC9364]). >> >> Do you think mentioning of RFCs 4033, 4034, and 4035 is better than BCP 237? > No, BCP237 is the right quote. But perhaps remove or reduce the sentence so it doesn’t exclude dns security options and then references something about dns security options ? > > Note that these were non-blocking comments. The authors are free to choose to take no further action on this. > > Paul >
- [Drip] Paul Wouters' No Objection on draft-ietf-d… Paul Wouters via Datatracker
- Re: [Drip] Paul Wouters' No Objection on draft-ie… mohamed.boucadair
- Re: [Drip] Paul Wouters' No Objection on draft-ie… Paul Wouters
- Re: [Drip] Paul Wouters' No Objection on draft-ie… Robert Moskowitz
- Re: [Drip] Paul Wouters' No Objection on draft-ie… Adam Wiethuechter