Re: [auth48] [Document Shepherd] (Changed to 9414) AUTH48: RFC-to-be 9415 <draft-irtf-pearg-numeric-ids-history-11> for your review

[Alanna Paloma <apaloma@amsl.com>]

Hi Fernando and Sara*,

*Sara - As the Document Shepherd, please review and approve of the following changes:

- added text in Section 1
- added and updated text in Section 4
- added text in Section 4.2
- added text in Section 4.5
- added text in Section 4.6

These can be seen in this diff file:
 https://www.rfc-editor.org/authors/rfc9414-auth48diff.html 


Fernando - Thank you for the updated XML file. We have updated the other files accordingly. (Note that this document is now numbered as 9414.)

The files have been posted here (please refresh):
 https://www.rfc-editor.org/authors/rfc9414.xml
 https://www.rfc-editor.org/authors/rfc9414.txt
 https://www.rfc-editor.org/authors/rfc9414.html
 https://www.rfc-editor.org/authors/rfc9414.pdf

The relevant diff files have been posted here:
 https://www.rfc-editor.org/authors/rfc9414-diff.html (comprehensive diff)
 https://www.rfc-editor.org/authors/rfc9414-auth48diff.html (AUTH48 changes)

Please review the document carefully and contact us with any further updates you may have.  Note that we do not make changes once a document is published as an RFC.

We will await approvals from each party listed on the AUTH48 status page below prior to moving this document forward in the publication process.

For the AUTH48 status of this document, please see:
 https://www.rfc-editor.org/auth48/rfc9414

