Re: [AAA-DOCTORS] Benoit Claise's Discuss on draft-ietf-softwire-6rd-radius-attrib-10: (with DISCUSS and COMMENT)
Benoit Claise <bclaise@cisco.com> Mon, 11 February 2013 17:15 UTC
Return-Path: <bclaise@cisco.com>
X-Original-To: aaa-doctors@ietfa.amsl.com
Delivered-To: aaa-doctors@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91ABC21F8904 for <aaa-doctors@ietfa.amsl.com>; Mon, 11 Feb 2013 09:15:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.561
X-Spam-Level:
X-Spam-Status: No, score=-10.561 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0TU54TRqjZB2 for <aaa-doctors@ietfa.amsl.com>; Mon, 11 Feb 2013 09:15:22 -0800 (PST)
Received: from av-tac-bru.cisco.com (weird-brew.cisco.com [144.254.15.118]) by ietfa.amsl.com (Postfix) with ESMTP id 90B8821F88DA for <aaa-doctors@ietf.org>; Mon, 11 Feb 2013 09:15:22 -0800 (PST)
X-TACSUNS: Virus Scanned
Received: from strange-brew.cisco.com (localhost.cisco.com [127.0.0.1]) by av-tac-bru.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id r1BHFImO007664; Mon, 11 Feb 2013 18:15:18 +0100 (CET)
Received: from [10.60.67.84] (ams-bclaise-8913.cisco.com [10.60.67.84]) by strange-brew.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id r1BHEDt8016718; Mon, 11 Feb 2013 18:14:28 +0100 (CET)
Message-ID: <511926E5.8050206@cisco.com>
Date: Mon, 11 Feb 2013 18:14:13 +0100
From: Benoit Claise <bclaise@cisco.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130107 Thunderbird/17.0.2
MIME-Version: 1.0
To: "bernard_aboba@hotmail.com" <bernard_aboba@hotmail.com>
References: <20130117091306.15656.90065.idtracker@ietfa.amsl.com> <50F7C250.4090700@cisco.com> <50FEF425.2040805@ieca.com> <4518F39EB578034D8C99A9B7776CDBA34A65E1@xmb-aln-x04.cisco.com>
In-Reply-To: <4518F39EB578034D8C99A9B7776CDBA34A65E1@xmb-aln-x04.cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "aaa-doctors@ietf.org" <aaa-doctors@ietf.org>, Turner Sean <turners@ieca.com>, "Ralph Droms (rdroms)" <rdroms@cisco.com>
Subject: Re: [AAA-DOCTORS] Benoit Claise's Discuss on draft-ietf-softwire-6rd-radius-attrib-10: (with DISCUSS and COMMENT)
X-BeenThere: aaa-doctors@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: AAA Doctors E-mail List <aaa-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/aaa-doctors>, <mailto:aaa-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/aaa-doctors>
List-Post: <mailto:aaa-doctors@ietf.org>
List-Help: <mailto:aaa-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/aaa-doctors>, <mailto:aaa-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Feb 2013 17:15:23 -0000
Hi Bernard, Please let us (Sean, Ralph, and I) is this version 11 is satisfactory wrt this DISCUSS: https://datatracker.ietf.org/doc/draft-ietf-softwire-6rd-radius-attrib/ballot/#benoit-claise Regards, Benoit > I'd like to get this document cleared up before I step down as Int AD. Rev -11 has been published. Does it address the remaining Discuss points? > > - Ralph > > On Jan 22, 2013, at 3:18 PM 1/22/13, Sean Turner <turners@ieca.com> wrote: > >> Any feedback folks? I'm sitting on a discuss related to this. >> >> spt >> >> On 1/17/13 4:20 AM, Benoit Claise wrote: >>> Dear AAA doctors, >>> >>> I updated my DISCUSS with the latest information. See below >>> Regarding this COMMENT >>> >>> Also, it would be helpful to be explicit about the value of the >>> Service-Type attribute in Access-Requests (I am assuming that this >>> is no longer "Call-Check", since the User-Password attribute is >>> included in the Access-Request). >>> >>> I believe that the AAA doctors should give clear guidelines to the >>> draft-ietf-softwire-6rd-radius-attrib authors regarding the