[Uta] Barry Leiba's Yes on draft-ietf-uta-xmpp-06: (with COMMENT)
"Barry Leiba" <barryleiba@computer.org> Mon, 20 April 2015 21:43 UTC
Return-Path: <barryleiba@computer.org>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63B811B3273; Mon, 20 Apr 2015 14:43:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yjn6AD-jmQn2; Mon, 20 Apr 2015 14:43:13 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0424B1B3271; Mon, 20 Apr 2015 14:43:13 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Barry Leiba <barryleiba@computer.org>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.0.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150420214313.17988.96083.idtracker@ietfa.amsl.com>
Date: Mon, 20 Apr 2015 14:43:13 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/uta/sZoj3knEMFKiCAPpjcYK9g4pe4o>
Cc: uta-chairs@ietf.org, draft-ietf-uta-xmpp.ad@ietf.org, uta@ietf.org, draft-ietf-uta-xmpp@ietf.org, draft-ietf-uta-xmpp.shepherd@ietf.org, leifj@sunet.se
Subject: [Uta] Barry Leiba's Yes on draft-ietf-uta-xmpp-06: (with COMMENT)
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Apr 2015 21:43:14 -0000
Barry Leiba has entered the following ballot position for draft-ietf-uta-xmpp-06: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: http://datatracker.ietf.org/doc/draft-ietf-uta-xmpp/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- -- Section 3.4 -- Wherever possible, it is best to prefer authenticated connections (along with SASL [RFC4422]), as already stated in the core XMPP specification [RFC6120]. In particular, clients MUST authenticate servers and servers MUST authenticate clients. How does "prefer" "whenever possible" match up with "MUST" and "MUST"? Ah, I see; in the next paragraph, we have server-to-server authentication, which isn't a MUST. Got it. So, purely optional if you agree with me, but I'd find it less confusing like this: NEW Wherever possible, it is best to prefer authenticated connections (along with SASL [RFC4422]), as already stated in the core XMPP specification [RFC6120]. In particular: * Clients MUST authenticate servers. * Servers MUST authenticate clients. * Servers SHOULD authenticate other servers. This document does not mandate that servers need to authenticate peer servers, although such authentication is strongly preferred. Unfortunately, [...etc...] END -- Section 3.6 -- I understand that, while most users won't understand it, there's value in trying to communicate to an end user that she is using a secure connection. I am very skeptical that there's the slightest bit of value in giving end users information about the version of TLS used, the mechanism for verification, the details of the certs (if any), or the details of the cipher suite. I'm certainly skeptical that making that available to end users should rise to the level of "strongly encouraged". I'm not going to block anything with regard to this, but I see this as something you might strongly encourage be available to an administrator, but not to an end user (other than, perhaps, by enabling detailed logging through an advanced setting, then inspecting the logs).
- [Uta] Barry Leiba's Yes on draft-ietf-uta-xmpp-06… Barry Leiba
- Re: [Uta] Barry Leiba's Yes on draft-ietf-uta-xmp… Peter Saint-Andre - &yet
- Re: [Uta] Barry Leiba's Yes on draft-ietf-uta-xmp… Peter Saint-Andre - &yet
- Re: [Uta] Barry Leiba's Yes on draft-ietf-uta-xmp… Barry Leiba