Hi Suresh, hi all, Actually we discussed this yesterday at the IAB meeting and I thought we agreed that we don’t want security considerations in workshop reports.
Mirja > On 6. Feb 2025, at 18:01, Sandy Ginoza <sgin...@amsl.com> wrote: > > Hi Suresh, Mirja, > > Thank you for your replies. The document has been updated to include the > following as the Security Considerations text. > > This document is a workshop report and does not impact the security of the > Internet. > > > Mirja, please let us know if any additional updates are needed or if you > approve the RFC for publication. > > Thank you, > RFC Editor/sg > > >> On Feb 5, 2025, at 8:11 PM, Suresh Krishnan <suresh.krish...@gmail.com> >> wrote: >> >> Hi Lynne, >> As the document shepherd I am fine with skipping the Security Considerations >> in this document, as has been done for some past workshop reports. If you >> feel that special casing these sends out a wrong message to the community I >> think we can add your proposed boilerplate text and consistently do so for >> the future. >> >> Thanks >> Suresh >> >>> On Feb 3, 2025, at 11:53 AM, Lynne Bartholomew >>> <lbartholo...@staff.rfc-editor.org> wrote: >>> >>> Hi, Mirja and *Suresh. >>> >>> Mirja, checking in with you regarding the status of this document. It >>> appears that several questions remain open. >>> >>> * Suresh, please note that in your capacity as Document Shepherd we also >>> need to hear from you regarding the Security Considerations section and >>> Mirja's comments below. >>> >>> Please review and advise. >>> >>> The latest files are posted here. Please refresh your browser: >>> >>> https://www.rfc-editor.org/authors/rfc9707.txt >>> https://www.rfc-editor.org/authors/rfc9707.pdf >>> https://www.rfc-editor.org/authors/rfc9707.html >>> https://www.rfc-editor.org/authors/rfc9707.xml >>> https://www.rfc-editor.org/authors/rfc9707-diff.html >>> https://www.rfc-editor.org/authors/rfc9707-rfcdiff.html (side by side) >>> https://www.rfc-editor.org/authors/rfc9707-auth48diff.html >>> https://www.rfc-editor.org/authors/rfc9707-auth48rfcdiff.html (side by side) >>> https://www.rfc-editor.org/authors/rfc9707-lastdiff.html >>> https://www.rfc-editor.org/authors/rfc9707-lastrfcdiff.html (side by side) >>> >>> https://www.rfc-editor.org/authors/rfc9707-xmldiff1.html >>> https://www.rfc-editor.org/authors/rfc9707-xmldiff2.html >>> >>> Thank you! >>> >>> RFC Editor/lb >>> >>>> On Jan 21, 2025, at 7:32 AM, Mirja Kuehlewind (IETF) <i...@kuehlewind.net> >>>> wrote: >>>> >>>> >>>> >>>>> On 8. Jan 2025, at 00:49, Sandy Ginoza <sgin...@amsl.com> wrote: >>>>> >>>>> Hi all, >>>>> >>>>> Please see comments below. >>>>> >>>>>> On Jan 7, 2025, at 9:45 AM, Lynne Bartholomew <lbartholo...@amsl.com> >>>>>> wrote: >>>>>> >>>>>>> Mirja: I don’t think security considerations are useful for workshop >>>>>>> reports. All workshop reports that I’ve been involved with did not have >>>>>>> security considerations but I did see that some other reports do. >>>>>>> However, I assume they have mostly been added during AUTH48 based on >>>>>>> this kind of request. Particularly just adding the sentence above is >>>>>>> not useful and I wouldn’t want to do that just for the sake for >>>>>>> process. If we want security consideration we should come up with real >>>>>>> ones but as I said I don’t think we should just add anything to report >>>>>>> in that respect. I think we should conclude with the IAB to not have >>>>>>> security consideration for workshop reports in general in future. >>>>>> >>>>>> [rfced] Agreed that the section isn't necessary in this case, but for >>>>>> the time being, we need to follow our current process, which includes >>>>>> asking the Document Shepherd for approval. >>>> >>>> The IAB document shepherd or IAB stream manager or maybe IAB chair? >>>> >>>>>> >>>>>> That being said, would you like us to set precedent here by removing the >>>>>> Security Considerations and asking the Document Shepherd for approval of >>>>>> the new form? >>>> >>>> RFC9490 (M-TEN), RFC9307 (AID), and RFC9075 (COVID) don’t have security >>>> consideration. Yes, I’m an author on all of these, however, just saying >>>> this one wouldn’t set the precedent. >>>> >>>>> >>>>> Jumping in on this one - Security Considerations are required per the RFC >>>>> Style Guide (see >>>>> https://www.rfc-editor.org/rfc/rfc7322.html#section-4.8.5). We suggest >>>>> the following: >>>>> >>>>> This document is a workshop report and does not impact the security of >>>>> the Internet. >>>> >>>> I’d be fine with that and in this case we should just use this exact same >>>> phrasing for all reports in my opinion. >>>> >>>>> >>>>> If the IAB would like to discuss special handling for IAB workshop >>>>> reports, we prefer having the discussion outside of an AUTH48. Please >>>>> let us know if the text above is acceptable. >>>> >>>> Yes, we can’t decide this for good in the auth48 process, however, we >>>> could simply add a short item to the next IAB call. I don’t think this >>>> would need a long discussion… >>>> >>>> Mirja >>>> >>>> >>>> >>>>> >>>>> Thanks, >>>>> Sandy >>>> >>> >> > -- auth48archive mailing list -- auth48archive@rfc-editor.org To unsubscribe send an email to auth48archive-le...@rfc-editor.org