Thank you,
RFC Editor/ap

> On Jun 6, 2023, at 6:55 PM, Fernando Gont <fgont@si6networks.com> wrote:
> 
> Hi, RFC-Ed,
> 
> Attached you'll find my edits addressing your comments.
> 
> Please note: for this and the other documents in this cluster, I have added comments in he xml source, marked as "[fgont]".
> 
> Thanks!
> 
> Regards,
> Fernando
> 
> 
> 
> 
> On 26/5/23 21:12, rfc-editor@rfc-editor.org wrote:
>> Authors,
>> While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the XML file.
>> 1) <!--[rfced] Please ensure that the guidelines listed in Section 2.1 of RFC 5743
>> have been adhered to in this document.  -->
>> 2) <!--[rfced] Please insert any keywords (beyond those that appear in
>> the title) for use on https://www.rfc-editor.org/search. -->
>> 3) <!--[rfced] We note that RFC 1035 does not include a mention of "RFC Query
>> IDs". Please review and let us know if/how this citation should be updated.
>> Original:
>>    Networking protocols employ a variety of transient numeric
>>    identifiers for different protocol objects, such as IPv4 and IPv6
>>    Fragment Identifiers [RFC0791] [RFC8200], IPv6 Interface Identifiers
>>    (IIDs) [RFC4291], transport protocol ephemeral port numbers
>>    [RFC6056], TCP Initial Sequence Numbers (ISNs) [RFC0793], NTP
>>    Reference IDs (REFIDs) [RFC5905], and DNS Query IDs [RFC1035].
>> -->
>> 4) <!--[rfced] We see a number of author-inserted comments in the XML file for
>> this document. We are unsure if these have been resolved. Please review
>> and let us know if these can be deleted or if they need to be addressed.
>> -->
>> 5) <!--[rfced] [SUSE2011] is dated December 2011. Should it still be listed
>> under "November 2011"? Please review and let us know if/how it should be updated.
>> Original:
>>    November 2011:
>>       Linux mitigates predictable IPv6 Identification values
>>       [RedHat2011] [SUSE2011] [Ubuntu2011].
>> Similarly, [USCERT2001] is dated as from March 2001. Should it still be listed
>> under "May 2001"? Please review and let us know if/how it should be updated.
>> Original:
>>    May 2001:
>>       Vulnerability advisories [CERT2001] [USCERT2001] were released
>>       regarding statistical weaknesses in some ISN generators, affecting
>>       popular TCP implementations.
>> -->
>> 6) <!--[rfced] FYI, this item has been rephrased as follows to avoid
>> "upcoming revision" because it is inaccurate. Please review and
>> let us know if further changes are needed. Also, please see the
>> perhaps text in case you would like to reference the RFC
>> rather than the I-D, as mentioned in question #10.
>> Original:
>>    August 2014:
>>       [I-D.eddy-rfc793bis-04], the upcoming revision of the core TCP
>>       protocol specification, incorporates the algorithm specified in
>>       [RFC6528] as the recommended ("SHOULD") algorithm for TCP ISN
>>       generation.
>> Current:
>>    August 2014:
>>       The algorithm specified in [RFC6528] becomes the recommended
>>       ("SHOULD") algorithm for TCP ISN generation in
>>       [I-D.eddy-rfc793bis-04], an early revision of the core TCP
>>       specification [RFC9293].
>> Perhaps (simply referencing the RFC):
>>    August 2014:
>>       The algorithm specified in [RFC6528] becomes the recommended
>>       ("SHOULD") algorithm for TCP ISN generation in an early revision of
>>       the core TCP specification that would later be published as RFC 9293
>>       [RFC9293].
>> -->
>> 7) <!--[rfced] RFC 2374 obsoletes RFC 2073. Therefore, we have updated the
>> citation from [RFC2373] to [RFC2073]. As this was the only instance where
>> RFC 2373 was cited in this document, we have removed the corresponding
>> reference. Please let us know of any objections.
>> Original:
>>    July 1998:
>>       [RFC2374] specifies "An IPv6 Aggregatable Global Unicast Address
>>       Format" (obsoleting [RFC2373]) changing the size of the IID to 64
>>       bits, and specifies that IIDs must be constructed in IEEE EUI-64
>>       format.
>> Current:
>>    July 1998:
>>       [RFC2374] specifies "An IPv6 Aggregatable Global Unicast Address
>>       Format" (obsoleting [RFC2073]) changing the size of the IID to 64
>>       bits and specifies that IIDs must be constructed in IEEE 64-bit
>>       Extended Unique Identifier (EUI-64) format.
>> -->
>> 8) <!--[rfced] As asterisks are used in the sentence below, would you
>> like to make use of the <strong> element for emphasis? This will yield
>> asterisks in the text output and bold letters in the html and pdf outs
>> <https://authors.ietf.org/rfcxml-vocabulary#strong>.
