[ + Benjamin ] On Wed, Mar 11, 2020 at 9:58 AM Michael Richardson <[email protected]> wrote: > > > Brian E Carpenter <[email protected]> wrote: > > Could those on the hook for the ACP and BRSKI drafts, which have been > > very seriously delayed, update the WG with the plan for getting them > > approved? It seems to me that there has been endless nitpicking, of the > > kind that is appropriate for full Standard status, but very surprising > > for Proposed Standard where there is no expectation of perfection. > > I don't know what kind of plan I can relate: It seems to be above my pay > grade. > > For BRSKI, since IETF106, all DISCUSSes, except Ben Kaduk's desire to have > the examples redone have been cleared.
Yes, Alissa cleared on 2020-01-24. Ben checked, and updated his DISCUSS on 2020-01-03, asking for the examples to be updated. He then updated again on 2020-02-24 pointing out errors. > I had originally tagged redoing that > for AUTH48 time, since all IANA allocations would be done by then. > All allocations have been done at this point, and in January I redid the > examples in the non-normative Appendix with the right OIDs. Ben found some > errors (one repeated certificate), and so I generated the examples again. I would not classify Ben's DISCUSS as "endless nitpicking" - he reviewed the changes, and updated on 2020-02-24 - here is the current ballot: "Thanks for the updated examples using the allocated MASA URL extension OID! Unfortunately, I think there are still some inconsistencies in the examples to resolve: The MASA cert/key is identical to the "manufacturer key pair for IDevID signatures" (C.1.1 and C.1.2). (It shows the MASA Subject CN, so maybe just the included file was typo'd?) The example IDevID cert shows an issuer name that doesn't match the cert given. (Also the MASA cert doesn't have a randomized serial number but the registrar one does.) The registrar-to-MASA voucher request in C.2.2 seems to have a CMS SignedData with the SignerIdentifier identifying the "Unstrung Fountain Root" (i.e,. the root CA used for these examples) instead of the expected "fountain-test.example.com". Am I misreading the ASN.1 dump? (We do seem to send both certificates.) The voucher response from MASA to Registrar seems to be signed by the "highway-test.example.com CA" (which would be the "manufacturer key pair for IDevID signatures" that we don't have in the -35 since the MASA certificate is repeated), not the MASA's cert from C.1.1." The authors quickly updated the document and posted a new version on 2020-02-26 ( ~2 weeks ago). As you can guess, the past few weeks have been busy - as well as discussions around cancelling (or not) IETF 107, there has been a big push to clear outgoing ADs documents, so that there is a clean handoff to the incoming ADs. I'm expecting Benjamin (who I have CCed) to review the changes again soon. > > I then asked Jim Schaad and Max Pritikin (a BRSKI co-author, who has been > redirected on other important Cisco work), to validate. Max reviewed, and > this resulted in an additional clarifiying sentence committed to the github. > (I thought I posted it on Monday, I don't seem to have. I will do that now. > > Warren Kumari has taken over as the sponsoring AD. Indeed -- I took over from Ignas on 2020-01-27 (~ 1.5 months ago) -- since then, Alissa has cleared her DISCUSS, and the authors have published 2 new versions (it is now at -37). Ben had asked for some updates, and these have been folded in, and the new issues should be reviewed soon. Since IETF 106, there have been 6 new revisions of the document, Benjamin has reviewed and updated his DISCUSS 3 times, Alissa has cleared her DISCUSS (Roman cleared just before the meeting), and I see ~36 emails on the draft (some off-topic, and a number of off-list pokings, etc). So, yes, I understand that this is really frustrating, and I fully agree that there have been many many delays that should not have occurred - but, I think that there is now significant progress happening... W > > > Can we expect these drafts to be approved in the next one or two weeks, > > for example? If not then, when? > > I know that ACP has gone through a similar set of DISCUSSes, and I think that > they are mostly all done. > I don't see an update from Ben. > > https://datatracker.ietf.org/doc/draft-ietf-anima-autonomic-control-plane/ballot/ > says that most have No Objections, rather than Yes. Three YES are needed to > override a DISCUSS. > I guess this document has been in front of the IESG since 2018 when Terry was > an AD! > > I think that the WG participants need to actively engage the DISCUSSes and > the choices that the WG has made. > > -- > Michael Richardson <[email protected]>, Sandelman Software Works > -= IPv6 IoT consulting =- > > > -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
