Re: [auth48] AUTH48: RFC-to-be 9415 <draft-irtf-pearg-numeric-ids-history-11> for your review

[Fernando Gont <fgont@si6networks.com>]

Hi, RFC-Ed,

Attached you'll find my edits addressing your comments.

Please note: for this and the other documents in this cluster, I have 
added comments in he xml source, marked as "[fgont]".

Thanks!

Regards,
Fernando




On 26/5/23 21:12, rfc-editor@rfc-editor.org wrote:
> Authors,
> 
> While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the XML file.
> 
> 1) <!--[rfced] Please ensure that the guidelines listed in Section 2.1 of RFC 5743
> have been adhered to in this document.  -->
> 
> 
> 2) <!--[rfced] Please insert any keywords (beyond those that appear in
> the title) for use on https://www.rfc-editor.org/search. -->
> 
> 
> 3) <!--[rfced] We note that RFC 1035 does not include a mention of "RFC Query
> IDs". Please review and let us know if/how this citation should be updated.
> 
> Original:
>     Networking protocols employ a variety of transient numeric
>     identifiers for different protocol objects, such as IPv4 and IPv6
>     Fragment Identifiers [RFC0791] [RFC8200], IPv6 Interface Identifiers
>     (IIDs) [RFC4291], transport protocol ephemeral port numbers
>     [RFC6056], TCP Initial Sequence Numbers (ISNs) [RFC0793], NTP
>     Reference IDs (REFIDs) [RFC5905], and DNS Query IDs [RFC1035].
> -->
> 
> 
> 4) <!--[rfced] We see a number of author-inserted comments in the XML file for
> this document. We are unsure if these have been resolved. Please review
> and let us know if these can be deleted or if they need to be addressed.
> -->
> 
> 
> 5) <!--[rfced] [SUSE2011] is dated December 2011. Should it still be listed
> under "November 2011"? Please review and let us know if/how it should be updated.
> 
> Original:
>     November 2011:
>        Linux mitigates predictable IPv6 Identification values
>        [RedHat2011] [SUSE2011] [Ubuntu2011].
> 
> Similarly, [USCERT2001] is dated as from March 2001. Should it still be listed
> under "May 2001"? Please review and let us know if/how it should be updated.
> 
> Original:
>     May 2001:
>        Vulnerability advisories [CERT2001] [USCERT2001] were released
>        regarding statistical weaknesses in some ISN generators, affecting
>        popular TCP implementations.
> -->
> 
> 
> 6) <!--[rfced] FYI, this item has been rephrased as follows to avoid
> "upcoming revision" because it is inaccurate. Please review and
> let us know if further changes are needed. Also, please see the
> perhaps text in case you would like to reference the RFC
> rather than the I-D, as mentioned in question #10.
> 
> Original:
>     August 2014:
>        [I-D.eddy-rfc793bis-04], the upcoming revision of the core TCP
>        protocol specification, incorporates the algorithm specified in
>        [RFC6528] as the recommended ("SHOULD") algorithm for TCP ISN
>        generation.
> 
> Current:
>     August 2014:
>        The algorithm specified in [RFC6528] becomes the recommended
>        ("SHOULD") algorithm for TCP ISN generation in
>        [I-D.eddy-rfc793bis-04], an early revision of the core TCP
>        specification [RFC9293].
> 
> Perhaps (simply referencing the RFC):
>     August 2014:
>        The algorithm specified in [RFC6528] becomes the recommended
>        ("SHOULD") algorithm for TCP ISN generation in an early revision of
>        the core TCP specification that would later be published as RFC 9293
>        [RFC9293].
> -->
> 
> 
> 7) <!--[rfced] RFC 2374 obsoletes RFC 2073. Therefore, we have updated the
> citation from [RFC2373] to [RFC2073]. As this was the only instance where
> RFC 2373 was cited in this document, we have removed the corresponding
> reference. Please let us know of any objections.