>> Original:
>>    April 2014:
>>       [RFC7217] (formerly [I-D.ietf-6man-stable-privacy-addresses]) is
>>       published, specifying "A Method for Generating Semantically Opaque
>>       Interface Identifiers with IPv6 Stateless Address
>>       Autoconfiguration (SLAAC)" as an alternative to (but *not*
>>       replacement of) Modified EUI-64 format IIDs.
>> -->
>> 9) <!--[rfced] References
>> 	
>> a) Would you like the references to be alphabetized or left in their
>> current order?
>> b) The following RFCs have been obsoleted. Other than specific instances
>> where RFCs are cited in the timelines, may these RFCs be replaced with their
>> obsoleting RFCs?
>> RFC 793 > RFC 9293
>> RFC 1323 > RFC 7323
>> RFC 1883 > RFC 8200
>> RFC 2460 > RFC 8220
>> RFC 6528 > RFC 9293
>> c) The URL provided returns 404 page not found. We have updated
>> the URL as follows. Please let us know if you prefer otherwise.
>> Original:
>>    [Shimomura1995]
>>               Shimomura, T., "Technical details of the attack described
>>               by Markoff in NYT", Message posted in USENET's
>>               comp.security.misc newsgroup Message-ID:
>>               <3g5gkl$5j1@ariel.sdsc.edu>, 1995,
>>               <https://www.gont.com.ar/docs/post-shimomura-usenet.txt>.
>> Current:
>>    [Shimomura1995]
>>               Shimomura, T., "Technical details of the attack described
>>               by Markoff in NYT", message to the USENET
>>               comp.security.misc newsgroup, 25 January 1995,
>>               <https://groups.google.com/g/comp.security.misc/c/
>>               z5j323oQJeg/m/O7STL_6X_v4J>.
>> d) The URL for the reference below leads to a page titled "TCP Idle Scan
>> (-sI)". We have found a URL leading to a page with the same title as the
>> one provided. May we update this reference?
>> Original:
>>    [Fyodor2002]
>>               Fyodor, "Idle scanning and related IP ID games", 2002,
>>               <http://www.insecure.org/nmap/idlescan.html>.
>> Perhaps:
>>    [Fyodor2002]
>>               Fyodor, "Idle Scanning and related IPID games", September 2002,
>>               <https://nmap.org/presentations/CanSecWest03/CD_Content/idlescan_paper/idlescan.html>.
>> e) May we update the URL and the title of this reference as follows?
>> (Same question as for RFC-to-be 9414.)
>>                                                                                      Original:
>>    [Sanfilippo1998b]
>>               Sanfilippo, S., "Idle scan", Post to Bugtraq mailing-list,
>>               1998, <https://github.com/antirez/hping/raw/master/docs/
>>               SPOOFED_SCAN.txt
>> Perhaps:
>>    [Sanfilippo1998b]
>>               Sanfilippo, S., "new tcp scan method", message to the
>>               Bugtraq mailing list, 18 December 1998,
>>               <https://seclists.org/bugtraq/1998/Dec/79>.
>> f) Would you like to update add a URL to the reference and
>> update the title accordingly?
>> Original:
>>    [Gont2011] Gont, F., "Hacking IPv6 Networks (training course)", Hack
>>               In Paris 2011 Conference Paris, France, June 2011.
>> Perhaps:
>>    [Gont2011] Gont, F., "Hacking IPv6 Networks", Hack
>>              In Paris 2011 Conference Paris, France, June 2011,
>> 	     <https://www.si6networks.com/files/presentations/hip2011/
>> 	     fgont-hip2011-hacking-ipv6-networks.pdf>.
>> g) We are having trouble opening the URL from the reference below.	
>> May we update it as follows?
>> Original:
>>    [Klein2007b]
>>               Klein, A., "BIND 9 DNS Cache Poisoning", March 2007,
>>               <https://citeseerx.ist.psu.edu/viewdoc/
>>               summary?doi=10.1.1.86.4474>.
>> Perhaps:
>>    [Klein2007b]
>>               Klein, A., "BIND 9 DNS Cache Poisoning", March 2007,
>>               <https://citeseerx.ist.psu.edu/viewdoc/
>>               summary?doi=10.1.1.86.4474>.
>> -->
>> 10) <!--[rfced] Regarding the references to Internet-Drafts, we suggest
>> updating the anchors as follows. Please let us know if you prefer
>> otherwise.
>> This renaming would enable all references to the same
>> document to appear together in the references section. (Currently
>> the references are not automatically sorted alphanumerically
>> because sortRefs="false". Would you like to change to sortRefs="true"?)
>> Although references to multiple versions of one Internet-Draft are
>> permitted, you might consider whether this essential to the timelines
>> that are provided in the subsections of Section 4.
>> In the cases where the I-D has been published as an RFC, we suggest
