Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

i have reverted the doc in my emacs buffer. -03 stands randy ___ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Thats a good question. Whois lookups CAN ask for superior covering blocks. Its in the protocol to do it (flags) in the port 43 query. I don't think its normal. This is the problem with data services which push to the most specific record (and, in Whois, many exist) and inclusion of signing, which

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> But if a lookup process was interested in finding a geofeed for an IP > address within B, would it have any reason or automated means to > backtrack and lookup knowledge of the signed geofeed for A? Do > inetnum lookups return all superprefix inetnums as well? (asking for > a friend) whoops!

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

On Wed, Feb 17, 2021 at 3:29 PM Randy Bush wrote: > > now that last call is over, it's time to make trouble by requesting to > add a hack. ggm, doc shepherd, has this idea about hierarchic signing > which would affect this doc by adding > >If an inetnum: A points to a geofeed file which is

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Seems reasonable. I'm hoping we get some RTGDIR comments this week. Joe On 2/8/21 17:47, Randy Bush wrote: > -02 was published. but, due to a merge miscommunication, it left off a > couple of acknowledgments. it also misspelled Acknowledgments :) > > i'll not push -03 until after comments of

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

-02 was published. but, due to a merge miscommunication, it left off a couple of acknowledgments. it also misspelled Acknowledgments :) i'll not push -03 until after comments of substance are incorproated, assuming no one objects. randy ___ OPSAWG

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Thanks Randy, I'm as happy as I'm likely to get. Adrian -Original Message- From: OPSAWG On Behalf Of Randy Bush Sent: 08 February 2021 21:05 To: Joe Clarke (jclarke) Cc: opsawg@ietf.org Subject: Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds > There were some comme

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> There were some comments that will lead to document changes commenters, please check -02 and thanks all randy ___ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Thanks to all the working group members that replied on this last call. There were some comments that will lead to document changes, but overall there seems to be consensus that this work should progress. Thanks to Job Snijders that shared a working implementation of this work. There is one

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

On 01/02/2021 20:16, Job Snijders wrote: Conclusion == I believe with the above I've independently implemented all aspects of draft-ietf-opsawg-finding-geofeeds in one way or another, demonstrating the described procedures are correct, verifyable, and somewhat understandable. The

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

hi job, as ggm said, really appreciate your showing the tech can be done. openssl is conservative, which has good and bad effects. randy ___ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> Well, "whatever", but I liked the paragraph we had arrived at. ok, ok. i could not stand the whining and put it back :) it's just that i really prefer words to communicate something. randy ___ OPSAWG mailing list OPSAWG@ietf.org

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

I think this is useful. It shows how tools that operations people are familiar with can be used to improve the trust in the feed. Nice work Job! -G On Wed, Feb 3, 2021 at 12:25 PM Job Snijders wrote: > > Dear Randy, working group, > > It appears to me you really wanted to ask 'how the heck

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Dear Randy, working group, It appears to me you really wanted to ask 'how the heck did you do it???' *** warning: operating a CA is real work, do NOT follow the below *** I declared my signing operation 'proprietary' because I can't recommend it as a 'recipe'. I prefer to promote man pages over

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> The signature was produced through proprietary means, but for the > purpose of validating the signature & interopability testing that > shouldn't matter... right? unless you are a security person and lived through trojans such as dual-ec. extension of kerckhoffs's principle. randy

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Hi Randy, On Tue, Feb 02, 2021 at 10:26:53AM -0800, Randy Bush wrote: > folk trying to verify this are whining about some missing code I'm not entirely sure what 'missing code' you are referring to. On Debian Bullseye the required software can be installed using: $ sudo apt install openssl

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> Authenticating the Geofeed data > === > > The uncommented section of the file conforms to RFC 8805: > > $ head -1 geofeed.csv | tee geofeed_tbs > 2001:67c:208c::/48,NL,NL-NH,Amsterdam > > The commented out section of the geofeed.csv file contains a base64 >

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

AWG] WG LC: draft-ietf-opsawg-finding-geofeeds >> 8805 was, of course, an Independent Stream production. So I carry as much >> responsibility as anyone else for the lack of privacy discussion. But, more >> significantly, I am entirely responsible for not having noted section 4 of >&