> 
> Original:
>     July 1998:
>        [RFC2374] specifies "An IPv6 Aggregatable Global Unicast Address
>        Format" (obsoleting [RFC2373]) changing the size of the IID to 64
>        bits, and specifies that IIDs must be constructed in IEEE EUI-64
>        format.
> 
> Current:
>     July 1998:
>        [RFC2374] specifies "An IPv6 Aggregatable Global Unicast Address
>        Format" (obsoleting [RFC2073]) changing the size of the IID to 64
>        bits and specifies that IIDs must be constructed in IEEE 64-bit
>        Extended Unique Identifier (EUI-64) format.
> -->
> 
> 
> 8) <!--[rfced] As asterisks are used in the sentence below, would you
> like to make use of the <strong> element for emphasis? This will yield
> asterisks in the text output and bold letters in the html and pdf outs
> <https://authors.ietf.org/rfcxml-vocabulary#strong>.
> 
> Original:
>     April 2014:
>        [RFC7217] (formerly [I-D.ietf-6man-stable-privacy-addresses]) is
>        published, specifying "A Method for Generating Semantically Opaque
>        Interface Identifiers with IPv6 Stateless Address
>        Autoconfiguration (SLAAC)" as an alternative to (but *not*
>        replacement of) Modified EUI-64 format IIDs.
> -->
> 
> 
> 9) <!--[rfced] References
> 	
> a) Would you like the references to be alphabetized or left in their
> current order?
> 
> b) The following RFCs have been obsoleted. Other than specific instances
> where RFCs are cited in the timelines, may these RFCs be replaced with their
> obsoleting RFCs?
> 
> RFC 793 > RFC 9293
> RFC 1323 > RFC 7323
> RFC 1883 > RFC 8200
> RFC 2460 > RFC 8220
> RFC 6528 > RFC 9293
> 
> c) The URL provided returns 404 page not found. We have updated
> the URL as follows. Please let us know if you prefer otherwise.
> 
> Original:
>     [Shimomura1995]
>                Shimomura, T., "Technical details of the attack described
>                by Markoff in NYT", Message posted in USENET's
>                comp.security.misc newsgroup Message-ID:
>                <3g5gkl$5j1@ariel.sdsc.edu>, 1995,
>                <https://www.gont.com.ar/docs/post-shimomura-usenet.txt>.
> 
> Current:
>     [Shimomura1995]
>                Shimomura, T., "Technical details of the attack described
>                by Markoff in NYT", message to the USENET
>                comp.security.misc newsgroup, 25 January 1995,
>                <https://groups.google.com/g/comp.security.misc/c/
>                z5j323oQJeg/m/O7STL_6X_v4J>.
> 
> 
> d) The URL for the reference below leads to a page titled "TCP Idle Scan
> (-sI)". We have found a URL leading to a page with the same title as the
> one provided. May we update this reference?
> 
> Original:
>     [Fyodor2002]
>                Fyodor, "Idle scanning and related IP ID games", 2002,
>                <http://www.insecure.org/nmap/idlescan.html>.
> 
> Perhaps:
>     [Fyodor2002]
>                Fyodor, "Idle Scanning and related IPID games", September 2002,
>                <https://nmap.org/presentations/CanSecWest03/CD_Content/idlescan_paper/idlescan.html>.
> 
> 
> e) May we update the URL and the title of this reference as follows?
> (Same question as for RFC-to-be 9414.)
>                                                                                       
> Original:
>     [Sanfilippo1998b]
>                Sanfilippo, S., "Idle scan", Post to Bugtraq mailing-list,
>                1998, <https://github.com/antirez/hping/raw/master/docs/
>                SPOOFED_SCAN.txt
> 
> Perhaps:
>     [Sanfilippo1998b]
>                Sanfilippo, S., "new tcp scan method", message to the
>                Bugtraq mailing list, 18 December 1998,
>                <https://seclists.org/bugtraq/1998/Dec/79>.
> 
> f) Would you like to update add a URL to the reference and
> update the title accordingly?
