Re: [Last-Call] [Curdle] Last Call: <draft-ietf-curdle-ssh-kex-sha2-14.txt> (Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

With regard to recent comments on this draft by Rene and Mališa:

- A number of the comments are welcome improvements. They will improve the quality of the document and can be accommodated without substantially resetting progress on the draft.

- Some other comments are fairly fundamental. For those things to be seriously looked at, progress on the draft has to be effectively reset, and a new consensus has to be sought.

A reason this draft has already taken as long as it has is that consensus is difficult to achieve about a document that covers all of the SSH key exchanges and attempts to make normative remarks. Now, reviewers who never previously looked at this have different opinions about decisions that were subject to prolonged discussions and consensus votes. These reviewers appear to expect their views to be considered alongside the consensus - perhaps to override it, invalidate it, correct it, or something of the sort.

I propose that reviews at this late stage should focus on changes that are appropriate for this late stage, not changes that require a return to the drafting board. If people have personal opinions about how things should be done in SSH, then maybe they should get involved before last call.

denis


On Thu, Feb 25, 2021 at 10:18 AM Salz, Rich <rsalz=40akamai.com@xxxxxxxxxxxxxx> wrote:
  • I do not have any fish to fry here, but I thought IETF Last-Call was to get wider community feedback.

 

I like that phrase. :)

 

>The WGLC was June 14, 2017 on rev08, more than 3 1/2 years ago, so perhaps some perceptions may have changed since then. The draft also changed [1].

 

And we had WG discussion on the changes. And a poll (https://mailarchive.ietf.org/arch/browse/curdle/?q=%20straw%20poll) about some of the issues.

 

As for bad algorithms not being MUST NOT, the feeling was that we needed to have a transition period.

 

Just trying to provide some context. I appreciate your feedback, as always, you’re quite good. :)

_______________________________________________
Curdle mailing list
Curdle@xxxxxxxx
https://www.ietf.org/mailman/listinfo/curdle
-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux