Re: [bmwg] Roman Danyliw's Discuss on draft-ietf-bmwg-ngfw-performance-13: (with DISCUSS and COMMENT)
Roman Danyliw <rdd@cert.org> Thu, 13 October 2022 18:47 UTC
Return-Path: <rdd@cert.org>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89556C157B48; Thu, 13 Oct 2022 11:47:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Oz_SC5PcVkUc; Thu, 13 Oct 2022 11:47:19 -0700 (PDT)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0092.outbound.protection.office365.us [23.103.208.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D465C15271E; Thu, 13 Oct 2022 11:47:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=xsFnqNXF16YvRJPr6mEve6J9NUy5Iwk7H3BrcMrsLr3iuL5KEoMERGPipKwu60916TqHO5/6+OHms5v1P4uEhIV3jUsBRaVObgomSBC7uKe0PmErKJgac2IzFO+Hn7p6agQVyfvWyo7u5m6R8jvdSBM/NmwlRI+9fnF4Di6ZxlWQMnHS27HxdQ4tRqv4kQvUBjfB20ZrZjKVGTVvUAaxOKUme5vOmtjP2+x+BQkyYsvm98SGjcR3SC+JZgv9RSBc+WJ+URV6SUezo2QIo5RQF1CipTNKjyIjfa9/7ruprL27EoGMVQCINjTzwHciuyqEAO5jM3NG7NimP2aConzq3Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=00VF4FRZyL3l/1v1BXkR9+59MEO/yR3iXtwCBR1RaHo=; b=X+gmrpyRLHRpOEnOsPS2USPDnX6L4/RO9Vaqiye0SI2ginlWITtCWZJlokUWtKJZn8cffLoRxPmtiLjsCyBURe2V+Y+sn3Z4KfjyvjKToxQH3sQRlUbToVG/rD4zNXKNkw/7pjkFFLwmbH7AR48mH5BgCmrnMPK55fUhJEcUxGvEm5WUlsZHgj1ODE6IGOVVdhMxE8reyFDSpVNFKlaWBdLFIKROel846L2eq0/3zSbakcyoazOtdKj07P+r5ivVC5DwDWD+jfYJf/hEJ+wwvD6G89jINHdDTU6ATbjTZ0OxdrGeZUAJ8T/qFYjWG58sLOEoNYjkqUd6kz9udqmMDg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=00VF4FRZyL3l/1v1BXkR9+59MEO/yR3iXtwCBR1RaHo=; b=XEsaNF7fRrSwW7XdGzyh8eyBQW35ichRlvynWxHzHmcatUh4ac2ojXet/Z2rJpc6RYNdruesFsmSGtorSw9S/bTPjcOtdQOJwQD3MtPnEkcuzJ0AIwMaH5rNOuMXbBE0wqYfJByp/LAqJ+yIwRZwLUXCNu4nYLztE4w0qzKtC44=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1272.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:17a::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5709.21; Thu, 13 Oct 2022 18:47:00 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::dbc:d573:57cb:e0e1]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::dbc:d573:57cb:e0e1%7]) with mapi id 15.20.5709.022; Thu, 13 Oct 2022 18:47:00 +0000
From: Roman Danyliw <rdd@cert.org>
To: "bmonkman@netsecopen.org" <bmonkman@netsecopen.org>
CC: Carsten Rossenhoevel <cross@eantc.de>, "bmwg-chairs@ietf.org" <bmwg-chairs@ietf.org>, "draft-ietf-bmwg-ngfw-performance@ietf.org" <draft-ietf-bmwg-ngfw-performance@ietf.org>, "bmwg@ietf.org" <bmwg@ietf.org>, The IESG <iesg@ietf.org>, Warren Kumari <warren@kumari.net>
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-bmwg-ngfw-performance-13: (with DISCUSS and COMMENT)
Thread-Index: AQHYGIXR3/EFi+zJjkiaPNKNvlgvyayA/mOAgApltoCBaiCFgIAYanOQ
Date: Thu, 13 Oct 2022 18:47:00 +0000
