ietf
[Top] [All Lists]

Re: (short version) Re: Last Call: <draft-faltstrom-uri-10.txt> (The Uniform Resource Identifier (URI) DNS Resource Record) to Proposed Standard

2015-02-27 10:24:43
On 2/25/15 9:18 PM, Sam Hartman wrote:
"John" == John C Klensin<john-ietf(_at_)jck(_dot_)com>  writes:
     John>  I think the rest is a bit of a judgment call.  While I'd be
     John>  happy to see a comprehensive document that would address all
     John>  of those issues, I would also like to get a good description
     John>  of the RRTYPE published somewhere soon, ideally a couple of
     John>  years ago.  It seems to me that making a complete analysis of
     John>  security alternatives, or a complete analysis of the URI
     John>  situation as it relates to this RRTYPE, much less both are
     John>  likely to be a _lot_ of effort and that, if we want to get the
     John>  document published, what should be done should probably be
     John>  confined to explicitly noting the issues, e.g., that any
     John>  indirection through the DNS raises security issues that need
     John>  careful understanding and for which there is no magic bullet.

I'm happy with an informational document that does the above and claims
only to describe the existing RR type.
I'm not happy with a standards-track document that fails to cover the
security issues in significantly better detail.

After speaking with Patrik, I think you have convinced us: The correct thing to do at this point is to take out all of the information beyond a simple description of the RR, beef up the security considerations to describe the security issue, and make that document Informational.

I'm going to ask Patrik to publish a revised ID at this point, which I expect to see in the next couple of days. Unless I hear loud objections (and I will cormfirm with the rest of the IESG as well), I'm inclined to simply extend the current Last Call by 2 weeks after the revised ID instead of restarting an entirely new 4 week Last Call. I think the discussion is active enough here on the list that nobody is going to lose track of it, and we're now talking about an Informational document rather than something that's going to be Standards Track, so the level of required scrutiny is certainly less. If we make this go another 4 weeks, I'll be off of the IESG and someone else is going to have to pick up the ball, which I'd rather avoid having to do. Either way, I'll be sure to make an announcement.

pr

--
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478

<Prev in Thread] Current Thread [Next in Thread>