content of >>> the Service-Type. >>> If we can't, I propose not to insist on this issue. >>> This is the reason why this is a COMMENT and not a DISCUSS. >>> >>> Feedback? >>> >>> Regards, Benoit >>> >>> >>> -------- Original Message -------- >>> Subject: Benoit Claise's Discuss on >>> draft-ietf-softwire-6rd-radius-attrib-10: (with DISCUSS and COMMENT) >>> Date: Thu, 17 Jan 2013 01:13:06 -0800 >>> From: Benoit Claise <bclaise@cisco.com> >>> To: The IESG <iesg@ietf.org> >>> CC: draft-ietf-softwire-6rd-radius-attrib@tools.ietf.org, >>> softwire-chairs@tools.ietf.org >>> >>> >>> >>> Benoit Claise has entered the following ballot position for >>> draft-ietf-softwire-6rd-radius-attrib-10: Discuss >>> >>> When responding, please keep the subject line intact and reply to all >>> email addresses included in the To and CC lines. (Feel free to cut this >>> introductory paragraph, however.) >>> >>> >>> Please refer tohttp://www.ietf.org/iesg/statement/discuss-criteria.html >>> for more information about IESG DISCUSS and COMMENT positions. >>> >>> >>> >>> >>> ---------------------------------------------------------------------- >>> DISCUSS: >>> ---------------------------------------------------------------------- >>> >>> The AAA doctors reviewed version 10 >>> >>> 1. While Section 3 now does describe how authentication/authorization >>> functions in a way that is compliant with RFC 2865 and 5080, there is no >>> normative language and the requirements (e.g. for User-Name and >>> User-Password attributes, Message-Authenticator attribute) are not >>> included in Section 4.2. >>> >>> 2. Section 6 (Security Considerations) has a dangling sentence: >>> >>> ... >>> >>> The MAC address spoofing is possible >>> >>> ... >>> >>> OK... then what? >>> >>> >>> ---------------------------------------------------------------------- >>> COMMENT: >>> ---------------------------------------------------------------------- >>> >>> - Also, it would be helpful to be explicit about the value of the >>> Service-Type attribute in Access-Requests (I am assuming that this is no >>> longer "Call-Check", since the User-Password attribute is included in the >>> Access-Request). >>> >>> - You started to use the terminology from RFC 5969, but for two terms >>> only. >>> It's a pity that you didn't reuse so other. >>> 4.1. IPv6-6rd-Configuration Attribute >>> >>> 6rdPrefix >>> >>> The Service Provider's 6rd IPv6 prefix represented as a 16 >>> octet IPv6 address. The bits after the 6rdPrefixlen number of >>> bits in the prefix SHOULD be set to zero. >>> >>> ... >>> >>> 6rdBRIPv4Address >>> >>> One or more IPv4 addresses of the 6rd Border Relay(s) for a >>> given 6rd domain. The maximum RADIUS Attribute length of 255 >>> octets results in a limit of 58 IPv4 addresses. >>> >>>> From RFC 5969: >>> 6rd prefix An IPv6 prefix selected by the service provider >>> for use by a 6rd domain. There is exactly one >>> 6rd prefix for a given 6rd domain. An SP may >>> deploy 6rd with a single 6rd domain or multiple >>> 6rd domains. >>> >>> ... >>> >>> BR IPv4 address The IPv4 address of the 6rd Border Relay for a >>> given 6rd domain. This IPv4 address is used by >>> the CE to send packets to a BR in order to >>> reach IPv6 destinations outside of the 6rd >>> domain. >>> >>> >>> >>> >>> >>> > >
- [AAA-DOCTORS] Fwd: Benoit Claise's Discuss on dra… Benoit Claise
- Re: [AAA-DOCTORS] Fwd: Benoit Claise's Discuss on… Sean Turner
- Re: [AAA-DOCTORS] Fwd: Benoit Claise's Discuss on… Sheng Jiang
- Re: [AAA-DOCTORS] Benoit Claise's Discuss on draf… Ralph Droms (rdroms)
- Re: [AAA-DOCTORS] Benoit Claise's Discuss on draf… Benoit Claise