Re: [bess] Secdir last call review of draft-ietf-bess-evpn-df-election-framework-06
"Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com> Mon, 10 December 2018 12:01 UTC
Return-Path: <jorge.rabadan@nokia.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F8FE130EC0; Mon, 10 Dec 2018 04:01:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.36
X-Spam-Level:
X-Spam-Status: No, score=-3.36 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w46GE6ENLalk; Mon, 10 Dec 2018 04:01:51 -0800 (PST)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150090.outbound.protection.outlook.com [40.107.15.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9338C130EBE; Mon, 10 Dec 2018 04:01:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yZbHojX38kFMk+zDxKFjHb/LusIyx6CqmMBc+xQnwao=; b=RWwGqSyFPN+GFi41JC7r/jdhU4WRkjjWwKnfi8b7hsQxF3G69nJHSTw4F270hWXZ9Rs4PcEEKW8tUo88JjVQN5QlDniLAI75RweUzL/pSgE2S4wH0UgrGg7d8biypBt5lOzSDyr7n0/Xr47YZQRhgErSdsOCpFhrA0ilSKMqC08=
Received: from AM0PR07MB3844.eurprd07.prod.outlook.com (52.134.82.20) by AM0PR07MB4307.eurprd07.prod.outlook.com (52.133.60.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1425.9; Mon, 10 Dec 2018 12:01:45 +0000
Received: from AM0PR07MB3844.eurprd07.prod.outlook.com ([fe80::9438:df7a:ac48:18d0]) by AM0PR07MB3844.eurprd07.prod.outlook.com ([fe80::9438:df7a:ac48:18d0%3]) with mapi id 15.20.1425.016; Mon, 10 Dec 2018 12:01:45 +0000
From: "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com>
To: Russ Housley <housley@vigilsec.com>, "secdir@ietf.org" <secdir@ietf.org>
CC: "draft-ietf-bess-evpn-df-election-framework.all@ietf.org" <draft-ietf-bess-evpn-df-election-framework.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: Secdir last call review of draft-ietf-bess-evpn-df-election-framework-06
Thread-Index: AQHUj03d4dPy3EZ4RUKDlpRabSUf36V38mCA
Date: Mon, 10 Dec 2018 12:01:45 +0000
Message-ID: <DB7C761C-3A74-4BFF-B8B3-C99D89A4598F@nokia.com>
References: <154431176283.1419.9002617678445961562@ietfa.amsl.com>
In-Reply-To: <154431176283.1419.9002617678445961562@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.14.0.181202
x-originating-ip: [135.245.20.26]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM0PR07MB4307; 6:P9q0LWIULV2FkDsSKv/x08MX9EHQATt+mh6boduaedg4x4y2MsoVgoKEtFhfehf5S4vNVciKy8ep+XT5fImxxCJR6wUISDZCEjgUDX+xWgD/IBxPLBkYaqYE4bvELCqJrpHn15qlNe1G7O0xkKgVOczekv59UlOrSwPWYnKZ8nT6DJd3M1JNgGfM5Zf4Sk586FVoWWGuqQz6MWwvX3Z8AHfvDVW3cIC82L83CuHWEYnLrCf3+gR6FN4b5YcDEz2vv0eRAzSgMvyx+3k0FKUuPql+s/HnVJBosQ/rHqeSH0L5IAG8F+kSUuUcPWIPsWXGKuH1Ii13CF6jVfJJK61MS84yUdpzsFu7T6+k6jts6U5R8UYutzpH7OwMdj46qWqeE+MR1vSip3HuVmapccAtAR7KgteXLYjd8VhLXYM0OVgMO7e5ijllpRwMynlSjqspagSDmQlXVAxGkNtFLQUBKA==; 5:rxaGV75THCQAy55xZ3byimYE7BHzBMRIfn3zfZvbKDduWayG8rFjLun2wLy4L0WQ1VbHTDSTRs3kqPRB/BJYel678t1qnNgTPtXGlXdfedIqrMjDfwEfOS4zu1oHlLU7IgchGCNjd+D8mSolWlacwlL0HYOD3Yj9ZeIsONZtp5E=; 7:du5BVgK13S4o07Y4sL2wfgRvyo6zxoeOKIB6y7djdmdw1cQTWv7r9uzyataWOuz3k4yPc2WlQqaApHdN+7OILcZ9SfBL9QEM2COMeOQEUTwTIHkHa9kx21av12alTNRft6GvNyvk1ue/zc5dQNphpw==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 7e04c6d0-57cf-4618-6908-08d65e974190
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390098)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(4618075)(2017052603328)(7193020); SRVR:AM0PR07MB4307;
x-ms-traffictypediagnostic: AM0PR07MB4307:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=jorge.rabadan@nokia.com;
x-microsoft-antispam-prvs: <AM0PR07MB4307FAECEDE45BEC5A35740CF7A50@AM0PR07MB4307.eurprd07.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230017)(999002)(11241501185)(806100)(6040522)(2401047)(5005006)(8121501046)(3231472)(944501520)(52105112)(3002001)(93006095)(93001095)(10201501046)(6055026)(148016)(149066)(150057)(6041310)(20161123564045)(20161123560045)(20161123558120)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699051)(76991095); SRVR:AM0PR07MB4307; BCL:0; PCL:0; RULEID:; SRVR:AM0PR07MB4307;
x-forefront-prvs: 08828D20BC
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(136003)(346002)(396003)(376002)(39860400002)(199004)(189003)(13464003)(186003)(6506007)(76176011)(26005)(102836004)(36756003)(2906002)(66066001)(53546011)(33656002)(446003)(99286004)(8936002)(6512007)(5660300001)(6246003)(11346002)(2616005)(486006)(14454004)(105586002)(4326008)(81166006)(81156014)(82746002)(8676002)(106356001)(53936002)(316002)(58126008)(54906003)(110136005)(229853002)(6436002)(305945005)(86362001)(7736002)(6486002)(83716004)(476003)(4001150100001)(3846002)(6116002)(71190400001)(2501003)(25786009)(71200400001)(68736007)(5024004)(256004)(478600001)(14444005)(66574011)(97736004); DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR07MB4307; H:AM0PR07MB3844.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: nokia.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 8Dz6TQp7obqY7v2omXNASEK7ynNQNF+qz86qzR3wrwDomEIxaGNK+z+NOPz962cl3BhqeIFvP5us77+At+AFf1g6VTdG1ZMF3B5Mjv3Ty0/RAjsel36XYhaC8qPs/+BxTI1LzfpoCciVKqg2lAiPAL6S5EPJ76APxRt0O2aDfmIsMltWWHgK+eGxIAuLZgkSqOU04KMUfpV7vcBUqWNiKe+U8+6RHpEQ7ZUIjaKLIcIpiFHffEDuEOQIctCDETufDZSVvsSsE/JG5GohyAFbr3f1Vvyncs9Mq6Y82p+NSYdTN16ruxfmol743BT8mRHv
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <C34A14FC3598FA49A14C0F7DF41D1431@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7e04c6d0-57cf-4618-6908-08d65e974190
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Dec 2018 12:01:45.1939 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB4307
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/ezSsdXbkJW4JjRPBe6NlYIZFe24>
Subject: Re: [bess] Secdir last call review of draft-ietf-bess-evpn-df-election-framework-06
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2018 12:01:54 -0000
Hi Russ, Thank you very much for your review. We'll publish a new version once we make all the changes suggested by the different reviewers. Please see some comments in-line with [JORGE]. Thank you. Jorge -----Original Message----- From: Russ Housley <housley@vigilsec.com> Date: Sunday, December 9, 2018 at 3:29 AM To: "secdir@ietf.org" <secdir@ietf.org> Cc: "draft-ietf-bess-evpn-df-election-framework.all@ietf.org" <draft-ietf-bess-evpn-df-election-framework.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "bess@ietf.org" <bess@ietf.org> Subject: Secdir last call review of draft-ietf-bess-evpn-df-election-framework-06 Resent-From: <alias-bounces@ietf.org> Resent-To: <jorge.rabadan@nokia.com>, <satyamoh@cisco.com>, <sajassi@cisco.com>, <jdrake@juniper.net>, <kiran.nagaraj@nokia.com>, <senthil.sathappan@nokia.com>, <matthew.bocci@nokia.com>, <stephane.litkowski@orange.com>, <mankamis@cisco.com>, <martin.vigoureux@nokia.com>, <db3546@att.com>, <aretana.ietf@gmail.com>, Stephane Litkowski <stephane.litkowski@orange.com> Resent-Date: Sunday, December 9, 2018 at 3:29 AM Reviewer: Russ Housley Review result: Has Nits I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Security Area Directors. Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments. Document: draft-ietf-bess-evpn-df-election-framework-06 Reviewer: Russ Housley Review Date: 2018-12-09 IETF LC End Date: 2018-12-18 IESG Telechat date: unknown Summary: Has Nits Major Concerns: None Minor Concerns: Please spell out EVPN on first use. I suspect that "Ethernet VPN" is good enough since "VPN" is quite well known. [JORGE] done. The Abstract seems to be overly complete, so it reads more like an Introduction. I suggest someting like: An alternative to the default Designated Forwarder (DF) selection algorithm in Ethernet VPN (EVPN) networks is defined. The DF is the Provider Edge (PE) router responsible for sending broadcast, unknown unicast and multicast (BUM) traffic to multi-homed Customer Equipment (CE) on a particular Ethernet Segment (ES) within a VLAN. In addition, the capability to influence the DF election result for a VLAN based on the state of the associated Attachment Circuit (AC) is specified. I suggest that the original Abstract text become Section 2. [JORGE] OK, done, thanks. Section 3 says: ... In addition, since the specification in EVPN [RFC7432] does leave several questions open as to the precise final state machine behavior of the DF election, section 3.1 describes precisely the intended behavior. This seems like an update to RFC 7432. If that is the intent, please update the Introduction and the Title Page Heading to say so. [JORGE] The authors, chairs and AD have discussed this a few times and we agreed that the document should not be an update of RFC7432, since it is not suggesting any changes to the existing RFC7432 procedures, but new procedures. That section is just a description of the existing state machine. However, if you and other reviewers still think it should be an update, we can maybe change the test or discuss it again. The intend is definitively not to update RFC7432. Nits: Section 2.2.1: s/multi homed/multi-homed/ Section 4: s/the state of the server states/the server states./ [JORGE] fixed, thank you.
- [bess] Secdir last call review of draft-ietf-bess… Russ Housley
- Re: [bess] Secdir last call review of draft-ietf-… Rabadan, Jorge (Nokia - US/Mountain View)