Re: [dhcwg] Secdir last call review of draft-ietf-dhc-v6only-03
"Eric Vyncke (evyncke)" <evyncke@cisco.com> Tue, 23 June 2020 13:19 UTC
Return-Path: <evyncke@cisco.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E9323A0E23; Tue, 23 Jun 2020 06:19:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=mdQZYFQP; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=JZWL2Zfq
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1rVa-XuErWl1; Tue, 23 Jun 2020 06:19:45 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99D4B3A0FFD; Tue, 23 Jun 2020 06:19:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2932; q=dns/txt; s=iport; t=1592918375; x=1594127975; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=clS6Y1LmLJmi+rgyEy7rupgkFryYb4vH8stinEc6KEQ=; b=mdQZYFQP4UhR/2meCrq9lXLPv7/C6/3h6tDqcjIqlV17rOrfC85TWlAG RIHLfyboA4JeCoPNYDRceJB0Ze0sEDglYo1iv6hUFjRsHAlWDAxw45L83 M+NadTYhcxJBTrUx+xWFXHYyybZxk2cefsZAPHvLWcWn1yHtMB8PXMSP5 E=;
IronPort-PHdr: 9a23:24AyfhP1ExTOqYJ90kYl6mtXPHoupqn0MwgJ65Eul7NJdOG58o//OFDEvK813kHIUoTf8P9PzeHRtvOoVW8B5MOHt3YPONxJWgQegMob1wonHIaeCEL9IfKrCk5yHMlLWFJ/uX3uN09TFZXgZlLTpma/5ngZHRCsfQZwL/7+T4jVicn/3uuu+prVNgNPgjf1Yb57IBis6wvLscxDiop5IaF3wRzM8XY=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ABAgCRAPJe/5JdJa1mGwEBAQEBAQEBBQEBARIBAQEDAwEBAUCBSoFSUQdvWC8shCSDRgONHCWYVYJSA1ULAQEBDAEBGAsKAgQBAYRHAheBfAIkOBMCAwEBCwEBBQEBAQIBBgRthVsMhXIBAQEBAwEBEBERDAEBLAsBCwQCAQgRAwECAwImAgICJQsUAQgIAgQBDQUigwQBgksDLgEOrBQCgTmIYXaBMoMBAQEFhQsYgg4DBoEOKoJniXwagUE/gREnDBCCTT6CXAEBhHMzgi2SLJFoj1B8CoJalESEZwMdnnuRMZ5JAgQCBAUCDgEBBYFqIoFWcBU7KgGCPlAXAg2OHoNxhRSFQnQ3AgYBBwEBAwl8j2kBAQ
X-IronPort-AV: E=Sophos;i="5.75,271,1589241600"; d="scan'208";a="501302692"
Received: from rcdn-core-10.cisco.com ([173.37.93.146]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 23 Jun 2020 13:19:34 +0000
Received: from XCH-RCD-002.cisco.com (xch-rcd-002.cisco.com [173.37.102.12]) by rcdn-core-10.cisco.com (8.15.2/8.15.2) with ESMTPS id 05NDJYlx011555 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 23 Jun 2020 13:19:34 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-002.cisco.com (173.37.102.12) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 23 Jun 2020 08:19:34 -0500
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 23 Jun 2020 09:19:32 -0400
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Tue, 23 Jun 2020 09:19:32 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=co7u4yiAiPV5+kQA1b72LiAJpT3aTKCxqFAWhbchH7meQwg+Z+7O3x6V/zn5yzLA/ZAxVTrVcJ7JTfMz7vI+cJtEYi1NhM2iMgF+NaXYNPYxas1wrOp5AJIei1uOWeGsx+Lub95XnCiRyoZuFABQW5czaAh00+ha/6X+P2XbxVIuQw3GTmfOCjC/Me/5PjJL8rTusP+g1a4MlMkgs6ZBBNotplWhs6aVmLphJlfKjemGkJrbVyYJyCKm/gBaZ9ptd70DKzxLqzgDcn/HKWLA1xk2v1UMKl0NAUQir0t61CvQxYVvpuRRaIDm96rnjiOm3EIIm2I252zTKSu3N+/PaQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=clS6Y1LmLJmi+rgyEy7rupgkFryYb4vH8stinEc6KEQ=; b=QHGoAbAOeeDu+35m5MK7N/Bw4CZQ2BTPsgG9H9B6tLNiXseyVV6DcEjXE833r7QLXopxkFIxH3pueYGONXe9slbiKhLywm1qKpnZlym8is5VkhaPbhc/u94Wny39Le3Z1GFP0Ltafes1Bs1s4wfuQ87SQ8JrBAw2HqvWv5VfLEHIZAC1JpVPn13alSoePkHpog9FdE+fPtCz6smDUwIYiST6TiAFSEpg89Z22q9hRL1jUIPM7t81OENtdGtio5iHntMVnqwOHknTe+/VC5hkHFwALYpTiFpdme+Xdcw90mKtk220nkYGh94a+1kAwZrLnGz1KltH70BOkV8pQTE+Ng==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=clS6Y1LmLJmi+rgyEy7rupgkFryYb4vH8stinEc6KEQ=; b=JZWL2ZfqRxycOwLrEW08CRQH3te6EgFTD4ssZSeUfQGiNuOWFJKlm4dRuaV+IzF0t+nwHFy8fY7X8HGdORoYSwopH6EkT7a8azNkVQ7Jr0aZOlr+g2Q8Wr69e/ZnqYu4K3A/3pNgqHWIHxkrcOzBjMH/Z3Zu2FS1Pk0OcW4WPQY=