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

On 2/2/21 7:05 AM, Randy Bush wrote: 5. oh, speaking of Iff, I would prefer if and only if, extended. will you not hate me if i leave it and let rfc have one more reason to whack me? who, me? iff I was a hater maybe I could seize this opportunity -- antonio

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> 1. I believe it may be more correct to refer to RFC 4012 rather than > 2622 (as inet6num support is declared in this draft) thanks! > 2. paragraph 4, first block, I think it should say "there IS a fair > number of them." > 3. paragraph 5 "The geofeed files SHOULD be published over and

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

>> 8805 was, of course, an Independent Stream production. So I carry as much >> responsibility as anyone else for the lack of privacy discussion. But, more >> significantly, I am entirely responsible for not having noted section 4 of >> RFC 8805 when I wrote my email - oops. > > Yeah, I was

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> 8805 was, of course, an Independent Stream production. So I carry as much > responsibility as anyone else for the lack of privacy discussion. But, more > significantly, I am entirely responsible for not having noted section 4 of > RFC 8805 when I wrote my email - oops. Yeah, I was pretty sure

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> So perhaps modifying your paragraph to... > > RFC8805 geofeed data may reveal the approximate location of an IP > address, which might in turn reveal the approximate location of an > individual user. As noted in section 4 of RFC8805, publishers of > geolocation feeds are

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Hi Randy, Thanks for engaging, and I know I presented an "interesting" challenge. 8805 was, of course, an Independent Stream production. So I carry as much responsibility as anyone else for the lack of privacy discussion. But, more significantly, I am entirely responsible for not having noted

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

hey adrian, > Is it too late to ask for some privacy considerations to be added to > this document? it is never too late to ask for privacy. as usual, the problem is how to provide it :) > My initial thought was that the authors would point me to 8805, but a > quick look there doesn’t show any

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Dear working group, On Fri, Jan 22, 2021 at 09:43:26PM +, Joe Clarke (jclarke) wrote: > Happy new year, opsawg. The draft-ietf-opsawg-finding-geofeeds draft > has undergone some discussion and with the recent -01 revision of the WG > version of the document, the authors have made all pending

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

On 2/1/21 12:49 AM, p...@bigdatacloud.com wrote: I support this hi, I very much appreciate the intentions of this text and hope to see the solutions it proposes widely adopted: I'm planning to implement it myself right away. therefore, I would like to express my support for this draft.

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Hi, Is it too late to ask for some privacy considerations to be added to this document? My initial thought was that the authors would point me to 8805, but a quick look there doesn’t show any mention of privacy. My concern here is that the end-user’s geographic locale is being

[OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

I support this Pol Nisenblat BigDataCloud Pty Ltd U14 29-31 Compton street, Adelaide SA 5000, Australia web: https://www.bigdatacloud.com m: +61 4 33350516 | t: +61 8 82217115 | p...@bigdatacloud.com

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> I think it's very useful, I support the adoption of this draft I would also like to express full support for the adoption of this draft. I think it's a fundamental step forward in an area where standardization has long been necessary. --

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

I support this, it makes my life a lot easier. And I imagine other data providers would find it useful too. On Thu, Jan 28, 2021 at 6:10 PM Flavio Luciani wrote: > > I have read -01, seen my previous comments addressed, and I overall I > think this is ready to progress. > > > I also think is

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> I have read -01, seen my previous comments addressed, and I overall I > think this is ready to progress. I also think is ready to progress, I support this draft. — Flavio Luciani Chief Technology Officer T +39 06 444 86 062 M. +39 331 2823325 f.luci...@namex.it namex.it Questa

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

> I have requested additional directorate reviews for this work so we > have a good amount of eyes on it. thank you! randy ___ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

As a contributor: I have read -01, seen my previous comments addressed, and I overall I think this is ready to progress. As a chair: I have requested additional directorate reviews for this work so we have a good amount of eyes on it. Joe On 1/22/21 16:44, Joe Clarke (jclarke) wrote: > Happy

Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

i am not aware of ipr randy ___ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg

[OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Happy new year, opsawg. The draft-ietf-opsawg-finding-geofeeds draft has undergone some discussion and with the recent -01 revision of the WG version of the document, the authors have made all pending changes based on feedback. We would like to conduct a two-week working group last call on this