Hi Linda,
Thank you for reviewing the document. After the discussion, do you still have any questions or do you feel there is any ambiguity that needs to be resolved?
--Randall
On 16 Mar 2021, at 9:34, Linda Dunbar via Datatracker wrote:
Reviewer: Linda Dunbar
Review result: Not ReadyI have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These
comments were written primarily for the benefit of the security area directors.
Document editors and WG chairs should treat these comments just like any other
last call comments.This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?Best Regards,
Linda Dunbar
On 16 Mar 2021, at 9:34, Linda Dunbar via Datatracker wrote:
Reviewer: Linda Dunbar
Review result: Not ReadyI have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These
comments were written primarily for the benefit of the security area directors.
Document editors and WG chairs should treat these comments just like any other
last call comments.This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?Best Regards,
Linda Dunbar
Ecrit mailing list
Ecrit@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ecrit
On 16 Mar 2021, at 9:34, Linda Dunbar via Datatracker wrote:
Reviewer: Linda Dunbar
Review result: Not ReadyI have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These
comments were written primarily for the benefit of the security area directors.
Document editors and WG chairs should treat these comments just like any other
last call comments.This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?Best Regards,
Linda Dunbar--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
On 16 Mar 2021, at 9:45, Murray S. Kucherawy wrote:
Hi Linda, thanks for your review. Comments below.On Tue, Mar 16, 2021 at 9:34 AM Linda Dunbar via Datatracker <noreply@xxxxxxxx> wrote:This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?Specification Required is defined in RFC 8162. The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification. The DE will have discretion to determine whether an application should be accepted. The document contains no guidance about particular SDOs, so the DE is left to decide whether to factor the source into the approval or rejection of the request.So any SDO can make a request to update the registry. The DE makes the call about "legitimate".-MSK
On 16 Mar 2021, at 9:45, Murray S. Kucherawy wrote:
Hi Linda, thanks for your review. Comments below.On Tue, Mar 16, 2021 at 9:34 AM Linda Dunbar via Datatracker <noreply@xxxxxxxx> wrote:This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?Specification Required is defined in RFC 8162. The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification. The DE will have discretion to determine whether an application should be accepted. The document contains no guidance about particular SDOs, so the DE is left to decide whether to factor the source into the approval or rejection of the request.So any SDO can make a request to update the registry. The DE makes the call about "legitimate".-MSK
Ecrit mailing list
Ecrit@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ecrit
On 16 Mar 2021, at 9:45, Murray S. Kucherawy wrote:
Hi Linda, thanks for your review. Comments below.On Tue, Mar 16, 2021 at 9:34 AM Linda Dunbar via Datatracker <noreply@xxxxxxxx> wrote:This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?Specification Required is defined in RFC 8162. The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification. The DE will have discretion to determine whether an application should be accepted. The document contains no guidance about particular SDOs, so the DE is left to decide whether to factor the source into the approval or rejection of the request.So any SDO can make a request to update the registry. The DE makes the call about "legitimate".-MSK
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
On 16 Mar 2021, at 10:12, Linda Dunbar wrote:
Murray,
Then why need this document?
Isn’t it already the practice that “The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification”?
Linda
From: Murray S. Kucherawy <superuser@xxxxxxxxx>
Sent: Tuesday, March 16, 2021 11:46 AM
To: Linda Dunbar <linda.dunbar@xxxxxxxxxxxxx>
Cc: secdir@xxxxxxxx; draft-ietf-ecrit-location-profile-registry-policy.all@xxxxxxxx; ecrit@xxxxxxxx; last-call@xxxxxxxx
Subject: Re: Secdir last call review of draft-ietf-ecrit-location-profile-registry-policy-01
Hi Linda, thanks for your review. Comments below.
On Tue, Mar 16, 2021 at 9:34 AM Linda Dunbar via Datatracker <noreply@xxxxxxxx> wrote:
This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?
Specification Required is defined in RFC 8162. The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification. The DE will have discretion to determine whether an application should be accepted. The document contains no guidance about particular SDOs, so the DE is left to decide whether to factor the source into the approval or rejection of the request.
So any SDO can make a request to update the registry. The DE makes the call about "legitimate".
-MSK
On 16 Mar 2021, at 10:12, Linda Dunbar wrote:
Murray,
Then why need this document?
Isn’t it already the practice that “The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification”?