> 
> Original:
>     [Gont2011] Gont, F., "Hacking IPv6 Networks (training course)", Hack
>                In Paris 2011 Conference Paris, France, June 2011.
> 
> Perhaps:
>     [Gont2011] Gont, F., "Hacking IPv6 Networks", Hack
>               In Paris 2011 Conference Paris, France, June 2011,
> 	     <https://www.si6networks.com/files/presentations/hip2011/
> 	     fgont-hip2011-hacking-ipv6-networks.pdf>.
> 
> g) We are having trouble opening the URL from the reference below.	
> May we update it as follows?
> 
> Original:
>     [Klein2007b]
>                Klein, A., "BIND 9 DNS Cache Poisoning", March 2007,
>                <https://citeseerx.ist.psu.edu/viewdoc/
>                summary?doi=10.1.1.86.4474>.
> 
> Perhaps:
>     [Klein2007b]
>                Klein, A., "BIND 9 DNS Cache Poisoning", March 2007,
>                <https://citeseerx.ist.psu.edu/viewdoc/
>                summary?doi=10.1.1.86.4474>.
> -->
> 
> 
> 10) <!--[rfced] Regarding the references to Internet-Drafts, we suggest
> updating the anchors as follows. Please let us know if you prefer
> otherwise.
> 
> This renaming would enable all references to the same
> document to appear together in the references section. (Currently
> the references are not automatically sorted alphanumerically
> because sortRefs="false". Would you like to change to sortRefs="true"?)
> 
> Although references to multiple versions of one Internet-Draft are
> permitted, you might consider whether this essential to the timelines
> that are provided in the subsections of Section 4.
> 
> In the cases where the I-D has been published as an RFC, we suggest
> rephrasing the text to simply reference the RFC.
> 
> Original -> Suggested
> 
> [draft-fgont-6man-rfc4941bis-00]-> [SLAAC-PRIV-GONT-00]
> [draft-ietf-6man-rfc4941bis-00] -> [SLAAC-PRIV-00]
> [I-D.ietf-6man-rfc4941bis]      -> [SLAAC-PRIV-12]  -> RFC 8981
> 
> [I-D.gont-opsec-ipv6-host-scanning] -> [HOST-SCAN-GONT-02]
> [I-D.ietf-opsec-ipv6-host-scanning] -> [HOST-SCAN-08]   -> RFC 7707
> 
> [draft-gont-6man-stable-privacy-addresses-00] -> [STABLE-PRIV-ADDR-GONT-00]
> [I-D.gont-6man-stable-privacy-addresses]      -> [STABLE-PRIV-ADDR-GONT-01]
> [draft-ietf-6man-stable-privacy-addresses-00] -> [STABLE-PRIV-ADDR-00]
> [I-D.ietf-6man-stable-privacy-addresses]      -> [STABLE-PRIV-ADDR-17]    -> RFC 7217
> 
> [I-D.cooper-6man-ipv6-address-generation-privacy] -> [ADDR-GEN-PRIV-COOPER-00]
> [I-D.ietf-6man-ipv6-address-generation-privacy]   -> [ADDR-GEN-PRIV-08]
> 
> [draft-gont-6man-address-usage-recommendations-00] -> [ADDR-REC-00]
> 
> [draft-gont-6man-non-stable-iids-00] -> [TEMP-IIDS-04]
> 
> [draft-ietf-6man-default-iids-00] -> [DEFAULT-IIDS-00]
> [I-D.ietf-6man-default-iids]      -> [DEFAULT-IIDS-16] -> RFC 8064
> 
> [I-D.gont-predictable-numeric-ids] -> [PREDICTABLE-NIDS-03]
>      Note: this was replaced by draft-irtf-pearg-numeric-ids-history-11
>      (which is this document itself)
> 
> [I-D.ietf-6man-rfc2460bis] -> [IPv6-13] -> RFC 8200
> 
> [draft-stenn-ntp-not-you-refid-00] -> [NTP-REFID-GONT-00]
> [draft-ietf-ntp-refid-updates-00]  -> [NTP-REFID-00]
> [I-D.ietf-ntp-refid-updates]       -> [NTP-REFID-05]
> 
> [I-D.eddy-rfc793bis-04] -> [TCP-EDDY-04]
>       Note: this was replaced by draft-ietf-tcpm-rfc793bis -> RFC 9293
> 
> [I-D.gont-ntp-port-randomization] -> [NTP-PORT-RAND-GONT-04]
> [I-D.ietf-ntp-port-randomization] -> [NTP-PORT-RAND-08] -> RFC 9109
> 