>> rephrasing the text to simply reference the RFC.
>> Original -> Suggested
>> [draft-fgont-6man-rfc4941bis-00]-> [SLAAC-PRIV-GONT-00]
>> [draft-ietf-6man-rfc4941bis-00] -> [SLAAC-PRIV-00]
>> [I-D.ietf-6man-rfc4941bis]      -> [SLAAC-PRIV-12]  -> RFC 8981
>> [I-D.gont-opsec-ipv6-host-scanning] -> [HOST-SCAN-GONT-02]
>> [I-D.ietf-opsec-ipv6-host-scanning] -> [HOST-SCAN-08]   -> RFC 7707
>> [draft-gont-6man-stable-privacy-addresses-00] -> [STABLE-PRIV-ADDR-GONT-00]
>> [I-D.gont-6man-stable-privacy-addresses]      -> [STABLE-PRIV-ADDR-GONT-01]
>> [draft-ietf-6man-stable-privacy-addresses-00] -> [STABLE-PRIV-ADDR-00]
>> [I-D.ietf-6man-stable-privacy-addresses]      -> [STABLE-PRIV-ADDR-17]    -> RFC 7217
>> [I-D.cooper-6man-ipv6-address-generation-privacy] -> [ADDR-GEN-PRIV-COOPER-00]
>> [I-D.ietf-6man-ipv6-address-generation-privacy]   -> [ADDR-GEN-PRIV-08]
>> [draft-gont-6man-address-usage-recommendations-00] -> [ADDR-REC-00]
>> [draft-gont-6man-non-stable-iids-00] -> [TEMP-IIDS-04]
>> [draft-ietf-6man-default-iids-00] -> [DEFAULT-IIDS-00]
>> [I-D.ietf-6man-default-iids]      -> [DEFAULT-IIDS-16] -> RFC 8064
>> [I-D.gont-predictable-numeric-ids] -> [PREDICTABLE-NIDS-03]
>>     Note: this was replaced by draft-irtf-pearg-numeric-ids-history-11
>>     (which is this document itself)
>> [I-D.ietf-6man-rfc2460bis] -> [IPv6-13] -> RFC 8200
>> [draft-stenn-ntp-not-you-refid-00] -> [NTP-REFID-GONT-00]
>> [draft-ietf-ntp-refid-updates-00]  -> [NTP-REFID-00]
>> [I-D.ietf-ntp-refid-updates]       -> [NTP-REFID-05]
>> [I-D.eddy-rfc793bis-04] -> [TCP-EDDY-04]
>>      Note: this was replaced by draft-ietf-tcpm-rfc793bis -> RFC 9293
>> [I-D.gont-ntp-port-randomization] -> [NTP-PORT-RAND-GONT-04]
>> [I-D.ietf-ntp-port-randomization] -> [NTP-PORT-RAND-08] -> RFC 9109
>> [draft-gont-6man-predictable-fragment-id-00] -> [PRED-FRAG-ID-GONT-00]
>> [I-D.gont-6man-predictable-fragment-id]      -> [PRED-FRAG-ID-GONT-03]
>> [draft-ietf-6man-predictable-fragment-id-00] -> [PRED-FRAG-ID-00]
>> [draft-ietf-6man-predictable-fragment-id-01] -> [PRED-FRAG-ID-01]
>> [draft-ietf-6man-predictable-fragment-id-02] -> [PRED-FRAG-ID-02]
>> [draft-ietf-6man-predictable-fragment-id-08] -> [PRED-FRAG-ID-08]
>> [I-D.ietf-6man-predictable-fragment-id]      -> [PRED-FRAG-ID-10] -> RFC 7739
>> -->
>> 11) <!-- [rfced] Throughout the text, the following terminology appears to be used
>> inconsistently. Please review these occurrences and let us know if/how they
>> may be made consistent.
>> destination address vs. Destination Address
>> source address vs. Source Address
>> -->
>> 12) <!-- [rfced] Please review the "Inclusive Language" portion of the online
>> Style Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language>
>> and let us know if any changes are needed.
>> For example, please consider whether "dumb" should be updated.
>> In addition, please consider whether "traditional" and "traditionally" should
>> be updated for clarity.  While the NIST website
>> <https://www.nist.gov/nist-research-library/nist-technical-series-publications-author-instructions#table1>
>> indicates that this term is potentially biased, it is also ambiguous.
>> "Tradition" is a subjective term, as it is not the same for everyone.
>> -->
>> Thank you.
>> RFC Editor/ap/ar
>> On May 26, 2023, rfc-editor@rfc-editor.org wrote:
>> *****IMPORTANT*****
>> Updated 2023/05/26
>> RFC Author(s):
>> --------------
>> Instructions for Completing AUTH48
>> Your document has now entered AUTH48.  Once it has been reviewed and
>> approved by you and all coauthors, it will be published as an RFC.
>> If an author is no longer available, there are several remedies
>> available as listed in the FAQ (https://www.rfc-editor.org/faq/).
>> You and you coauthors are responsible for engaging other parties
>> (e.g., Contributors or Working Group) as necessary before providing
>> your approval.
>> Planning your review
>> ---------------------
>> Please review the following aspects of your document:
>> *  RFC Editor questions
>>   Please review and resolve any questions raised by the RFC Editor
>>   that have been included in the XML file as comments marked as
>>   follows:
>>   <!-- [rfced] ... -->
>>   These questions will also be sent in a subsequent email.
>> *  Changes submitted by coauthors
>>   Please ensure that you review any changes submitted by your
>>   coauthors.  We assume that if you do not speak up that you
>>   agree to changes submitted by your coauthors.
>> *  Content
>>   Please review the full content of the document, as this cannot
