IETF Logo Mail Archive

Re: [Anima] Éric Vyncke's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Tue, 17 September 2019 06:26 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FA4412008C; Mon, 16 Sep 2019 23:26:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=XEAxh+pk; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=IB8zHZ7b
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xaBPfNw86pIz; Mon, 16 Sep 2019 23:26:05 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1BD5120058; Mon, 16 Sep 2019 23:26:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1192; q=dns/txt; s=iport; t=1568701565; x=1569911165; h=from:to:cc:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=AiYA/fXa7Yn7BwvOI5kEzGA6jXD/NhK0kf/L/4YGv6A=; b=XEAxh+pk1+sgYmNHfvZClixPp5G76WFtecggUWMsBn15fTFP5ofMBgBH moNByqFzXSZJbk0X92JgPEmvtCFAvNciHDRPE2L2piKq7t3hfIXHNj0rV 7i27HTdCZSl/ArFjx/UoQSwNfffg+lvMVldtf1FBja+gXXDAHrYS7CRsA M=;
IronPort-PHdr: 9a23:UV5xABaM6J5RgKYzWE+O5zv/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el20gebRp3VvvRDjeee87vtX2AN+96giDgDa9QNMn1NksAKh0olCc+BB1f8KavncT08F8dPfFRk5Hq8d0NSHZW2ag==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0C8AAC3e4Bd/4kNJK1mHAEBAQQBAQcEAQGBVQUBAQsBgURQA4FDIAQLKoQhg0cDinGCNyWXcYEugSQDVAkBAQEMAQEtAgEBgUuCdBmCWyM2Bw4CAwkBAQQBAQECAQUEbYUuDIVLAQEBAxIREQwBATcBEQEIGAICHwcCBDAVBQ0EDgUigwCBawMdAQKiAAKBOIhhc4Eygn0BAQWFERiCFwmBDCgBi3cYgUA/gTgME4JMPoREF4J0MoImj06dIAqCIpUAG5kZgzujUAIEAgQFAg4BAQWBWQ0kgVhwFWUBgkGCQjiDOopTc4Epj00BAQ
X-IronPort-AV: E=Sophos;i="5.64,515,1559520000"; d="scan'208";a="544842015"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 17 Sep 2019 06:26:04 +0000
Received: from XCH-RCD-012.cisco.com (xch-rcd-012.cisco.com [173.37.102.22]) by alln-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id x8H6Q2jx000310 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 17 Sep 2019 06:26:04 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-RCD-012.cisco.com (173.37.102.22) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 17 Sep 2019 01:26:03 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 17 Sep 2019 01:26:02 -0500
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 17 Sep 2019 02:26:02 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Zy8xZIGQf+NLdEch6Waqvh6BFKPEqy/NZPUwEX+vbjzbwgBeBFIP8jy6+Did0qgHiGLEJiCpDhY8Yp9LvnE/CMoJKrEYGEDGHYkOmGAAA0hIcaRe05hl43mT6kinvdPoBLpAm6R1AgHR70q6yi1HIklD+aBQOouZM0A9FOe59Cka3O0petWUFBLw63xJw3xYrK5kOlx8IDabf/kRBeXmyXTzOcq89DbVcJR9ifi7ItbPANkj+nL26fOAwVfFTT/nt2H5bwUc+lARVrafaWyJtZpY1S7WGt1CJWmN3aur8ekWHbUotvnKIYXls7AORZRim44c3YK1Ih8lquXpMfe+ig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AiYA/fXa7Yn7BwvOI5kEzGA6jXD/NhK0kf/L/4YGv6A=; b=D/e/+NIvX38uMEdFnsKrEBvn73c/qsW6y9sYbMZWKh7023xMrjJYCnQ0XRRb7rHGdFk5a5mftfPmyDGCt7/hJ/C9jVFgbv9GOMpad+DwOqjIVZfwhItY0iWCxj5NVPjqQcyIc6eAbYAFMsB9LCJFrNA4NDK6A4Exd48HYPw8B6MLmu122ZALBsw86HLT0WJ27ReO6hcEDdXSOw659fqJNWgV3qwZ9ul1IDter9Mbfh7VBsN046di8yrPuTfSQU272HWepXHFOI9n9J+NZtLbUJwmORA08pk5zO2Q5Ms5nBWqlMGXl7/IRXz5c3w8SY+FeqtopCIjXbpZiOSyvCJ5Qg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AiYA/fXa7Yn7BwvOI5kEzGA6jXD/NhK0kf/L/4YGv6A=; b=IB8zHZ7blXaYazqXbiSaVXJoF6tcNuuIraIr51PUONi+QQsFKzUeOktYdskoO07IBs3ddTHBWv4zsK/RW0HvUheGxhpgi11zGF1iMLbu3y1owvAlMMTRNrql9TQh9h5lm/6jlBluV3eXAbDUb8np3UR+L3zzCSbu1hpETbdGUCI=
Received: from MN2PR11MB4144.namprd11.prod.outlook.com (20.179.150.210) by MN2PR11MB4352.namprd11.prod.outlook.com (52.135.38.94) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.17; Tue, 17 Sep 2019 06:26:01 +0000