Linda
From: Murray S. Kucherawy <superuser@xxxxxxxxx>
Sent: Tuesday, March 16, 2021 11:46 AM
To: Linda Dunbar <linda.dunbar@xxxxxxxxxxxxx>
Cc: secdir@xxxxxxxx; draft-ietf-ecrit-location-profile-registry-policy.all@xxxxxxxx; ecrit@xxxxxxxx; last-call@xxxxxxxx
Subject: Re: Secdir last call review of draft-ietf-ecrit-location-profile-registry-policy-01
Hi Linda, thanks for your review. Comments below.
On Tue, Mar 16, 2021 at 9:34 AM Linda Dunbar via Datatracker <noreply@xxxxxxxx> wrote:
This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?
Specification Required is defined in RFC 8162. The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification. The DE will have discretion to determine whether an application should be accepted. The document contains no guidance about particular SDOs, so the DE is left to decide whether to factor the source into the approval or rejection of the request.
So any SDO can make a request to update the registry. The DE makes the call about "legitimate".
-MSK
Ecrit mailing list
Ecrit@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ecrit
On 16 Mar 2021, at 10:12, Linda Dunbar wrote:
Murray,
Then why need this document?
Isn’t it already the practice that “The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification”?
Linda
From: Murray S. Kucherawy <superuser@xxxxxxxxx>
Sent: Tuesday, March 16, 2021 11:46 AM
To: Linda Dunbar <linda.dunbar@xxxxxxxxxxxxx>
Cc: secdir@xxxxxxxx; draft-ietf-ecrit-location-profile-registry-policy.all@xxxxxxxx; ecrit@xxxxxxxx; last-call@xxxxxxxx
Subject: Re: Secdir last call review of draft-ietf-ecrit-location-profile-registry-policy-01
Hi Linda, thanks for your review. Comments below.
On Tue, Mar 16, 2021 at 9:34 AM Linda Dunbar via Datatracker <noreply@xxxxxxxx> wrote:
This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?
Specification Required is defined in RFC 8162. The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification. The DE will have discretion to determine whether an application should be accepted. The document contains no guidance about particular SDOs, so the DE is left to decide whether to factor the source into the approval or rejection of the request.
So any SDO can make a request to update the registry. The DE makes the call about "legitimate".
-MSK
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
On 16 Mar 2021, at 10:39, Benjamin Kaduk wrote:
Hi Linda,
The current registration procedure (visible at
https://www.iana.org/assignments/lost-location-profiles/lost-location-profiles.xhtml)
of Standards Action only requires a standards-track RFC to get an
allocation; there is no designated expert involved in that procedure.
RFC 8126 again remains a good reference for these registration policies.Thanks,
Ben
On Tue, Mar 16, 2021 at 05:12:52PM +0000, Linda Dunbar wrote:
Murray,
Then why need this document?
Isn’t it already the practice that “The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification”?Linda
From: Murray S. Kucherawy superuser@xxxxxxxxx
Sent: Tuesday, March 16, 2021 11:46 AM
To: Linda Dunbar linda.dunbar@xxxxxxxxxxxxx
Cc: secdir@xxxxxxxx; draft-ietf-ecrit-location-profile-registry-policy.all@xxxxxxxx; ecrit@xxxxxxxx; last-call@xxxxxxxx
Subject: Re: Secdir last call review of draft-ietf-ecrit-location-profile-registry-policy-01Hi Linda, thanks for your review. Comments below.
On Tue, Mar 16, 2021 at 9:34 AM Linda Dunbar via Datatracker <noreply@xxxxxxxx<mailto:noreply@xxxxxxxx>> wrote:
This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?Specification Required is defined in RFC 8162. The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification. The DE will have discretion to determine whether an application should be accepted. The document contains no guidance about particular SDOs, so the DE is left to decide whether to factor the source into the approval or rejection of the request.
So any SDO can make a request to update the registry. The DE makes the call about "legitimate".
-MSK
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
On 16 Mar 2021, at 10:39, Benjamin Kaduk wrote:
Hi Linda,
The current registration procedure (visible at
https://www.iana.org/assignments/lost-location-profiles/lost-location-profiles.xhtml)
of Standards Action only requires a standards-track RFC to get an
allocation; there is no designated expert involved in that procedure.
RFC 8126 again remains a good reference for these registration policies.Thanks,
Ben
On Tue, Mar 16, 2021 at 05:12:52PM +0000, Linda Dunbar wrote:
Murray,
Then why need this document?
Isn’t it already the practice that “The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification”?Linda
From: Murray S. Kucherawy superuser@xxxxxxxxx
Sent: Tuesday, March 16, 2021 11:46 AM
To: Linda Dunbar linda.dunbar@xxxxxxxxxxxxx
Cc: secdir@xxxxxxxx; draft-ietf-ecrit-location-profile-registry-policy.all@xxxxxxxx; ecrit@xxxxxxxx; last-call@xxxxxxxx
Subject: Re: Secdir last call review of draft-ietf-ecrit-location-profile-registry-policy-01Hi Linda, thanks for your review. Comments below.
