IETF Logo Mail Archive

Re: [Trans] Adam Roach's Discuss on draft-ietf-trans-rfc6962-bis-31: (with DISCUSS and COMMENT)

Alissa Cooper <alissa@cooperw.in> Wed, 13 March 2019 14:53 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 583531277D6; Wed, 13 Mar 2019 07:53:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.8
X-Spam-Level:
X-Spam-Status: No, score=-0.8 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cooperw.in header.b=pB/JRXIo; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=1vRrvb43
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MmdsImqC8VMe; Wed, 13 Mar 2019 07:53:32 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E2521277D2; Wed, 13 Mar 2019 07:53:32 -0700 (PDT)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 7E0122553D; Wed, 13 Mar 2019 10:53:31 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute7.internal (MEProxy); Wed, 13 Mar 2019 10:53:31 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cooperw.in; h= content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=fm2; bh=z +/RUVzuKxnPW6V0vHCWvwe+E/QEsO+2mo5ANFypf94=; b=pB/JRXIoIzolqKEXV RdvfVtIp90XkQWH8cEBjSi/YAUkIFmXlyAZbSOmucj+VipW+/1Rph9kJqtwq/xrv DXhMv2AYSO5jyX4+++72sn0FgVndxGRShQTd4rwfoYOslZwz0j56RZwpfnj1QuoP ZkwRhYvyxJVwhLtLeKlFZL7DaPKxlRjKNO0ILAIOH8lYAGWQnUdoGwQthCImRv3g 83Mg0R/VyH/KSpQz62ERx741XLtWx9xfzNI71C8qhia+dXnQg2wubAAGxWvt6MFp rWOjWbxVsS0gYMcye/crPwoVoDqILnacOD3gXJjKA5lBJ4fC5la8Ei/xQIUEbRru ZmlCw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=z+/RUVzuKxnPW6V0vHCWvwe+E/QEsO+2mo5ANFypf 94=; b=1vRrvb43O3lTS+0AD3xWU715gSgrM44wEJu07ArDNx5isMOgatbsVdLwE XRB0L/bMGkeU70rV4PPYAu43MD1+mJp81DTXul9tfrsjYFNHr1fvSSKZ4+0fMgy+ me4J2gCmV7CK23/T5s53OnNDF7BEbDNhMv7SbXnS28+IR79afJrjIEkpwOT3KXXl 5JtHHVxdB5dT08596nEMv4PMt9XUkw3URdzyRYDmEBJqbK8xtz4pD4q7Jngz4AnZ RV6njCvkb5TvKpCcNKveBXcJn4KvCusVZU24w99RKlWj9sc5lz2jLrD5YRo1yy9I 6JqEeBX7G5PUeQNBP42+O5Rhz5eQg==
X-ME-Sender: <xms:ahmJXCEctYYC0Jzh8OzK04oxkt-J2o8RHgTxibfI4E3z11ogiBWI6Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrhedtgdeilecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpegtggfuhfgjfffgkfhfvffosehtqhhmtdhhtdejnecuhfhrohhmpeetlhhishhs rgcuvehoohhpvghruceorghlihhsshgrsegtohhophgvrhifrdhinheqnecuffhomhgrih hnpehivghtfhdrohhrghenucfkphepudejfedrfeekrdduudejrdeiheenucfrrghrrghm pehmrghilhhfrhhomheprghlihhsshgrsegtohhophgvrhifrdhinhenucevlhhushhtvg hrufhiiigvpedt
X-ME-Proxy: <xmx:ahmJXK8YhpbZTO0sX_wwI_qxfb9ISwrhCnAo8mAA1paUiSBLu8AUFA> <xmx:ahmJXMXDYipCcvUtPoR1Nf-k5FRb44A3Jj5IYaUZUxRagORj0Cmxlw> <xmx:ahmJXEE-Tn7A-Uhzjma5W1-ig4P7uP-RfjSj3vVdtsDBnUMwVf9qow> <xmx:axmJXOMXeR73q7m0aKeWhbnfI5k1aknsPK7X6MjvQ8A0hLC6xlC2qg>
Received: from rtp-alcoop-nitro5.cisco.com (unknown [173.38.117.65]) by mail.messagingengine.com (Postfix) with ESMTPA id D22BB10345; Wed, 13 Mar 2019 10:53:29 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Alissa Cooper <alissa@cooperw.in>
In-Reply-To: <7017B332-62F8-47BC-94EE-02ABDB7C1B14@kuehlewind.net>
Date: Wed, 13 Mar 2019 10:53:28 -0400
Cc: Eric Rescorla <ekr@rtfm.com>, trans-chairs@ietf.org, Trans <trans@ietf.org>, Adam Roach via Datatracker <noreply@ietf.org>, draft-ietf-trans-rfc6962-bis@ietf.org, IESG <iesg@ietf.org>, Paul Wouters <paul@nohats.ca>
Content-Transfer-Encoding: quoted-printable
Message-Id: <4D3DEA6C-7526-4045-AA5E-AC7039CA04F4@cooperw.in>
References: <155245900142.5466.15600148045977298644.idtracker@ietfa.amsl.com> <CABcZeBNMt8y7EoFr3PXR84zPgvssp5=B2x7-7sQOb4wM_94RGg@mail.gmail.com> <7017B332-62F8-47BC-94EE-02ABDB7C1B14@kuehlewind.net>
To: Mirja Kuehlewind <ietf@kuehlewind.net>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/HLPqGYyxVssWnEccw_d_12WMuJQ>
Subject: Re: [Trans] Adam Roach's Discuss on draft-ietf-trans-rfc6962-bis-31: (with DISCUSS and COMMENT)
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2019 14:53:35 -0000

Hi Mirja,

> On Mar 13, 2019, at 10:19 AM, Mirja Kuehlewind <ietf@kuehlewind.net> wrote:
> 
> HI Ekr,
> 
> I actually have a related question. As this document is rather specifying a new version than “just” correcting an existing spec, it’s not really clear to me if the obsolete tag is the right choice here. I know some other protocols do this in a similar fashion, but I would rather recommend to only update the previous version RFC (in order to create a link to this new spec) or declare it historic if usage is not recommended anymore. I think that's also something we should discuss on the IESG.

