Re: Last Call: Recognising RFC1984 as a BCP
Dave Crocker <dhc@dcrocker.net> Mon, 10 August 2015 20:18 UTC
Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9DD41B3DA1; Mon, 10 Aug 2015 13:18:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.5
X-Spam-Level:
X-Spam-Status: No, score=-1.5 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cgup9oyItEbH; Mon, 10 Aug 2015 13:18:21 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF15F1B3DA0; Mon, 10 Aug 2015 13:18:21 -0700 (PDT)
Received: from [192.168.1.87] (76-218-10-206.lightspeed.sntcca.sbcglobal.net [76.218.10.206]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id t7AKILgC027858 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 10 Aug 2015 13:18:21 -0700
Message-ID: <55C9070B.1050407@dcrocker.net>
Date: Mon, 10 Aug 2015 13:18:19 -0700
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: ietf@ietf.org, IETF-Announce <ietf-announce@ietf.org>
Subject: Re: Last Call: Recognising RFC1984 as a BCP
References: <20150810171306.11047.24159.idtracker@ietfa.amsl.com>
In-Reply-To: <20150810171306.11047.24159.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Mon, 10 Aug 2015 13:18:21 -0700 (PDT)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/aouNalBgYg-J__9b2A7fkjr0wHE>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2015 20:18:23 -0000
> The IESG has received a request from an individual participant to make > the following status changes: > > - RFC1984 from Informational to Best Current Practice > (IAB and IESG Statement on Cryptographic Technology and the Internet) > > The supporting document for this request can be found here: > > https://datatracker.ietf.org/doc/status-change-rfc1984-to-best-current-practice/ This document pertains to an especially important and difficult topic. If IETF approval of such a document is to have the utility we expect for it, we need to be clear about that intended effect, clear how the document addresses it, and clear about its robustness against misinterpretation or dismissal by those needing to attend to the document but disinclined to do so or actively interested in undermining it. The supporting document asserts consensus within the ad-hoc saag group has a number of basic problems. So the document is an individual submission but relies on purported group rough consensus that was never established. First, saag is an accidental group that had no specific, documented task for considering this draft. As such, some who might have wished to participate in thoughtful discussion of this topic had no way to know about it. Second, discussion on the list was entirely ad hoc, with no convergence and (rough) consensus processes. The only consensus-related process concerning this document was during the saag session during the IETF meeting in Prague. There was no followup on the saag mailing list or any other. Hence the supporting document's second paragraph's reasons for rejecting an effort to revise the document have no documentable foundation. As an example of the randomness of the mailing list discussions, points I raised about the reasons a revised document is needed to respond to the current pervasive monitoring concerns received no substantive responses. Making a carefully-considered (rough) consensus choice against concerns is one thing. Ignoring them completely is quite another. The relevant portions of my posting to the saag list: -------- Forwarded Message -------- Subject: Re: [saag] keys under doormats: is our doormat ok? Date: Mon, 13 Jul 2015 12:38:09 -0700 From: Dave Crocker <dhc2@dcrocker.net> Reply-To: dcrocker@bbiw.net To: saag@ietf.org <saag@ietf.org> On 7/12/2015 5:23 PM, Christian Huitema wrote: >> So I suggest that one of the plenaries contain a capsule summary >> -- bulleted list -- of the points folk think should be made in the >> revision, and that a 'sense ofthe room' be taken during the >> plenary. > General agreement, but I would rather not call this a revision. > Maybe something like "reaffirm." It's more than reaffirm. Possibly quite a bit more. The existing document has a very strong focus on export control and sharing of keys. The current issue is backdoors, and the like. While the existing document does list the need for private keys to be private, it's not really dealt with in the surrounding text. Changing that would be a substantive, compatible addition to the existing document. Also the existing document does not contain an explicit and affirmative statement of the basic, high-level requirements on a security mechanism. The closest it comes to a statement of principle in the document is: Security mechanisms being developed in the Internet Engineering Task Force to meet these needs require and depend on the international use of adequate cryptographic technology. The