Re: [Trans] The trans threat analysis document
Stephen Kent <stephentkent@gmail.com> Fri, 03 August 2018 18:44 UTC
Return-Path: <stephentkent@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3AB213109A for <trans@ietfa.amsl.com>; Fri, 3 Aug 2018 11:44:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JyfPuyo7xeYz for <trans@ietfa.amsl.com>; Fri, 3 Aug 2018 11:44:05 -0700 (PDT)
Received: from mail-qt0-x234.google.com (mail-qt0-x234.google.com [IPv6:2607:f8b0:400d:c0d::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92E3B13109B for <trans@ietf.org>; Fri, 3 Aug 2018 11:44:05 -0700 (PDT)
Received: by mail-qt0-x234.google.com with SMTP id t5-v6so7246637qtn.3 for <trans@ietf.org>; Fri, 03 Aug 2018 11:44:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:references:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=QqUedAYcvpG4hM+dRVEFgRDWMwuvsw5zZDsTPSAbSfs=; b=WHE7lcpzZ7Oo/aLqym0Lpalt3HH3+qZ0foNZrmxCheJgjRxpQ58jqYHbG/Va0YpLr1 sKI0dc5KCt5YD1SlfypE0TgQoV4JtKKS8yXLHHiqxV0S54qOU3aOrXGfcb0z+JxDqFiB kOQWWfZw74N8mUC6HxLZcwWQ0TBu6DVOYEdJXBXeO3g7WtfQRZYi1JlR/U2iqafCbWdW 9/8OPXQ4ngt6jUq6R7Fmggi3EVd8zcZ6cBoI16jsW3I0NV6s1QBkBY0Crv+guRkJJT/u eEnPi1+0r1xvXrAfQxQwxoM5VE+FT7A0GXt/MM8MI63Mwe/P8tDt7E5A9LaTm7hqdtOw K7rA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:references:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=QqUedAYcvpG4hM+dRVEFgRDWMwuvsw5zZDsTPSAbSfs=; b=ZI74EN3cwDchXHDBkUyyyqmNsP32ABtiXgamY0wz86zCihmhIE09NsEllD7r2MiQQf 4r6nkbIq5P3K6dlVBXdjLFHHlrSq5TePoqbVaP/jSsMqDMmILYQDLMVMpCktwOsnNiA0 +QPhqv5xegvQnFvKGd883pWRxddCW5g6VlRCigska6e/kwl06IsiQvWp5+urL8v4ym53 HpjedextSgtPPNNzFwp/hplpAxWOBvHXQYfJUKhl90joNjiaGiYdCetBMgdBHC0JX23Z nDYeDzoW9m7nfEssPoXvSWp863H+lhcFkomr+y/bJ5LMsfovId82eevSG3IwfkIdVLt2 hWjw==
X-Gm-Message-State: AOUpUlGCZPX19QiqE/jGEUK/MmhmfffvQMzJfit4M0Q3cAJOsT19khYY krHMYwXZ/4Z3HGnCSYK21GJMkDD5
X-Google-Smtp-Source: AAOMgpdQxBiTn5y4tcS+uqqJ13iFfUYxqTS5nNSca+0nrLht1j4Z44XyXeNxXqgqDMOKqTFdwCix8w==
X-Received: by 2002:a0c:b39a:: with SMTP id t26-v6mr4484830qve.206.1533321844363; Fri, 03 Aug 2018 11:44:04 -0700 (PDT)
Received: from iMac-Study.fios-router.home (pool-72-74-32-219.bstnma.fios.verizon.net. [72.74.32.219]) by smtp.gmail.com with ESMTPSA id h6-v6sm1956119qtn.51.2018.08.03.11.44.03 for <trans@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 03 Aug 2018 11:44:03 -0700 (PDT)
From: Stephen Kent <stephentkent@gmail.com>
To: trans@ietf.org
References: <f001cfa3-e0bc-7d38-a240-4e5164e290f0@gmail.com> <53C30786-DFBA-4E6E-8C14-8224470911A0@akamai.com>
Message-ID: <03d7a8c3-a574-c944-f4f2-115abeafabca@gmail.com>
Date: Fri, 03 Aug 2018 14:44:02 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <53C30786-DFBA-4E6E-8C14-8224470911A0@akamai.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/XgupErwNtyrrc94sBUpIvdxLLJk>
Subject: Re: [Trans] The trans threat analysis document
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Aug 2018 18:44:08 -0000
The chair's message is a mis-characterization of the history and status of this document. As the cognizant AD, Eric Rescorla discussed the document status with the WG chairs early this year. Paul stated that that there were a two paragraphs in the version -12 text (in sections 3.4 and 3.5) that were sticking points for David Cooper. A telecon was arranged and took place on April 12. The participants were Paul, David, Eric, Richard Barnes (acting as secretary) and me. The outcome of that telecon was text, crafted by Richard, which was agreed to by all parties. This text was incorporated into the next version (-13) of the document which was published later in April. I assumed that were were done, but I was wrong. After this version was posted, David sent a large number (~29) of additional comments to the list. Thus Paul's assertion that there were only two paragraph that need to be changed to satisfy David was incorrect. I made changes based on all but 6 or 7 of David's comments. Most of his comments were straightforward and I agreed that the requested changes were appropriate. I posted a message detailing the changes and the rationale for not making changes for the remaining few comments. A new version (-14) was posted on May 29. I think the changes I made represent a good faith effort to address David's legitimate issues, especially since all of the telecon participants believed that we had already done so in April. Ryan Sleevi and I began an exchange based on his comments, on version -14. Ryan argued that some of the text did not represent the intent of CT, or the practice of CT implementations, based on his experience as a developer. I countered that the analysis is based on 6962-bis, and if that text was not consistent with intent and practice, from his perspective, then the document should change. We agreed to table our discussion pending relevant changes to 6962-bis. I believe there have been no changes to 6269-bis that are relevant to the points Ryan and I discussed, and thus no new version of the threat analysis is merited. Steve > Hi, all: > > Paul and I discussed the status of the threat document and > agree that it is not appropriate for chairs to make changes > to the content of working group documents in the absence of > working group consensus. We've been deadlocked on the > threat analysis document for several years now, and while > we would very much like for the parties who disagree to > find a compromise, and for the document to be published, it > does not weaken the protocol document if it is not. So, if > the authors and those who have issues with the current text > cannot find some compromise text before the working group > shuts down, the document will not be published as a working > group document. The authors, of course, are free to > pursue publication through alternative processes should they > continue to be unable to arrive at a compromise. > > Melinda
- [Trans] The trans threat analysis document Melinda Shore
- Re: [Trans] The trans threat analysis document Salz, Rich
- Re: [Trans] The trans threat analysis document Paul Wouters
- Re: [Trans] The trans threat analysis document Salz, Rich
- Re: [Trans] The trans threat analysis document Stephen Kent
- Re: [Trans] The trans threat analysis document Tim Hollebeek
- Re: [Trans] The trans threat analysis document Paul Wouters
- Re: [Trans] The trans threat analysis document Salz, Rich
- Re: [Trans] The trans threat analysis document David A. Cooper
- Re: [Trans] The trans threat analysis document Melinda Shore
- Re: [Trans] The trans threat analysis document David A. Cooper
- Re: [Trans] The trans threat analysis document Paul Wouters
- Re: [Trans] The trans threat analysis document Stephen Kent
- Re: [Trans] The trans threat analysis document Ryan Sleevi
- Re: [Trans] The trans threat analysis document Melinda Shore