Hi, Trevor, and thanks for the note. A couple of things, as responsible AD:
1. Yoav says, "This is an inappropriate time to raise new substantive issues about the document." I agree with the sense of what Yoav is saying, but let me clarify what that means. It is *always* an appropriate time to raise new, substantive issues if those issues are addressing a serious problem with the document. The point is that this stage is not the appropriate time to bring up "we should have gone in a different direction" issues, whether those are new or revisited. Serious problems: OK. "I'd have done it differently": no. 2. That said, we do need to be sure that issues of any sort that had been raised before were addressed properly, and it's always appropriate to have a look at that. No one's input to the working group should be sloughed off without proper consideration. So, let me be clear about what you (Trevor) are saying in your message, because I'm not sure. - Is it that an error was made in document editing, such that something that you thought was decided one way made it into the document in a different, incorrect way? - Or is it that you think the issue you brought up was not adequately considered, and editing of the document went off in the wrong direction because of that? - Or is it that you think the issue you brought up was discussed, the working group decided otherwise, and the editing went in the direction of consensus that you disagree with. - Or is it something else? Thanks, Barry, Applications AD On Wed, Aug 27, 2014 at 3:36 AM, Trevor Perrin <[email protected]> wrote: > On Tue, Aug 26, 2014 at 10:44 PM, Yoav Nir <[email protected]> wrote: >> Hi folks >> >> In the last few days, we've had a bunch of threads re-opening issues with >> key-pinning, mostly around the PKP-RO. >> >> This document has gone through years of discussion on the mailing list, a >> WGLC and an IETF LC. >> >> The document is now under review by the IESG. We (the working group) and the >> authors need to address comments and discuss ballots by members of the IESG. >> This is an inappropriate time to raise new substantive issues about the >> document. > > > PKP-RO isn't a new issue. > > The initial draft of PKP-RO was claimed to "follow the same syntax and > semantics of the Public-Key-Pins header" [1]. > > But the text was unclear. When we discussed this in February Ryan > proposed to not store PKP-RO pins [2,3]. Myself, Daniel Kahn-Gillmor, > and Tom Ritter proposed to store them [4,5,6], and Chris added text > for this [7,8,9,10]. > > I later discussed other cleanup of the PKP-RO text [11]. As part of > that Chris changed some of the wording to *not* store PKP-RO pins > [12]. I pointed out the discrepancy and that "I thought we decided > the opposite" a couple times [13,14], but there was a misunderstanding > and he changed things more towards *not* storing PKP-RO [15]. A > couple days after you declared "this working group has done as much as > we can", and further discussion would be "counter-productive" [16]. > > But I still think storing PKP-RO would be better, and seemed to be the > group's preference. > > > Trevor > > > [1] http://www.ietf.org/mail-archive/web/websec/current/msg01539.html > [2] http://www.ietf.org/mail-archive/web/websec/current/msg02030.html > [3] http://www.ietf.org/mail-archive/web/websec/current/msg02037.html > [4] http://www.ietf.org/mail-archive/web/websec/current/msg02042.html > [5] http://www.ietf.org/mail-archive/web/websec/current/msg02043.html > [6] http://www.ietf.org/mail-archive/web/websec/current/msg02044.html > [7] http://www.ietf.org/mail-archive/web/websec/current/msg02051.html > [8] http://www.ietf.org/mail-archive/web/websec/current/msg02054.html > [9] http://www.ietf.org/mail-archive/web/websec/current/msg02055.html > [10] http://www.ietf.org/mail-archive/web/websec/current/msg02069.html > [11] http://www.ietf.org/mail-archive/web/websec/current/msg02075.html > [12] http://www.ietf.org/mail-archive/web/websec/current/msg02081.html > [13] http://www.ietf.org/mail-archive/web/websec/current/msg02084.html > [14] http://www.ietf.org/mail-archive/web/websec/current/msg02094.html > [15] http://www.ietf.org/mail-archive/web/websec/current/msg02097.html > [16] http://www.ietf.org/mail-archive/web/websec/current/msg02100.html _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