sentence after that applies the above to the particulars that the document addresses: Ready access to such technology is therefore a key factor in the future growth of the Internet as a motor for international commerce and communication. "Access" was the issue of the day. Today's issue is not the same, though of course it is firmly attached to the first of the above statements. In effect, the document could benefit from discussion at a higher level and at a lower level. The higher level is a more complete statement of the purpose, benefit and necessity of effective communication privacy, and clarity about what that benefit means to users. At the lower level, the document could benefit from some pragmatics, along the lines of what Stephen has suggested: What should a working group dealing with this realm of technology do and not do? When we approve something purporting to provide a component of 'security', what basic expectations of that mechanism or system should its consumers expect from it? To put it a bit grandly, what is the 'philosophy' of security that the IETF is applying? For example, I believe the current issue hinges on an IETF belief that those who choose to do encryption should be able to control who is authorized and able to do the decryption. Also there has been quite a bit of public discussion, this time around, and the document should reflect on that activity. ... In sum, I think the revised document should: 0. Establish the current context including examples of related public contributions. One recent publication would be obvious to include... 1. Provide statements of IETF principles about the nature and requirements for privacy-related technologies, explicitly citing relevant examples that would violate this. 2. Explain every 'what' with a 'why'. For each thing claimed to be good or bad, explain the implications of ignoring the claim. 3. Give guidance that IETF efforts can use in designing new mechanisms, formats, etc. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
- Re: Last Call: Recognising RFC1984 as a BCP Paul Hoffman
- Re: Last Call: Recognising RFC1984 as a BCP Roy T. Fielding
- Re: Last Call: Recognising RFC1984 as a BCP Eliot Lear
- Re: Last Call: Recognising RFC1984 as a BCP Dave Crocker
- Re: Last Call: Recognising RFC1984 as a BCP Harald Alvestrand
- Re: Last Call: Recognising RFC1984 as a BCP Eliot Lear
- Re: Last Call: Recognising RFC1984 as a BCP Brian E Carpenter
- Re: Last Call: Recognising RFC1984 as a BCP Randy Bush
- Re: Last Call: Recognising RFC1984 as a BCP Roy T. Fielding
- Re: Last Call: Recognising RFC1984 as a BCP Michael Richardson
- Re: Last Call: Recognising RFC1984 as a BCP Brian E Carpenter
- Re: Last Call: Recognising RFC1984 as a BCP Eliot Lear
- Re: Last Call: Recognising RFC1984 as a BCP Joseph Lorenzo Hall
- Re: Last Call: Recognising RFC1984 as a BCP Stephen Farrell
- Re: Last Call: Recognising RFC1984 as a BCP Paul Wouters
- Re: Last Call: Recognising RFC1984 as a BCP Bob Hinden
- Last Call: Recognising RFC1984 as a BCP Daniel Kahn Gillmor
- Fwd: Last Call: Recognising RFC1984 as a BCP Hugo Maxwell Connery
- Re: Last Call: Recognising RFC1984 as a BCP Eliot Lear
- Re: Last Call: Recognising RFC1984 as a BCP Sam Hartman
- Fwd: Last Call: Recognising RFC1984 as a BCP Michael Richardson
- Re: Last Call: Recognising RFC1984 as a BCP John C Klensin
- Re: Last Call: Recognising RFC1984 as a BCP Joe Touch
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… Joe Touch
- Re: Fwd: Last Call: Recognising RFC1984 as a BCP Stephen Farrell
- Re: Fwd: Last Call: Recognising RFC1984 as a BCP Joe Touch
- Re: Last Call: Recognising RFC1984 as a BCP Kathleen Moriarty
- Re: Fwd: Last Call: Recognising RFC1984 as a BCP Sam Hartman
- Re: Last Call: Recognising RFC1984 as a BCP David Farmer
- Re: Last Call: Recognising RFC1984 as a BCP Dave Crocker
- Re: Fwd: Last Call: Recognising RFC1984 as a BCP Joe Touch
- Re: Fwd: Last Call: Recognising RFC1984 as a BCP Brian E Carpenter
- Re: Fwd: Last Call: Recognising RFC1984 as a BCP Joe Touch
- Re: Last Call: Recognising RFC1984 as a BCP Scott O. Bradner
- Re: Last Call: Recognising RFC1984 as a BCP Scott O. Bradner
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… Stephen Farrell
- Re: Last Call: Recognising RFC1984 as a BCP Joe Touch
- Re: Last Call: Recognising RFC1984 as a BCP Pete Resnick
- Re: Last Call: Recognising RFC1984 as a BCP Joseph Lorenzo Hall
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… Joe Touch
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… Stephen Farrell
- Re: Fwd: Last Call: Recognising RFC1984 as a BCP Nico Williams
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… John C Klensin
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… Stephen Farrell
