Re: [Cbor] Roman Danyliw's No Objection on draft-ietf-cbor-network-addresses-09: (with COMMENT)

Roman Danyliw <rdd@cert.org> Wed, 13 October 2021 21:37 UTC

Return-Path: <rdd@cert.org>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B61303A0E4C; Wed, 13 Oct 2021 14:37:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jOb_KfFIQGJK; Wed, 13 Oct 2021 14:37:37 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0113.outbound.protection.office365.us [23.103.209.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01F763A0E60; Wed, 13 Oct 2021 14:37:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=j2aNtJAzJT+94CP0wkPDyXv5UZKTrBALcRL8d1J16zY5Ey2ABZ1Qi1OdwEIintYEk9VfHhoSI/yMLljxra45OxLgeIm0fkBHBJOkd1Qj0rcUKELLydJLY4hcujNYwl6Md89ENWaIHjO8utrU85KJ7octS2ORoZ6NAZiJQjos9FV+cYW6xYc7JXuVGRgfbaHCBIDiKKX4GQGCNKNpreYSjktpynkZds1EaQ4gpEtiEL5dVtepika7eM8ewL/m7O/ZWxxDm8OpuWzbU+JQufLXEMg/mzwpnLUiJiAFi25zevFdw30HzPblhATyTeQhHFz+XjRshcALv7AgYNWpPm19EQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=3fLKnKdle5AwgPsafhY6KSCw+0DWcsIQ6TCuw/200Qo=; b=hw3RphF3dEWV1Z2JOgKVgNITTo4+7CbaAitnq1Uk8co6tdibdLYKTLN2/dJ2FWad37eEgsM6hL2CXAxCxIQ2PTY/4ARSSQQDSPYGSvUw1pCkXuB1r6Z6qVVYtU8IBARBa4nqBSziSMpZWhqg/QkoPw41OKjQzsaIr6C32ttQjp5EJSdkJviEdeeMoXDe6usGTa5lxtniH9Tj5rOU+xXRw4regH2A5NzsXQwrsbir9J+GJLbBmu8otj7H9wvqoVZEPjW2BncSkUvK+j5zCimhcdagv7uu13KdvFykyh9UUCsRZYW4K6YUTfOCVipoxlIpMrLpluowfjdWd/8/3CKWvA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3fLKnKdle5AwgPsafhY6KSCw+0DWcsIQ6TCuw/200Qo=; b=F+TauqAxtdlg9sFQXSuwFQYNECnZ9rSqbJGKKCrAxwQ1Lj7X11pe96/fWH3lNZ0tT7xhGiw7C6gguKS371RFJSRu2p/jydGJZtHWJV3Yg5Fy4IdZsSIqfEhFfScp/Z6e2rrt+fFCBZkxzXOBLRo4ebN4+cTWlqmH3XDETGO9rPY=
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:134::12) by BN1P110MB0578.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:132::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.22; Wed, 13 Oct 2021 21:37:22 +0000
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::4463:48d1:9769:567f]) by BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::4463:48d1:9769:567f%6]) with mapi id 15.20.4587.026; Wed, 13 Oct 2021 21:37:22 +0000
From: Roman Danyliw <rdd@cert.org>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: "draft-ietf-cbor-network-addresses@ietf.org" <draft-ietf-cbor-network-addresses@ietf.org>, "barryleiba@computer.org" <barryleiba@computer.org>, "cbor@ietf.org" <cbor@ietf.org>, The IESG <iesg@ietf.org>, "cbor-chairs@ietf.org" <cbor-chairs@ietf.org>
Thread-Topic: [Cbor] Roman Danyliw's No Objection on draft-ietf-cbor-network-addresses-09: (with COMMENT)
Thread-Index: AQHXuVPepPSryffzQEi8NX/WYVGXKqvRcaSAgAAQqQA=
Date: Wed, 13 Oct 2021 21:37:22 +0000
Message-ID: <BN1P110MB09398B8C3F5CD5BC809B7E35DCB79@BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM>
References: <163337477331.26046.8239243254323936343@ietfa.amsl.com> <19402.1634157453@localhost>
In-Reply-To: <19402.1634157453@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: sandelman.ca; dkim=none (message not signed) header.d=none;sandelman.ca; dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d5891b35-8e66-479e-670a-08d98e91a425
x-ms-traffictypediagnostic: BN1P110MB0578:
x-microsoft-antispam-prvs: <BN1P110MB05786E9956A70672767017B6DCB79@BN1P110MB0578.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:3276;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 7OSj5eSmQL50JLoSFvsHMuVIKAuAbBsdJ4eTQNDmp3tdQdA1UBTGIoeY0bfDG9pAqsq0+9zKYOP4YKrlrOZ2NpV4T1cvN2u+qcUj0GO/wd+9MfvWmIy7alquMdMhrSyR+REX5zxrouxeHGXoDFUqfzg/Ny01G4AprZUVzsLstCUN/UTI7h+4Jo2dfttyvnLBuwDYKqfqrvilMqZUOpL927DfdLaHi5LQA1QvmpwosfwKDAXen7gj1oE+uj8DGa3VdPUod1ZbvhzIipuAo1vQP59sdlxCp/+U/qdbWrmnI0F5LpGCRIA9RbpUxz136TZNFqIhotRk/ZWlhHJs3zyiMDqM2/laOkVl4SGasdxMz5LPhz6xm4bEQnjAN9pyksQ7crR3YcEtnQMXq4LFDqopN7i+beyFsNToXsvjFgZMGggLgNBS+BnUrXA9919rhSW2LVn5Ocd8tauK64JcYqcwLEhGs0z8FsEyr3oqCnxwnBAnfOczg7x8B+tDHCqDXs7HAlRFpv2MJvrh+bQ1uoe9QK7Mgo6ZxC7P3C7EjiX5o5cF62W0mhPQ97vyzsT7a9zJ2JLXjTBnhUcjmbePzA4NrO1Za5X/OyqsiG71TNTm5GAxGv2Sbbn+ufMsQM218TR0Q8I3XgpnN0xyahlIwbiUqOV7YG6+jjCeRGLLwBx8SISJIIkjC4BsuVq7k9SXgWjteT6SltbF/tcgj1l9t77EGQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(66946007)(52536014)(38100700002)(966005)(86362001)(33656002)(122000001)(4326008)(6506007)(66556008)(2906002)(66446008)(8676002)(83380400001)(8936002)(82960400001)(38070700005)(66574015)(7696005)(66476007)(186003)(54906003)(55016002)(64756008)(53546011)(5660300002)(76116006)(498600001)(9686003)(71200400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Qgg74mX+IG9i8/+Bx+FC4aj0OWgnGR4ZEQ6b9Wv7/isaqpU0QYxncfIbRrTLpGJxIqBKcAOgwH9Pz8jZlzVJsXZp3fFMWUn7t5dS0RFd9UqwHz8HhfajjLZs8B8Vbj70JYi+BQFNZSY5pelI4U446xynWKjnjq2PmDQ0B50CCEInW3AkxlSWyFRoirGVYqUYooHoWRobkPKcnAOUMP5q/Ulkkf2EKfLawO/1XPd5f74Pea4H3Me3dsJlHtOrdUZ8LFVog8dRwNYSMSN5xs9kFmsA8TOjW9/4DfvPWX1rCnFEbNyAeK38kfCONLyfP6zfeYA1B0AZx5vt7hviVFQuv4I4INeYk5ivGAuTUSAKXVCINsFJycUjpsn+TSvD7GDDJlaILz7nmD2kHAvpSkL7ZgjLBzW7RtEPdcFazsczU6BJSZ2/4IMlnJGL5HaVgU1ZmCQ/yRNpHcpydv69dRxTmqDcPvFLMFMGmzy9dBDWxRcLCdz5bXip344REHZuo+ZV0SCoUDC7JUZF2ReP+OBU/HtGQjjzK7mYjwwqKEN2ACeAUDkMLMprpn0l/4G82JGMTcp1w++mhZrDw5pSXeQ9zNraPUyXVTlI8xz9enKHo+SeI/lQloMLLclcSOrVIjwb7gXXvjf8JuuXxzg+g3TmggvKqlBPET3JuOXCyAC713ofOG2VVXSFUnTEtWRkQE1rWdRy9HIE1E6MWm705DzBu45gV4hw8EhfYdbybgbBMzcMxCTGhiTGXLJ4jXXqn5+Eghd9CqweNMVc5XPEDSjbF7LEnELjfzvXr2JiJoWMmw4=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: d5891b35-8e66-479e-670a-08d98e91a425
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Oct 2021 21:37:22.3673 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN1P110MB0578
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/CEha2D6qORoHFtpVsfbyU41EcL8>
Subject: Re: [Cbor] Roman Danyliw's No Objection on draft-ietf-cbor-network-addresses-09: (with COMMENT)
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Oct 2021 21:37:52 -0000