Received: from MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::d5c4:be39:66cb:449b]) by MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::d5c4:be39:66cb:449b%6]) with mapi id 15.20.2263.023; Tue, 17 Sep 2019 06:26:01 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: "draft-ietf-anima-bootstrapping-keyinfra@ietf.org" <draft-ietf-anima-bootstrapping-keyinfra@ietf.org>, "tte+ietf@cs.fau.de" <tte+ietf@cs.fau.de>, "anima@ietf.org" <anima@ietf.org>, The IESG <iesg@ietf.org>, "anima-chairs@ietf.org" <anima-chairs@ietf.org>
Thread-Topic: [Anima] Éric Vyncke's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)
Thread-Index: AQHVbSDGLSGaXe+DzkSqonVwLMDxfA==
Date: Tue, 17 Sep 2019 06:26:00 +0000
Message-ID: <B562BF09-735F-4766-A04B-1B422D25FBFD@cisco.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1d.0.190908
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com;
x-originating-ip: [2001:420:c0c1:36:99e2:17c6:4f6e:b3ad]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 315d3360-4855-45bb-9122-08d73b37e8d6
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:MN2PR11MB4352;
x-ms-traffictypediagnostic: MN2PR11MB4352:
x-microsoft-antispam-prvs: <MN2PR11MB43529E9625410CC05D39376EA98F0@MN2PR11MB4352.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:5797;
x-forefront-prvs: 01630974C0
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(366004)(346002)(376002)(136003)(39860400002)(199004)(189003)(224303003)(6512007)(14454004)(476003)(76116006)(8936002)(5660300002)(256004)(33656002)(66946007)(64756008)(91956017)(66446008)(66556008)(66476007)(86362001)(54906003)(6486002)(305945005)(486006)(7736002)(6436002)(229853002)(2616005)(186003)(71200400001)(71190400001)(4744005)(6246003)(81156014)(81166006)(478600001)(316002)(58126008)(46003)(25786009)(99286004)(2906002)(36756003)(4326008)(6506007)(102836004)(6116002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4352; H:MN2PR11MB4144.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: ruxqnEyWmJZmA4kAw1Lpo3GRdTX1kBL2a4ovc3EMjXtEg1ES7fAM8EiFpArBGjo62/DJFsge0bPEG7THlajz4THERS42nvqr6Jz5dJHuhwXomnqfftiski0n4gIrzlcH6UKYNspBjPEaf2iz4zC7vbMg4tBaPPM700olLC7YK0My5Daaq77+Nzyoq0MbaubEsX7E7+XQeiB7LWxjDEiI9e/VazbZDYAQEAdkXtKrSxGqviiTd+/RbQF0lBzlk1uqJmxp5n5Fdti5aKO/RpH2JdaVJMjoZpWYY5HBvJ9NWAhvGRrqNM++taO2SUWUc6oMpvmaWlC37YqKcee2efR69jlJZ3vmkBglu4xHRKpeLY5xxvGYNkYS8zIl6Si2sLgL8XyRr1/hLgl86pnhrTNWv4mkJC3LcP1RuqpHodznNeo=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <C6AC017586C7DF458CA36B3747F29941@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 315d3360-4855-45bb-9122-08d73b37e8d6
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Sep 2019 06:26:00.9681 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: RZjSb42jYKzXx50Hjae7M9Ail6kD7Amhap0mTXyGXnxBYxmtFqvoG3sWysFSkoK0HbNGwecIsrFdwMYKlGxW7w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4352
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.22, xch-rcd-012.cisco.com
X-Outbound-Node: alln-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/kceSDvdN4eMuVS3q40mmSMnnTu4>
Subject: Re: [Anima] Éric Vyncke's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Sep 2019 06:26:08 -0000

Sounds good to me

-éric

On 17/09/2019, 03:45, "iesg on behalf of Michael Richardson" <iesg-bounces@ietf.org on behalf of mcr+ietf@sandelman.ca> wrote:

    
    Eric Vyncke (evyncke) <evyncke@cisco.com> wrote:
        > - lack of TLS version, I understand your comment. You suggestion to add
        > some text (justification, clarification, ...) in Section 5.1 about the
        > TLS version would be a plus (albeit a -27 would be required) but I am
        > removing my DISCUSS
    
    I have included the following text in the two places we specify TLS:
    
            <t>
              Use of TLS 1.3 (or newer) is encouraged. TLS 1.2 or newer is
              REQUIRED.
            </t>
    
    --
    Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
     -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email