Received: from DM5PR11MB1753.namprd11.prod.outlook.com (2603:10b6:3:10d::13) by DM5PR11MB1340.namprd11.prod.outlook.com (2603:10b6:3:15::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3109.21; Tue, 23 Jun 2020 13:19:31 +0000
Received: from DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::a14c:59b6:47b0:f630]) by DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::a14c:59b6:47b0:f630%7]) with mapi id 15.20.3109.027; Tue, 23 Jun 2020 13:19:31 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Russ Housley <housley@vigilsec.com>, "secdir@ietf.org" <secdir@ietf.org>
CC: "draft-ietf-dhc-v6only.all@ietf.org" <draft-ietf-dhc-v6only.all@ietf.org>, "dhcwg@ietf.org" <dhcwg@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: [dhcwg] Secdir last call review of draft-ietf-dhc-v6only-03
Thread-Index: AQHWRbC0YR4g64oQDE+KVmrr7ViuYqjmWAGA
Date: Tue, 23 Jun 2020 13:19:31 +0000
Message-ID: <7B6A100E-C60F-4914-8792-29819C8E4786@cisco.com>
References: <159251281326.28009.2445308597820373796@ietfa.amsl.com>
In-Reply-To: <159251281326.28009.2445308597820373796@ietfa.amsl.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.38.20061401
authentication-results: vigilsec.com; dkim=none (message not signed) header.d=none;vigilsec.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2001:420:c0c1:36:7557:86e0:6ca6:aed]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cec69c45-f3ac-44b1-05be-08d8177810c1
x-ms-traffictypediagnostic: DM5PR11MB1340:
x-microsoft-antispam-prvs: <DM5PR11MB1340CD4FBEBF90074F398D9EA9940@DM5PR11MB1340.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:2887;
x-forefront-prvs: 04433051BF
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /l7N7j+Ggsz/IqGTsu9Ts84rZK96I5y1P6NWcLI1pt4ixbAiWxYsD7RhYIuZ5v01idN+OLQsxwms1GWfD7Byg4JDYfVqz9Bd9dBcxpJyqhqH1T2IwSc5lVJz8iHJTLlvnRL8rfPKbvGPV6RFYAfvl2t/31GEJlpZ26xb2LXhtR+ZUL2EtKixEd/m9gqou3YWes8939n7fLQujEW9BHzHNcZ9+TPF1JcBmhScMZnq5dT1cLcowrZzBuOKf2FmHtoA/cxNQ/gBBJu+vLCgMbIuS+9kqM0vTH39rwYiOCcY2oiSihGGve800cCZH3+IXjI8Sd0ego1v6sT6KjyyxPadOKOOftGSUIC6bymYeirHFTbEo49rELNcDe2NENc9MncqUPA7xRtd2X5gaWEZ+0TAeg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM5PR11MB1753.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(346002)(136003)(376002)(396003)(39860400002)(366004)(110136005)(83380400001)(8676002)(6486002)(54906003)(53546011)(966005)(316002)(6512007)(186003)(2906002)(478600001)(5660300002)(71200400001)(66946007)(6506007)(76116006)(4326008)(91956017)(8936002)(36756003)(64756008)(66556008)(66476007)(2616005)(66446008)(86362001)(33656002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: QeKIez2nCplkDlrLMcF96owzz4bfgoCT+VjbbHAV8vbOAEGsRCN/ezPPCkOtzby/RH5m46HlpoWOQ1udVXLPJ6DvXGgFHZw246uksGoRr8Vduc9gqn4Yii2bpq3ph0yIMrmLlxFgJ7T+Xv97heHJDuFJJVV/8gdc43r3VWGrqOlHGa0qR43BICjf9JlEuvAXWIiP3glCIUTz5tuVTTu1vNs72xdyL8rvpHJWDgoUpzTByyJ2YYwmXRqMJeKYZjUFU+nPWN6Ym0/vfFbErXdCtD5iYv4mYwBqStvhzSWENLDz+b1MedePYSsHIgh7bPUQ0pLRuhcdBnjFBhOjprIaxHzL5UQb33FzRSbzcec/YgvsGny3A2DGRtOzVwVy0V1qsDUpRznufS5uH9jChGUtWKhmz/tvmOuUbwXVC9Pz4B9mk8HUOdtoa2MOPA6c8UK7KaR15c9CKXb/W3RZy8Z6W6ek4JOXLJravHjgb8M9btBJCvmSL1EsGyaqZ/N2q+zkLnWjys5Pb2vuqHIQZSDwcHlxeyjhttL2YaqCLCug1dY=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <FA554FF64EC3364BB8CD1954B166DB23@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: cec69c45-f3ac-44b1-05be-08d8177810c1
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jun 2020 13:19:31.6225 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: AkIZoqVOYN10YBlrfTMzDfsQVke+KBrFpdeC8bRMj06X/1CuAv2GQRm+VhmfqRpqHLIcQBthQULMo+froqvelg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1340
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.12, xch-rcd-002.cisco.com
X-Outbound-Node: rcdn-core-10.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/I4UKHqgT1b4GggcRvgZFcKZtrMY>
Subject: Re: [dhcwg] Secdir last call review of draft-ietf-dhc-v6only-03
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jun 2020 13:19:55 -0000
Thank you Russ for your review :-) -----Original Message----- From: dhcwg <dhcwg-bounces@ietf.org> on behalf of Russ Housley via Datatracker <noreply@ietf.org> Reply-To: Russ Housley <housley@vigilsec.com> Date: Thursday, 18 June 2020 at 22:40 To: "secdir@ietf.org" <secdir@ietf.org> Cc: "draft-ietf-dhc-v6only.all@ietf.org" <draft-ietf-dhc-v6only.all@ietf.org>, "dhcwg@ietf.org" <dhcwg@ietf.org>, "last-call@ietf.org" <last-call@ietf.org> Subject: [dhcwg] Secdir last call review of draft-ietf-dhc-v6only-03 Reviewer: Russ Housley Review result: Has Nits I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Security Area Directors. Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments. Document: draft-ietf-dhc-v6only-03 Reviewer: Russ Housley Review Date: 2020-06-18 IETF LC End Date: 2020-07-02 IESG Telechat date: unknown Summary: Has Nits Major Concerns: None. Minor Concerns: Section 3.4 includes: V6ONLY_WAIT The minimum time the client SHOULD stop the DHCPv4 configuration process for. MUST be no less than MIN_V6ONLY_WAIT seconds. Default: 1800 seconds The second sentence should include a subject; and "MUST NOT" seems like a better wording to me. I suggest: V6ONLY_WAIT The minimum time for which the client SHOULD stop the DHCPv4 configuration process. The value MUST NOT be less than MIN_V6ONLY_WAIT seconds. Default: 1800 seconds. Nits: Section 2: s/seems only natural/seems natural/ Section 3.3.1: s/for V6ONLY_WAIT second/for V6ONLY_WAIT seconds/ _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] Secdir last call review of draft-ietf-dhc… Russ Housley via Datatracker
- Re: [dhcwg] Secdir last call review of draft-ietf… Jen Linkova
- Re: [dhcwg] Secdir last call review of draft-ietf… Eric Vyncke (evyncke)