-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Joel Halpern wrote: > I was talking about a reference to a document in a version > repository (a github repository). The comment had nothing to do > with the corporation "github". The issue is that the content of > the reference is not stable. As Tor evolves, the content of that > document changes. For many purposes, that is a good thing. For > informative references, this is also fine. For normative > references, that is references which must be understood to fully > understand the document, they must reference stable content. (URIs > are allowed if there is reasonable expectation that the content is > stable.)
If the problem is solely the stability of the reference, then here's an idea I don't think has been floated yet: include the Git revision in the normative reference. It's functionally identical to e.g. including a DOI - as long as you have a copy of the repository that is newer than the date of the referencing RFC, then you can obtain a stable copy of the documents at that time. That is IMHO a far easier reference to look up than many non-RFC normative references, because the git repository is distributed far and wide, and any mirror/copy of it can provide an authentic stable copy of the documents. This is because the Git revision is essentially a hash of the entire repository and its history at that point in time, and can be considered a unique identifier (at least until an SHA-1 preimage is found, but even that would only allow a malicious adversary to fake their own copy of the repository, not alter anyone else's). str4d > > Which means that the real question is whether the references need > to be understood to understand the registration. This judgment > belongs to the IESG, not to me. I reviewed based on my > understanding. If the assignment to Tor of .onion is for any use > that Tor chooses, then indeed the references are informative. If > the assignment is for use for some specific problem and behavior, > then the references are normative. The wording of the draft led me > to believe it was the latter. In either case, the draft should be > clear about what it is doing. > > Yours, Joel > > -----Original Message----- From: Alec Muffett [mailto:[email protected]] > Sent: Thursday, September 03, 2015 11:32 AM To: Joe Abley Cc: > hellekin; [email protected]; Brian Haberman; > [email protected]; [email protected]; > [email protected]; [email protected]; > [email protected]; Jari Arkko; The IESG; > Joel Halpern Subject: Re: [DNSOP] Jari Arkko's No Record on > draft-ietf-dnsop-onion-tld-00: (with COMMENT) > > Hi Joe! > > >> On Sep 3, 2015, at 4:02 PM, Joe Abley <[email protected]> >> wrote: Pretty sure Joel was just referring to where the current >> documentation is stored, not poking sticks at corporations. > > Just in order to fight potential confusion at any point where it > might flare up, lest other folk jump into this discussion and try > running with it: > > * The Tor specifications and code are on a Git repository owned by > the Tor project, not at Github. A simple DNS lookup will confirm > this: > > $ dig gitweb.torproject.org ; <<>> DiG 9.8.3-P1 <<>> > gitweb.torproject.org […] ;; ANSWER SECTION: gitweb.torproject.org. > 3600 IN CNAME vineale.torproject.org. vineale.torproject.org. 3600 > IN A 154.35.132.68 > > - so, any arguments which involve Github (Incorporated) are poorly > grounded. > > Continuing: > > >> There's nothing in 6761 section 5 that demands a reference to a >> stable specification. The fact that there's any reference at all >> is a courtesy. > > > Per my previous e-mail, I would be happy to pluck out > specifications, especially if they are blocking progress, because I > see their inclusion as irrelevant to the matter of registering the > special use domain name. > > -a > > > > — Alec Muffett Security Infrastructure Facebook Engineering London > > > _______________________________________________ DNSOP mailing list > [email protected] https://www.ietf.org/mailman/listinfo/dnsop > -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJV6OwOAAoJEBO17ljAn7PgWJsP/3gcWIUMKPayC43SmnRqjZ54 Q8H+h/Ma5a5KGdbdZd/DVW2FELLW3CS7mccbymEfoxfiDY09+FqjU/vsxSV5Ucub XnUJUjmEP89FWUBL8VTUl6bXOpijtUq1Luw9hbE7eKsGqjHTFhESf1/H1NQsqLW7 7Z6q13yMgPx6X41+ls2i8yrf7hZth/aRo8e+GByecGkYC8Eti2FbX7ye8jWemWno 2F+pDzfUVWoVnAwpmL+UzEzfWKHxI6p1W9xC6K0/iy+qXmqN63crTMtMLFojDVoK lUhjeQGw8l9SqBHTL+KmROZVK/0MdHPeHum+PRfgZA39XSkORdjnfwvGxsjryocH m1EysD/YuPdBdZMoe4m5UUafVifvfhdaWKxZ6rkKRnG5DoU309VxtpTCdsjW8X7s 1OSU8NPctAKYs7VGk8uk6k0G46DProPp2TV5PPFb63Zgq2ywHdlbkaJ8XHED8tlY x5xQ5wiekvYH7gHDoSU8k8+3l8N21KG9CwJ42ICOgE2SYB5uhkL7NCXJ0iAZKwNw B6h6bnAKjveezkf+D6yEtlKQ7fl8ber7x4tXAAm85XIPK0A23LBTQfu73vZ+aIXX sUUc//ijtg+tS4Rckx1Qx/NeZzkwCj+SZmKKQp+1ptFNc0lVLnsFIvT8z6lSBUmJ QZGsJ+XN5V3uBEBdJBAT =LdeE -----END PGP SIGNATURE----- _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
