[Cbor] Roman Danyliw's No Objection on draft-ietf-cbor-network-addresses-09: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Mon, 04 October 2021 19:12 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: cbor@ietf.org
Delivered-To: cbor@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 518A33A0B4F; Mon, 4 Oct 2021 12:12:53 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-cbor-network-addresses@ietf.org, cbor-chairs@ietf.org, cbor@ietf.org, barryleiba@computer.org, barryleiba@computer.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.38.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <163337477331.26046.8239243254323936343@ietfa.amsl.com>
Date: Mon, 04 Oct 2021 12:12:53 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/rqUugIhbsT0g17Iv8EB-2jTs5Wo>
Subject: [Cbor] Roman Danyliw's No Objection on draft-ietf-cbor-network-addresses-09: (with COMMENT)
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Oct 2021 19:12:54 -0000

Roman Danyliw has entered the following ballot position for
draft-ietf-cbor-network-addresses-09: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/blog/handling-iesg-ballot-positions/
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-cbor-network-addresses/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

** Section 7.  Recommend generalizing the text.

OLD
   Identifying which byte sequences in a protocol are addresses may
   allow an attacker or eavesdropper to better understand what parts of
   a packet to attack.  That information, however, is likely to be found
   in the relevant RFCs anyway, so this is not a significant exposure.

NEW
This document provides an CBOR encoding for IPv4 and IPv6 address information. 
Any applications using these encodings will need to consider the security
implications of this data in their specific context.  For example, identifying
which byte sequences in a protocol are addresses may allow an attacker or
eavesdropper to better understand what parts of a packet to attack.

** Section 8.3.  Recommend making the text clearer on what’s getting deprecated

OLD
   IANA is requested to add the note "DEPRECATED in favor of 52 and 54
   for IP addresses" to registrations 260 and 261

NEW
IANA is requested to add the note "DEPRECATED for use with IP addresses in
favor of 52 and 54" to registrations 260 and 261