Message-ID: <BN2P110MB1107DCAF4C2460BFF8C1167BDC259@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <164384157725.26994.16348654460944534798@ietfa.amsl.com> <eb00d292-d881-afcc-b580-3119ec178627@eantc.de> <4fcc01d81dca$a0353330$e09f9990$@netsecopen.org> <CAHw9_iJBOUbdqV4Z-OCeh5L+=PK2MLdyBh-nLxXf5PQtB9663w@mail.gmail.com>
In-Reply-To: <CAHw9_iJBOUbdqV4Z-OCeh5L+=PK2MLdyBh-nLxXf5PQtB9663w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN2P110MB1107:EE_|BN2P110MB1272:EE_
x-ms-office365-filtering-correlation-id: cec1195a-9e46-47d8-ead2-08daad4b4ff2
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: M1aCxxQw2yLaIBqHyFZAKqYxjdqX7OSnrGyo1N11Iitf9nRLK5mxYOUilpiqkcd3MlgYYq82GatV1dVPrMI9H4+AWUrzVvIDcH5GwWRC9ep5/QmL17wHuFYWxKJnTJxI7XmSueqcBBshCVMc/ZZCgX9ylSM1JMwlDx/ox8qw39lygkvVhKsZQLsF7HYCu/6B0t4PwCYoVXNjyLJcpGw5gl7pkET8YZ86p0ILrGdS/NRTyJ4uqAh6Ytm3rwfIgLKUNVL/+tZZH4wkaPPDcHTBx4rN7pTkH+R+c0qCnWj/dXv7+hOMn0jBCcF5NSTK3Pl4ZDkqXvszospgif1Aaz9XVbAg0F6WSyD7k39btxQ4wUkPfdQyxVtiz9jMSkwyjkk74GQDn5orwRDrKOxQxrHq96k77t28tAIAJTDWB7xuoI2Tcbd0iIrUgk6J3c+Ws2lwTUflJsZxXj1xdqBkqb0JzWTUAnZ8eBp9PRJmyKlgZbsTcjJ+ai7q1dg8xiI1RhbkkQcXARwzv/YqgagNBN7ReTq8KgEJfZDSiwah/XH6dH89mpfiok0laFPWXljz8PaBpjoNugQTH2D8IiHg+muVVipRyHyg/tQhKIiNtiRuQnZdMKScjX3Zg3gZzguAySpUI/PBDDU8Tnp/r4W1YNqWxfe99R6SJ7kefKeJAxlp/OjehAj++ffJoYu41Xsx0nNDY4WRRY/85gsa0M73YgfQ6Q==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230022)(366004)(451199015)(83380400001)(71200400001)(66899015)(55016003)(966005)(38100700002)(6916009)(66574015)(166002)(54906003)(82960400001)(498600001)(33656002)(5660300002)(6506007)(52536014)(7696005)(8936002)(64756008)(4326008)(2906002)(8676002)(66946007)(66556008)(66446008)(76116006)(186003)(86362001)(122000001)(66476007)(9686003)(38070700005)(53546011)(26005)(30864003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: falCfGMGpgq7xknmZN7bl5hbfJozk72adETXu9zcuFUXK9TlX8yF1w2KtLDFkYDhkeThJcfV+axuHmfOMJpFsgvES66nM1atxldq7VTJ3ym8ZqMuXLK5pbouS5n59ae8ZzNhmhNbpP2adFm/BDJMRH6KtPWRiPFG+MUvLBIQVc/kDxO4KwXln1bbqG18aCzcq9SGYnk73d3XCtoB8T/Yd6MULCqv1vYlVINEWltKh7gZGhgouF/Fc2xFHZUMd9iQN+95dRqHL1sqhiwryGvThbFDsB9xMdDFV86LqrmTdLXr++j4SjWU5IRp8SkjCGhYzkdl0Qa+OX9qZMKWaoBDRHFGVpiSqvDTrNjxj6yjraZ/LF33MvpTAsM3TfMpmXMqiUrbSGLA9LSs8GgwqNolnhOaAXiVm0OhhWUCujFn9Ww=
Content-Type: multipart/alternative; boundary="_000_BN2P110MB1107DCAF4C2460BFF8C1167BDC259BN2P110MB1107NAMP_"
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: cec1195a-9e46-47d8-ead2-08daad4b4ff2
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Oct 2022 18:47:00.1506 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1272
Archived-At: <https://mailarchive.ietf.org/arch/msg/bmwg/sU92KtHYn_dxx0gCVvKW4H2H8Rc>
Subject: Re: [bmwg] Roman Danyliw's Discuss on draft-ietf-bmwg-ngfw-performance-13: (with DISCUSS and COMMENT)
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bmwg/>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Oct 2022 18:47:23 -0000
Hi!