We have a statement that explains our current position: https://www.ietf.org/blog/iesg-statement-designating-rfcs-historic/

Alissa

> 
> Coming back to your original question about how much should be changed in a bis document. I think this is a valid question for bis doc that correct known errors. However, in case of this document that specifies a new version, I think it is the right thing to do to also align such a new version with the guidelines we follow at the time of publication.
> 
> Mirja
> 
> 
>> On 13. Mar 2019, at 14:28, Eric Rescorla <ekr@rtfm.com> wrote:
>> 
>> 
>> 
>> On Tue, Mar 12, 2019 at 11:36 PM Adam Roach via Datatracker <noreply@ietf..org> wrote:
>> Adam Roach has entered the following ballot position for
>> draft-ietf-trans-rfc6962-bis-31: Discuss
>> 
>> When responding, please keep the subject line intact and reply to all
>> email addresses included in the To and CC lines. (Feel free to cut this
>> introductory paragraph, however.)
>> 
>> 
>> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
>> for more information about IESG DISCUSS and COMMENT positions.
>> 
>> 
>> The document, along with other ballot positions, can be found here:
>> https://datatracker.ietf.org/doc/draft-ietf-trans-rfc6962-bis/
>> 
>> 
>> 
>> ----------------------------------------------------------------------
>> DISCUSS:
>> ----------------------------------------------------------------------
>> 
>> Thanks to everyone who worked on updating this protocol to reflect experience
>> gathered from the initial CT protocol. I have one blocking comment, and a small
>> number of editorial suggestions.
>> 
>> ---------------------------------------------------------------------------
>> 
>> §5:
>> 
>>> Clients are configured with a base URL for a log and construct URLs
>>> for requests by appending suffixes to this base URL.  This structure
>>> places some degree of restriction on how log operators can deploy
>>> these services, as noted in [RFC7320].  However, operational
>>> experience with version 1 of this protocol has not indicated that
>>> these restrictions are a problem in practice.
>> 
>> The synthesis of URLs by a protocol in this fashion is prohibited by BCP 190:
>> 
>>   Scheme definitions define the presence, format, and semantics of a
>>   path component in URIs; all other specifications MUST NOT constrain,
>>   or define the structure or the semantics for any path component.
>> 
>> Unless the intention of this document is to update BCP 190 to change this
>> normative requirement, we can't publish it in its current form. Note that doing
>> so would require a change of venue, as updates to BCP 190 would not be covered
>> by the current TRANS charter.
>> 
>> Please see BCP 190 section 3 for alternate approaches. All three approaches
>> could be made to work for CT, and I would be happy to explain how to do so if
>> clarification is desired.
>> 
>> While I agree that this is forbidden by BCP 190, this structure is inherited from
>> RFC 6962, which predated 7320, so making that change seems like it's going
>> to be fairly disruptive. This seems like it is falling into our discussion the other
>> day about what must be changed in -bis documents.
>> 
>> -Ekr
>> 
>> 
>> 
>> ----------------------------------------------------------------------
>> COMMENT:
>> ----------------------------------------------------------------------
>> 
>> §1.1:
>> 
>>> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
>>> "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
>>> document are to be interpreted as described in [RFC2119].
>> 
>> Consider using the boilerplate from RFC 8174.
>> 
>> ---------------------------------------------------------------------------
>> 
>> §1.3:
>> 
>>> This document revises and obsoletes the experimental CT 1.0 [RFC6962]
>>> protocol, drawing on insights gained from CT 1.0 deployments and on
>>> feedback from the community.
>> 
>> Given that *this* document is also experimental, it seems a bit odd to call out
>> RFC 6962 as experimental.
>> 
>> ---------------------------------------------------------------------------
>> 
>> §2.1.1:
>> 
>>> We have established a registry of acceptable hash algorithms (see
>> 
>> The use of first person here is awkward. Consider: "This document
>> establishes..."
>> 
>> ---------------------------------------------------------------------------
>> 
>> §10.2:
>> 
>>> | 0x01 - | Unassigned |                        | Specification      |
>>> | 0xDF   |            |                        | Required and       |
>>> |        |            |                        | Expert Review      |
>> 
>> The policy being cited here is confusing. It is unclear whether the intention is
>> that values can be registered under both §4.5 and §4.6 of RFC 8126. I suspect
>> the intention here is the policy specified in RFC 8126 §4.6 only, without
>> reference to the policy in §4.5. If so, please use the formal name
>> "Specification Required."
>> 
>> ---------------------------------------------------------------------------
>> 
>> §10.4:
>> 
>>> | 0x0008 -    | Unassigned           | Specification Required and   |
>>> | 0xDFFF      |                      | Expert Review                |
>> 
>> Same comment as above.
>> 
>> ---------------------------------------------------------------------------
>> 
>> §10.5:
>> 
>>> | 0x0000 -      | Unassigned | n/a | Specification Required and     |
>>> | 0xDFFF        |            |     | Expert Review                  |
>> 
>> Same comment as above.
>> 
>> 
>

v2.23.0 | Report a Bug | By Email