> [draft-gont-6man-predictable-fragment-id-00] -> [PRED-FRAG-ID-GONT-00]
> [I-D.gont-6man-predictable-fragment-id]      -> [PRED-FRAG-ID-GONT-03]
> [draft-ietf-6man-predictable-fragment-id-00] -> [PRED-FRAG-ID-00]
> [draft-ietf-6man-predictable-fragment-id-01] -> [PRED-FRAG-ID-01]
> [draft-ietf-6man-predictable-fragment-id-02] -> [PRED-FRAG-ID-02]
> [draft-ietf-6man-predictable-fragment-id-08] -> [PRED-FRAG-ID-08]
> [I-D.ietf-6man-predictable-fragment-id]      -> [PRED-FRAG-ID-10] -> RFC 7739
> -->
> 
> 
> 11) <!-- [rfced] Throughout the text, the following terminology appears to be used
> inconsistently. Please review these occurrences and let us know if/how they
> may be made consistent.
> 
> destination address vs. Destination Address
> source address vs. Source Address
> -->
> 
> 
> 12) <!-- [rfced] Please review the "Inclusive Language" portion of the online
> Style Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language>
> and let us know if any changes are needed.
> 
> For example, please consider whether "dumb" should be updated.
> 
> In addition, please consider whether "traditional" and "traditionally" should
> be updated for clarity.  While the NIST website
> <https://www.nist.gov/nist-research-library/nist-technical-series-publications-author-instructions#table1>
> indicates that this term is potentially biased, it is also ambiguous.
> "Tradition" is a subjective term, as it is not the same for everyone.
> -->
> 
> 
> Thank you.
> 
> RFC Editor/ap/ar
> 
> 
> On May 26, 2023, rfc-editor@rfc-editor.org wrote:
> 
> *****IMPORTANT*****
> 
> Updated 2023/05/26
> 
> RFC Author(s):
> --------------
> 
> Instructions for Completing AUTH48
> 
> Your document has now entered AUTH48.  Once it has been reviewed and
> approved by you and all coauthors, it will be published as an RFC.
> If an author is no longer available, there are several remedies
> available as listed in the FAQ (https://www.rfc-editor.org/faq/).
> 
> You and you coauthors are responsible for engaging other parties
> (e.g., Contributors or Working Group) as necessary before providing
> your approval.
> 
> Planning your review
> ---------------------
> 
> Please review the following aspects of your document:
> 
> *  RFC Editor questions
> 
>    Please review and resolve any questions raised by the RFC Editor
>    that have been included in the XML file as comments marked as
>    follows:
> 
>    <!-- [rfced] ... -->
> 
>    These questions will also be sent in a subsequent email.
> 
> *  Changes submitted by coauthors
> 
>    Please ensure that you review any changes submitted by your
>    coauthors.  We assume that if you do not speak up that you
>    agree to changes submitted by your coauthors.
> 
> *  Content
> 
>    Please review the full content of the document, as this cannot
>    change once the RFC is published.  Please pay particular attention to:
>    - IANA considerations updates (if applicable)
>    - contact information
>    - references
> 
> *  Copyright notices and legends
> 
>    Please review the copyright notice and legends as defined in
>    RFC 5378 and the Trust Legal Provisions
>    (TLP – https://trustee.ietf.org/license-info/).
> 
> *  Semantic markup
> 
>    Please review the markup in the XML file to ensure that elements of
>    content are correctly tagged.  For example, ensure that <sourcecode>
>    and <artwork> are set correctly.  See details at
>    <https://authors.ietf.org/rfcxml-vocabulary>.