Sincere apologies to the authors and the WG for the unacceptably long delay in responding. Thank you for the -14 revision. To make it easier to resolve the remaining DISCUSS point, I’ve reissued my ballot.
Roman
-----Original Message-----
From: Carsten Rossenhoevel <cross@eantc.de<mailto:cross@eantc.de>> Sent: Wednesday, February 2, 2022 7:48 PM
To: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>; The IESG <iesg@ietf.org<mailto:iesg@ietf.org>> Cc: draft-ietf-bmwg-ngfw-performance@ietf.org<mailto:draft-ietf-bmwg-ngfw-performance@ietf.org>; bmwg-chairs@ietf.org<mailto:bmwg-chairs@ietf.org>; bmwg@ietf.org<mailto:bmwg@ietf.org>; Al Morton <acm@research.att.com<mailto:acm@research.att.com>> Subject: Re: Roman Danyliw's Discuss on draft-ietf-bmwg-ngfw-performance-13: (with DISCUSS and COMMENT)
Dear Roman,
thank you for your comments and questions. Primarily, the document is focused on performance benchmarking as mentioned in 4.2.1. This is the area where the authors and contributors saw a major gap in test methodology. Today's datasheets of commercial firewalls are sometimes difficult to interpret. Performance benchmarking methodology applies across all types of security features (per Table 1).
Thus, we describe performance benchmarking methodology in great detail. Sections 4.3 and 7 focus on representative and reproducible load profiles. (Note - Training phases would not include threat emulation. This is normal and not mentioned otherwise in the document - do you recommend we change any text / add an explanation?)
Advanced security features use a wide range of functions and methods, as you mentioned. It would be very difficult (and a race against time) to cover white-box test methodology exhaustively for such security features in a standards document. Therefore in this document, we:
a) describe the recommended and optional security features at high level (section 4.2)
b) suggest evaluating the correct functional security effectiveness of these features in advance of performance benchmarking, outside of the core performance benchmarking methodology (mentioned in section 4.2.1, second paragraph)
c) safeguard against the false testing of a firewall without proper security features enabled (mentioned in section 4.2.1, first paragraph and 2nd sentence in second paragraph)
d) describe security effectiveness test methodology verifying protection against common vulnerabilities and exposures (CVEs) in Appendix A. This test methodology is a black-box approach not aiming to verify/compare advanced concepts such as sandboxing, zero-day threat protection, and other AI-based functions. We are working on test methodology for these areas in the NetSecOPEN group; but it is difficult to come up with reasonable test solutions (specifically if they should be reproducible and test tool-agnostic), which is why this document does not include detailed methodology yet.
Regarding "CVE" nomenclature, I agree that the language in Appendix A is not absolutely precise. The term CVE has become informally used for the
(NIST/Mitre) database entries, the firewall capability to protect, and for the test tool attack type. The authors are open to improving the terminology. What do you suggest (without making each sentence a mouthful)?
I also agree with your observation that CVEs are often not atomic and that test tool implementations and firewall implementations may cover parts of a CVE. This is an issue of the CVE database - there is no consistent numbering of sub-CVEs. We have suffered from this issue in our security effectiveness methodology verification program we have conducted since early 2021. Our goal is to create a standard document that is not tied to any specific test tool or lab implementation. Two test labs (UNH-IOL and EANTC) have worked with two test tool vendors (Spirent and Keysight) and multiple firewall vendors. We have evaluated thousands of CVEs, comparing test coverage and results.
