Skip to main content

Shepherd writeup

# Document Shepherd Write-Up for Group Documents

## Document History

The document was actively discussed between a number of working group
individuals as well as in consultation with members of the TLS working group. 
No one has expressed dissent in the work or its direction, but I would have
liked to see reviews from the SEC DIR and from the broader OPS DIR.  Requests
for those reviews went unanswered.

One area to pay special attention to is how new hash algorithms are allocated
in the new IANA-maintained registry.  One thought was to have new algorithms
auto-added based on work happening in TLS 1.3.  However, that could lead to a
proliferation of algorithms in this registry that are never used.  Therefore,
the current text stipulates an additional expert review and work on behalf of
interested parties to propose a new hash algorithm be added (and that
represents the consensus of the group).

It is also important to call out that the reason this document requests a new
registry vs. adding to the existing one is that the TLS working group did not
want to imply that any new algorithms added to the existing fingerprint
registry worked with TLS 1.2.  Choosing this approach allowed for a much more
simplified update to RFC 6353.

## Additional Reviews

The contents of this document do interact closely with TLS and thus a review
from the TLS WG was requested.  Their input was key in choosing this document's
current direction (see above).  However, I would have liked to have received
some other directorate-level reviews to reinforce the approach in the registry
is sound.

From a MIB standpoint, by taking a simplified approach, the updates were
minimal.  That is, even though this document moves to a new hash algorithm
registry, the semantics of the MIB and the SnmpTLSFingerprint textual
convention remain the same, thus backwards compatibility is preserved.  This
was confirmed by Jürgen Shönwälder.

## Document Shepherd Checks

9. Based on the shepherd's review of the document, is it their opinion that this
   document is needed, clearly written, complete, correctly designed, and ready
   to be handed off to the responsible Area Director?


10. Several IETF Areas have assembled [lists of common issues that their
    reviewers encounter][6]. For which areas have such issues been identified
    and addressed? For which does this still need to happen in subsequent

SEC DIR and OPS DIR should review.

11. What type of RFC publication is being requested on the IETF stream ([Best
    Current Practice][12], [Proposed Standard, Internet Standard][13],
    [Informational, Experimental or Historic][14])? Why is this the proper type
    of RFC? Do all Datatracker state attributes correctly reflect this intent?

Proposed Standard.  This is the correct type based on the RFC it updates and
that it defines a [modified] MIB module.  This status is correctly reflected in

12. Have reasonable efforts been made to remind all authors of the intellectual
    property rights (IPR) disclosure obligations described in [BCP 79][7]? To
    the best of your knowledge, have all required disclosures been filed? If
    not, explain why. If yes, summarize any relevant discussion, including links
    to publicly-available messages when applicable.

Yes.  An IPR call was conducted and no IPR was reported.  The author explicitly
stated he knows of no IPR.

13. Has each author, editor, and contributor shown their willingness to be
    listed as such? If the total number of authors and editors on the front page
    is greater than five, please provide a justification.


14. Document any remaining I-D nits in this document. Simply running the [idnits
    tool][8] is not enough; please review the ["Content Guidelines" on][15]. (Also note that the current idnits tool generates
    some incorrect warnings; a rewrite is underway.)

Most IDNITS have been sorted.  However, this is still a reference to the
obsolete RFC 5246, and that is intentional as we are incorporating the values
from the old TLS 1.2 registry.

Also note, the references from the MIB have been added as norm/inform
references (in a style similar to what is done in YANG modules), and in the
case of RFC 5890, has been made normative with new language in the MIB.

15. Should any informative references be normative or vice-versa? See the [IESG
    Statement on Normative and Informative References][16].

References look correct.

16. List any normative references that are not freely available to anyone. Did
    the community have sufficient access to review any such normative

All normative references are freely available.

17. Are there any normative downward references (see [RFC 3967][9] and [BCP
    97][10]) that are not already listed in the [DOWNREF registry][17]? If so,
    list them.


18. Are there normative references to documents that are not ready to be
    submitted to the IESG for publication or are otherwise in an unclear state?
    If so, what is the plan for their completion?


19. Will publication of this document change the status of any existing RFCs? If
    so, does the Datatracker metadata correctly reflect this and are those RFCs
    listed on the title page, in the abstract, and discussed in the
    introduction? If not, explain why and point to the part of the document
    where the relationship of this document to these other RFCs is discussed.

It will update RFC 6353.  That metadata in the document is correct.

20. Describe the document shepherd's review of the IANA considerations section,
    especially with regard to its consistency with the body of the document.
    Confirm that all aspects of the document requiring IANA assignments are
    associated with the appropriate reservations in IANA registries. Confirm
    that any referenced IANA registries have been clearly identified. Confirm
    that each newly created IANA registry specifies its initial contents,
    allocations procedures, and a reasonable name (see [RFC 8126][11]).

The ask of IANA is clearly called out.  One registry is requested with initial
contents clearly spelled out.

21. List any new IANA registries that require Designated Expert Review for
    future allocations. Are the instructions to the Designated Expert clear?
    Please include suggestions of designated experts, if appropriate.

The one new registry is SNMP-TLSTM HashAlgorithm Registry.  It is designated as
expert review whereby the Security Area via the TLS WG is consulted as to
whether or not a new algorithm should be added.  New algorithms should not show
up here first.  They would appear in the TLS Cipher Suites registry.  Someone
wanting to use the same algorithm for SNMP TLSTM would then request that
algorithm receive a one-byte allocation in this new registry.