Ballot for charter-ietf-sshm
Yes
No Objection
Note: This ballot was opened for revision 00-01 and is now closed.
Ballot question: "Is this charter ready for external review?"
# Internet AD comments for charter-ietf-sshm-00-01 CC @ekline * comment syntax: - https://github.com/mnot/ietf-comments/blob/main/format.md ## Comments * If there are security issues found by a mechanism other than formal verification tools, is the working group able to propose any required fix(es)?
Nit: s/extensions to SSH protocol/extensions to the SSH protocol/
Is there any coordination with other WGs, RGs, or SDOs worth mentioning?
** Consider if these are equivalent to the intent: OLD ... to update the RFCs documenting SSH to reflect what is implemented and deployed in practice. NEW ... to update the RFCs published by the closed SECSH WG to reflect how SSH protocol(s) are implemented and deployed in practice. ** Per "Out of scope initially includes", is the "initially" some promise about the future. Why not "Out of scope includes:" ** For editorial clarity: OLD "Out of scope includes ... while defining how SSH uses cryptographic algorithms is in scope, designing the algorithms themselves is out of scope" to be NEW "Out of scope includes ... designing cryptographic algorithms (but defining how SSH uses cryptographic algorithms is in scope)." ** Please refine the milestones. The current text of "Issue adoption calls for Internet-drafts matching the charter" is not specific enough.
Supportive of having some maintenance work over SSH, but I cannot ballot a strong YES: see below for some points (mix of real concerns and nits). About `is to maintain the Secure Shell (SSH) protocol.` should RFC 4253/4254 be added ? s/TCP-IP and X11/IP, and X11/ ? s/automatically encrypt, authenticate,/automatically authenticate, encrypt,/ (and I am unsure about the use of "automatically" as there is a authentication/trust provisioning that needs to take place) Sometimes working groups is capitalised, should the charter be consistent ? Can "initial" be removed from "The initial goals of", it could indicate potential scope broadening without re-chartering. Please add *intended status* of all goals/work items. About the initially out of scope items, I understand that the first two could be added later, but I wonder about "while defining how SSH uses cryptographic algorithms is in scope, designing the algorithms themselves is out of scope": this one should permanently be out of scope. s/Protocol documents should not be submitted to the IESG /Protocol documents cannot not be submitted to the IESG /, i.e., when can the "should" be bypassed ? (yes I know I like BCP14)