On Tue, Mar 16, 2021 at 9:34 AM Linda Dunbar via Datatracker <noreply@xxxxxxxx<mailto:noreply@xxxxxxxx>> wrote:
This document doesn't seem to be complete. The document claims that it changes
the policy of the Location-to-Service Translation (LoST) Location Profile
registry from Standards Action to Specification Required, but it doesn't
specify what is the new procedure. It says allowing other SDOs to change or
add values. But which SDOs are allowed? Are there any procedures to identify
which SDOs are legitimate? can any organizations, say XYZ, change, add or
delete the values?Specification Required is defined in RFC 8162. The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification. The DE will have discretion to determine whether an application should be accepted. The document contains no guidance about particular SDOs, so the DE is left to decide whether to factor the source into the approval or rejection of the request.
So any SDO can make a request to update the registry. The DE makes the call about "legitimate".
-MSK
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
On 16 Mar 2021, at 10:40, Murray S. Kucherawy wrote:
On Tue, Mar 16, 2021 at 10:12 AM Linda Dunbar <linda.dunbar@xxxxxxxxxxxxx> wrote:Then why need this document?Isn’t it already the practice that “The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification”?
No, the current rules for that registry are specified by Standards Action (Section 4.9 of RFC 8126), which requires a standards track RFC. There's no designated expert in that model. The working group wants to change the policy to the less restrictive model that allows for specifications published outside of the IETF to qualify, subject to expert review.-MSK
On 16 Mar 2021, at 10:40, Murray S. Kucherawy wrote:
On Tue, Mar 16, 2021 at 10:12 AM Linda Dunbar <linda.dunbar@xxxxxxxxxxxxx> wrote:Then why need this document?Isn’t it already the practice that “The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification”?
No, the current rules for that registry are specified by Standards Action (Section 4.9 of RFC 8126), which requires a standards track RFC. There's no designated expert in that model. The working group wants to change the policy to the less restrictive model that allows for specifications published outside of the IETF to qualify, subject to expert review.-MSK
Ecrit mailing list
Ecrit@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ecrit
On 16 Mar 2021, at 10:40, Murray S. Kucherawy wrote:
On Tue, Mar 16, 2021 at 10:12 AM Linda Dunbar <linda.dunbar@xxxxxxxxxxxxx> wrote:Then why need this document?Isn’t it already the practice that “The IESG will be tasked with appointing a designated expert (DE) to review registration requests against the published specification”?
No, the current rules for that registry are specified by Standards Action (Section 4.9 of RFC 8126), which requires a standards track RFC. There's no designated expert in that model. The working group wants to change the policy to the less restrictive model that allows for specifications published outside of the IETF to qualify, subject to expert review.-MSK
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
On 16 Mar 2021, at 14:01, Randall Gellens wrote:
I just want to add that the document currently does contain some guidance. Section 4 (IANA Considerations) contains:
The reviewer should verify that:
o the proposed new value is specified by the IETF, NENA, or a
similar SDO in which location profiles are in scope;--Randall
On 16 Mar 2021, at 14:01, Randall Gellens wrote:
I just want to add that the document currently does contain some guidance. Section 4 (IANA Considerations) contains:
The reviewer should verify that:
o the proposed new value is specified by the IETF, NENA, or a
similar SDO in which location profiles are in scope;--Randall
On 16 Mar 2021, at 14:01, Randall Gellens wrote:
I just want to add that the document currently does contain some guidance. Section 4 (IANA Considerations) contains:
The reviewer should verify that:
o the proposed new value is specified by the IETF, NENA, or a
similar SDO in which location profiles are in scope;--Randall
On 16 Mar 2021, at 14:01, Randall Gellens wrote:
I just want to add that the document currently does contain some guidance. Section 4 (IANA Considerations) contains:
The reviewer should verify that:
o the proposed new value is specified by the IETF, NENA, or a
similar SDO in which location profiles are in scope;--Randall
Ecrit mailing list
Ecrit@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ecrit
On 16 Mar 2021, at 14:01, Randall Gellens wrote:
I just want to add that the document currently does contain some guidance. Section 4 (IANA Considerations) contains:
The reviewer should verify that:
o the proposed new value is specified by the IETF, NENA, or a
similar SDO in which location profiles are in scope;--Randall
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