- Re: Last Call: Recognising RFC1984 as a BCP IAB Chair
- Re: Last Call: Recognising RFC1984 as a BCP Fred Baker (fred)
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… John C Klensin
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… Stephen Farrell
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… Nico Williams
- Re: Last Call: Recognising RFC1984 as a BCP Roy T. Fielding
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… Randy Bush
- Re: Last Call: Recognising RFC1984 as a BCP Eliot Lear
- Re: Last Call: Recognising RFC1984 as a BCP Roy T. Fielding
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… John C Klensin
- Re: Last Call: Recognising RFC1984 as a BCP Joe Touch
- Re: Last Call: Recognising RFC1984 as a BCP Nico Williams
- Re: Last Call: Recognising RFC1984 as a BCP Harald Alvestrand
- Re: Last Call: Recognising RFC1984 as a BCP ned+ietf
- Re: Last Call: Recognising RFC1984 as a BCP Roy T. Fielding
- Re: Last Call: Recognising RFC1984 as a BCP Harald Alvestrand
- Re: Last Call: Recognising RFC1984 as a BCP Stewart Bryant
- Re: Last Call: Recognising RFC1984 as a BCP Dave Crocker
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… Michael StJohns
- Re: Last Call: Recognising RFC1984 as a BCP Stewart Bryant
- Re: Last Call: Recognising RFC1984 as a BCP Dave Crocker
- Re: Last Call: Recognising RFC1984 as a BCP Stewart Bryant
- Re: Last Call: Recognising RFC1984 as a BCP Joe Abley
- Re: Last Call: Recognising RFC1984 as a BCP Roy T. Fielding
- Re: Last Call: Recognising RFC1984 as a BCP Stephen Farrell
- Re: Last Call: Recognising RFC1984 as a BCP Joe Abley
- Re: Last Call: Recognising RFC1984 as a BCP Sam Hartman
- Re: [saag] Fwd: Last Call: Recognising RFC1984 as… John C Klensin
- Re: Last Call: Recognising RFC1984 as a BCP Eliot Lear
- Re: Last Call: Recognising RFC1984 as a BCP james woodyatt
- Re: [saag] Last Call: Recognising RFC1984 as a BCP Pete Resnick
- Re: [saag] Last Call: Recognising RFC1984 as a BCP Michael StJohns
- Re: [saag] Last Call: Recognising RFC1984 as a BCP Stephen Farrell
- Re: [saag] Last Call: Recognising RFC1984 as a BCP Pete Resnick
- Re: [saag] Last Call: Recognising RFC1984 as a BCP Michael StJohns
- Re: Last Call: Recognising RFC1984 as a BCP John Levine
- Re: Last Call: Recognising RFC1984 as a BCP Stewart Bryant
- Re: Last Call: Recognising RFC1984 as a BCP Brian E Carpenter
- Re: Last Call: Recognising RFC1984 as a BCP Michael StJohns
- Re: Last Call: Recognising RFC1984 as a BCP Eliot Lear
- Re: [saag] Last Call: Recognising RFC1984 as a BCP Stephen Farrell
- Re: [saag] Last Call: Recognising RFC1984 as a BCP manning
- Re: [saag] Last Call: Recognising RFC1984 as a BCP John Leslie
- Re: [saag] Last Call: Recognising RFC1984 as a BCP Donald Eastlake
- Re: Last Call: Recognising RFC1984 as a BCP John G. Scudder
- Re: Last Call: Recognising RFC1984 as a BCP John Leslie
- Re: Last Call: Recognising RFC1984 as a BCP Stewart Bryant
- Re: Last Call: Recognising RFC1984 as a BCP Brian E Carpenter
- Re: Last Call: Recognising RFC1984 as a BCP Simon Josefsson
- Re: Last Call: Recognising RFC1984 as a BCP Stewart Bryant
- Re: Last Call: Recognising RFC1984 as a BCP John Levine
- Re: Last Call: Recognising RFC1984 as a BCP John Leslie
- Re: Last Call: Recognising RFC1984 as a BCP Brian E Carpenter
- Re: Last Call: Recognising RFC1984 as a BCP Eliot Lear
- Re: Last Call: Recognising RFC1984 as a BCP Harald Alvestrand
- Re: Last Call: Recognising RFC1984 as a BCP Eric Burger
- Nuanced points and RFC 1984 Eliot Lear
- Re: Nuanced points and RFC 1984 Eliot Lear
- Re: Nuanced points and RFC 1984 Stewart Bryant
- Re: Nuanced points and RFC 1984 Eric Burger
- Re: Last Call: Recognising RFC1984 as a BCP Dave Crocker
- Re: Last Call: Recognising RFC1984 as a BCP Stewart Bryant
- Re: Last Call: Recognising RFC1984 as a BCP Dave Crocker
- Re: Nuanced points and RFC 1984 Brian E Carpenter
- Re: Nuanced points and RFC 1984 Eliot Lear
- Re: Nuanced points and RFC 1984 Harald Alvestrand
- Re: Last Call: Recognising RFC1984 as a BCP t.p.
- Re: Nuanced points and RFC 1984 Eliot Lear
- Re: Last Call: Recognising RFC1984 as a BCP Måns Nilsson
- Re: Last Call: Recognising RFC1984 as a BCP Avri Doria
- Re: Last Call: Recognising RFC1984 as a BCP John Curran
- Re: Last Call: Recognising RFC1984 as a BCP Dave Crocker
- Re: Last Call: Recognising RFC1984 as a BCP Randy Bush
- Re: Last Call: Recognising RFC1984 as a BCP John Curran
- Re: Last Call: Recognising RFC1984 as a BCP John Curran
- Re: Last Call: Recognising RFC1984 as a BCP Stephen Farrell
- Re: Last Call: Recognising RFC1984 as a BCP Spencer Dawkins at IETF
- Re: Last Call: Recognising RFC1984 as a BCP Brian E Carpenter
- Re: Last Call: Recognising RFC1984 as a BCP Eliot Lear
- Re: Last Call: Recognising RFC1984 as a BCP John Curran