Each test tool vendor uses individual implementations to emulate threats aligned with CVEs, and their implementations sometimes differ in the sub-CVE coverage. Firewall vendors also have their individual code and do not always cover all sub-CVEs - often for good reasons that need to be analyzed on the application layer individually (very high effort). We concluded that we have to accept the state of the art in CVE granularity and that we have to live with the uncertainties of sub-CVE coverage in general. (In detail we will continue to work with test tool and firewall vendors to align implementations and aim for best-working CVE threat protection.) If you have any ideas how this draft document could help improve the industry more quickly, we are seriously open for suggestions.
Re your other comments:
- The introduction section and tables 1/2/3 are being rephrased editorially to increase their readability and add more explanations, based on feedback from other AD reviewers.
- In section 4.2, I am not sure if I understand your comment about logging. According to RFC 2119, "RECOMMEND" and "SHOULD" consistently describe the same level of requirement?
- Well-defined TCP stack attributes are required for a network security device because transport layer attributes influence its performance greatly. Many issues found in EANTC tests in the past originated from incorrect TCP stack attributes, and non-reproducible behavior of a firewall is often related to undocumented/uncontrolled TCP stack attributes.
- From our understanding, TLS 1.3 cipher suites are all considered adequate in the industry today, while some of the TLS 1.2 cipher suites are considered deprecated. This is why we specify them in detail. That said, the note below the list of TLS 1.2 recommended ciphers encourages the use of ciphers appropriate for evolving use cases. This might lead to a selection of specific TLS 1.3 ciphers in the future as well.
- Good point regarding the use of emulated exploits in section 9. We agree to add a note.
- Regarding 2nd paragraph of A.1, second sentence ("In parallel..."), we agree that the text is imprecise. Threats that apply to the connection setup cannot be encrypted. We'll edit the text to apply to these cases as well.
Best regards, Carsten
Am 2/2/2022 um 11:39 PM schrieb Roman Danyliw via Datatracker:
Roman Danyliw has entered the following ballot position for draft-ietf-bmwg-ngfw-performance-13: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)
Please refer to
https://www.ietf.org/blog/handling-iesg-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-bmwg-ngfw-performance/
---------------------------------------------------------------------- DISCUSS:
----------------------------------------------------------------------
** A key element of successfully running the throughput tests described in Section 7, appears to be ensuring how to configure the device under test. Section 4.2. helpfully specifies feature sets with recommendations configurations. However, it appears there are elements of under-specification given the level of detail specified with normative language. Specifically:
-- Section 4.2.1 seems unspecified regarding all the capabilities in Table 1 and 2. The discussion around vulnerabilities (CVEs) does not appear to be relevant to configuration of anti-spyware, anti-virus, anti-botnet, DLP, and DDOS.
-- Recognizing that NGFW, NGIPS and UTM are not precise product categories, offerings in this space commonly rely on statistical models or AI techniques (e.g., machine learning) to improve detection rates and reduce false positives to realize the capabilities in Table 1 and 2. If even possible, how should these settings be tuned? How should the training period be handled when describing the steps of the test regime (e.g., in Section 4.3.4? Section 7.2.4?)
** Appendix A. The KPI measures don’t seem precise here – CVEs are unlikely to be the measure seen on the wire. Wouldn’t it be exploits associated with a particular vulnerability (that’s numbered via CVE)? There can be a one-to-many relationship between the vulnerability and exploits (e.g., multiple products affected by a single CVE); or the multiple implementations of an exploit.
---------------------------------------------------------------------- COMMENT:
----------------------------------------------------------------------
** Abstract. NGFW, NGIPS and UTM are fuzzy product categories. Do you want to them somewhere? How do they differ in functionality? UTM is mentioned here, but not again in the document.