>>   change once the RFC is published.  Please pay particular attention to:
>>   - IANA considerations updates (if applicable)
>>   - contact information
>>   - references
>> *  Copyright notices and legends
>>   Please review the copyright notice and legends as defined in
>>   RFC 5378 and the Trust Legal Provisions
>>   (TLP – https://trustee.ietf.org/license-info/).
>> *  Semantic markup
>>   Please review the markup in the XML file to ensure that elements of
>>   content are correctly tagged.  For example, ensure that <sourcecode>
>>   and <artwork> are set correctly.  See details at
>>   <https://authors.ietf.org/rfcxml-vocabulary>.
>> *  Formatted output
>>   Please review the PDF, HTML, and TXT files to ensure that the
>>   formatted output, as generated from the markup in the XML file, is
>>   reasonable.  Please note that the TXT will have formatting
>>   limitations compared to the PDF and HTML.
>> Submitting changes
>> ------------------
>> To submit changes, please reply to this email using ‘REPLY ALL’ as all
>> the parties CCed on this message need to see your changes. The parties
>> include:
>>   *  your coauthors
>>   *  rfc-editor@rfc-editor.org (the RPC team)
>>   *  other document participants, depending on the stream (e.g.,
>>      IETF Stream participants are your working group chairs, the
>>      responsible ADs, and the document shepherd).
>>   *  auth48archive@rfc-editor.org, which is a new archival mailing list
>>      to preserve AUTH48 conversations; it is not an active discussion
>>      list:
>>     *  More info:
>>        https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc
>>     *  The archive itself:
>>        https://mailarchive.ietf.org/arch/browse/auth48archive/
>>     *  Note: If only absolutely necessary, you may temporarily opt out
>>        of the archiving of messages (e.g., to discuss a sensitive matter).
>>        If needed, please add a note at the top of the message that you
>>        have dropped the address. When the discussion is concluded,
>>        auth48archive@rfc-editor.org will be re-added to the CC list and
>>        its addition will be noted at the top of the message.
>> You may submit your changes in one of two ways:
>> An update to the provided XML file
>> — OR —
>> An explicit list of changes in this format
>> Section # (or indicate Global)
>> OLD:
>> old text
>> NEW:
>> new text
>> You do not need to reply with both an updated XML file and an explicit
>> list of changes, as either form is sufficient.
>> We will ask a stream manager to review and approve any changes that seem
>> beyond editorial in nature, e.g., addition of new text, deletion of text,
>> and technical changes.  Information about stream managers can be found in
>> the FAQ.  Editorial changes do not require approval from a stream manager.
>> Approving for publication
>> --------------------------
>> To approve your RFC for publication, please reply to this email stating
>> that you approve this RFC for publication.  Please use ‘REPLY ALL’,
>> as all the parties CCed on this message need to see your approval.
>> Files
>> -----
>> The files are available here:
>>   https://www.rfc-editor.org/authors/rfc9415.xml
>>   https://www.rfc-editor.org/authors/rfc9415.html
>>   https://www.rfc-editor.org/authors/rfc9415.pdf
>>   https://www.rfc-editor.org/authors/rfc9415.txt
>> Diff file of the text:
>>   https://www.rfc-editor.org/authors/rfc9415-diff.html
>>   https://www.rfc-editor.org/authors/rfc9415-rfcdiff.html (side by side)
>> Diff of the XML:
>>   https://www.rfc-editor.org/authors/rfc9415-xmldiff1.html
>> The following files are provided to facilitate creation of your own
>> diff files of the XML.
>> Initial XMLv3 created using XMLv2 as input:
>>   https://www.rfc-editor.org/authors/rfc9415.original.v2v3.xml
>> XMLv3 file that is a best effort to capture v3-related format updates
>> only:
>>   https://www.rfc-editor.org/authors/rfc9415.form.xml
>> Tracking progress
>> -----------------
>> The details of the AUTH48 status of your document are here:
>>   https://www.rfc-editor.org/auth48/rfc9415
>> Please let us know if you have any questions.
>> Thank you for your cooperation,
>> RFC Editor
>> --------------------------------------
>> RFC9415 (draft-irtf-pearg-numeric-ids-history-11)
>> Title            : Unfortunate History of Transient Numeric Identifiers
>> Author(s)        : F. Gont, I. Arce
> 
> -- 
> Fernando Gont
> SI6 Networks
> e-mail: fgont@si6networks.com
> PGP Fingerprint: F242 FF0E A804 AF81 EB10 2F07 7CA1 321D 663B B494<rfc9415-fgont-20230607.xml>