Thanks Michael!

> -----Original Message-----
> From: iesg <iesg-bounces@ietf.org> On Behalf Of Michael Richardson
> Sent: Wednesday, October 13, 2021 4:38 PM
> To: Roman Danyliw <rdd@cert.org>
> Cc: draft-ietf-cbor-network-addresses@ietf.org; barryleiba@computer.org;
> cbor@ietf.org; The IESG <iesg@ietf.org>; cbor-chairs@ietf.org
> Subject: Re: [Cbor] Roman Danyliw's No Objection on draft-ietf-cbor-network-
> addresses-09: (with COMMENT)
> 
> 
> I'm replying again to this email for completeness:
> Roman Danyliw via Datatracker <noreply@ietf.org> wrote:
>     > ** Section 7.  Recommend generalizing the text.
> 
>     > OLD
>     > Identifying which byte sequences in a protocol are addresses may
>     > allow an attacker or eavesdropper to better understand what parts of
>     > a packet to attack.  That information, however, is likely to be found
>     > in the relevant RFCs anyway, so this is not a significant exposure.
> 
>     > NEW
>     > This document provides an CBOR encoding for IPv4 and IPv6 address
> information.
>     > Any applications using these encodings will need to consider the security
>     > implications of this data in their specific context.  For example, identifying
>     > which byte sequences in a protocol are addresses may allow an attacker or
>     > eavesdropper to better understand what parts of a packet to attack.
> 
> I took your text as is, in commit
> 42e5c5cd0f3d7cb87a96908fba441f96391736e3
> https://github.com/cbor-wg/cbor-network-
> address/commit/42e5c5cd0f3d7cb87a96908fba441f96391736e3
> 
>     > ** Section 8.3.  Recommend making the text clearer on what’s getting
> deprecated
> 
>     > OLD
>     > IANA is requested to add the note "DEPRECATED in favor of 52 and 54
>     > for IP addresses" to registrations 260 and 261
> 
>     > NEW
>     > IANA is requested to add the note "DEPRECATED for use with IP addresses
> in
>     > favor of 52 and 54" to registrations 260 and 261
> 
> And this change was made in
> https://github.com/cbor-wg/cbor-network-
> address/commit/de38e39dfa7fce46c567b42332fb578632a6b749
> 
> 
> --
> Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
>            Sandelman Software Works Inc, Ottawa and Worldwide
> 
> 
>