> 
> *  Formatted output
> 
>    Please review the PDF, HTML, and TXT files to ensure that the
>    formatted output, as generated from the markup in the XML file, is
>    reasonable.  Please note that the TXT will have formatting
>    limitations compared to the PDF and HTML.
> 
> 
> Submitting changes
> ------------------
> 
> To submit changes, please reply to this email using ‘REPLY ALL’ as all
> the parties CCed on this message need to see your changes. The parties
> include:
> 
>    *  your coauthors
> 
>    *  rfc-editor@rfc-editor.org (the RPC team)
> 
>    *  other document participants, depending on the stream (e.g.,
>       IETF Stream participants are your working group chairs, the
>       responsible ADs, and the document shepherd).
> 
>    *  auth48archive@rfc-editor.org, which is a new archival mailing list
>       to preserve AUTH48 conversations; it is not an active discussion
>       list:
> 
>      *  More info:
>         https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc
> 
>      *  The archive itself:
>         https://mailarchive.ietf.org/arch/browse/auth48archive/
> 
>      *  Note: If only absolutely necessary, you may temporarily opt out
>         of the archiving of messages (e.g., to discuss a sensitive matter).
>         If needed, please add a note at the top of the message that you
>         have dropped the address. When the discussion is concluded,
>         auth48archive@rfc-editor.org will be re-added to the CC list and
>         its addition will be noted at the top of the message.
> 
> You may submit your changes in one of two ways:
> 
> An update to the provided XML file
> — OR —
> An explicit list of changes in this format
> 
> Section # (or indicate Global)
> 
> OLD:
> old text
> 
> NEW:
> new text
> 
> You do not need to reply with both an updated XML file and an explicit
> list of changes, as either form is sufficient.
> 
> We will ask a stream manager to review and approve any changes that seem
> beyond editorial in nature, e.g., addition of new text, deletion of text,
> and technical changes.  Information about stream managers can be found in
> the FAQ.  Editorial changes do not require approval from a stream manager.
> 
> 
> Approving for publication
> --------------------------
> 
> To approve your RFC for publication, please reply to this email stating
> that you approve this RFC for publication.  Please use ‘REPLY ALL’,
> as all the parties CCed on this message need to see your approval.
> 
> 
> Files
> -----
> 
> The files are available here:
>    https://www.rfc-editor.org/authors/rfc9415.xml
>    https://www.rfc-editor.org/authors/rfc9415.html
>    https://www.rfc-editor.org/authors/rfc9415.pdf
>    https://www.rfc-editor.org/authors/rfc9415.txt
> 
> Diff file of the text:
>    https://www.rfc-editor.org/authors/rfc9415-diff.html
>    https://www.rfc-editor.org/authors/rfc9415-rfcdiff.html (side by side)
> 
> Diff of the XML:
>    https://www.rfc-editor.org/authors/rfc9415-xmldiff1.html
> 
> The following files are provided to facilitate creation of your own
> diff files of the XML.
> 
> Initial XMLv3 created using XMLv2 as input:
>    https://www.rfc-editor.org/authors/rfc9415.original.v2v3.xml
> 
> XMLv3 file that is a best effort to capture v3-related format updates
> only:
>    https://www.rfc-editor.org/authors/rfc9415.form.xml
> 
> 
> Tracking progress
> -----------------
> 
> The details of the AUTH48 status of your document are here:
>    https://www.rfc-editor.org/auth48/rfc9415
> 
> Please let us know if you have any questions.
> 
> Thank you for your cooperation,
> 
> RFC Editor
> 
> --------------------------------------
> RFC9415 (draft-irtf-pearg-numeric-ids-history-11)
> 
> Title            : Unfortunate History of Transient Numeric Identifiers
> Author(s)        : F. Gont, I. Arce

-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: F242 FF0E A804 AF81 EB10 2F07 7CA1 321D 663B B494