** Section 1.
The requirements
for network security element performance and effectiveness have increased tremendously since then. In the eighteen years since
[RFC3511] was published, recommending test methodology and terminology for firewalls, requirements and expectations for network security elements has increased tremendously.
I don’t follow how the intent of these two sentences is different. Given the other text in this paragraph, these sentences also appear redundant.
** Section 3. Per “This document focuses on advanced, …”, what makes a testing method “advanced”?
** Section 4.2. The abstract said that testing for NGFW, NGIPS and UTM would be provided. This section is silent on UTM.
** Section 4.2. Should the following additional features be noted as a feature of NGFWs and NGIPS (Tables 1 and 2)?
-- reconnaissance detection
-- geolocation or network topology-based classification/filtering
** Section 4.2. Thanks for the capability taxonomies describe here. Should it be noted that “Table 1 and 2 are approximate taxonomies of features commonly found in currently deployed NGFW and NGIDS. The features provided by specific implementations may be named differently and not necessarily have configuration settings that align to the taxonomy.”
** Table 1. Is there a reason that DPI and Anti-Evasion (listed in Table 2 for
NGIPS) are not mentioned here (for NGFW). I don’t see how many (all?) of the features listed as RECOMMENDED could be done without it.
** Table 3. For Anti-Botnet, should it read “detects and blocks”?
** Table 3. For Web Filtering, is this scoped to be classification and threat detection by URI?
** Table 3. This table is missing a description for DoS from Table 1 and DPI and Anti-Evasion from Table 2.
** Section 4.2. Per “Logging SHOULD be enabled.” How does this
“SHOULD” align with “logging and reporting” being a RECOMMENDED in Table 1 and 2? Same question on “Application Identification and Control SHOULD be configured”
** Section 4.3.1.1. Why is such well-formed and well-behaved traffic assumed for a security device?
** Section 4.3.1. What cipher suites should be used for TLS 1.3 based tests? The text is prescriptive for TLS 1.2 (using a RECOMMEND) but simply restates all of those registered by RFC8446.
** Section 9. Given that the configurations of these test will include working exploits, it would be helpful to provide a reminder on the need control access to them.
** Section A.1.
In parallel, the CVEs will be sent to the DUT/SUT as encrypted and as well as clear text payload formats using a traffic generator.
This guidance doesn’t seem appropriate for all cases. Couldn’t the vulnerability being exploited involve a payload in the unencrypted part or a phase in the communication exchange before a secure channel is negotiated?
** Editorial nits
-- Section 1. Editorial. s/for firewalls initially/for firewalls/
-- Section 5. Typo. s/as test equipments/as test equipment/
--
Carsten Rossenhövel
Managing Director, EANTC AG (European Advanced Networking Test Center) Salzufer 14, 10587 Berlin, Germany office +49.30.3180595-21, fax +49.30.3180595-10, mobile +49.177.2505721 cross@eantc.de<mailto:cross@eantc.de>, https://www.eantc.de<https://www.eantc.de/>
Place of Business/Sitz der Gesellschaft: Berlin, Germany Chairman/Vorsitzender des Aufsichtsrats: Herbert Almus Managing Directors/Vorstand: Carsten Rossenhövel, Gabriele Schrenk Registered: HRB 73694, Amtsgericht Charlottenburg, Berlin, Germany EU VAT No: DE812824025
- [bmwg] Roman Danyliw's Discuss on draft-ietf-bmwg… Roman Danyliw via Datatracker
- [bmwg] FW: Roman Danyliw's Discuss on draft-ietf-… MORTON JR., AL
- Re: [bmwg] Roman Danyliw's Discuss on draft-ietf-… bmonkman
- Re: [bmwg] Roman Danyliw's Discuss on draft-ietf-… Carsten Rossenhoevel
- Re: [bmwg] Roman Danyliw's Discuss on draft-ietf-… bmonkman
- Re: [bmwg] Roman Danyliw's Discuss on draft-ietf-… Warren Kumari
- Re: [bmwg] Roman Danyliw's Discuss on draft-ietf-… bmonkman
- Re: [bmwg] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw