Re: [Dime] Ben Campbell's No Objection on draft-ietf-dime-4over6-provisioning-04: (with COMMENT)
"Zhouqian (Cathy)" <cathy.zhou@huawei.com> Thu, 06 August 2015 07:34 UTC
Return-Path: <cathy.zhou@huawei.com>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A53331ACD86; Thu, 6 Aug 2015 00:34:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QdbLnFfhDTkG; Thu, 6 Aug 2015 00:34:35 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AEFA61ACD84; Thu, 6 Aug 2015 00:34:33 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml403-hub.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id BVY24025; Thu, 06 Aug 2015 07:34:32 +0000 (GMT)
Received: from SZXEMA412-HUB.china.huawei.com (10.82.72.71) by lhreml403-hub.china.huawei.com (10.201.5.217) with Microsoft SMTP Server (TLS) id 14.3.235.1; Thu, 6 Aug 2015 08:34:31 +0100
Received: from SZXEMA512-MBX.china.huawei.com ([169.254.7.182]) by SZXEMA412-HUB.china.huawei.com ([10.82.72.71]) with mapi id 14.03.0235.001; Thu, 6 Aug 2015 15:34:24 +0800
From: "Zhouqian (Cathy)" <cathy.zhou@huawei.com>
To: Ben Campbell <ben@nostrum.com>, The IESG <iesg@ietf.org>
Thread-Topic: [Dime] Ben Campbell's No Objection on draft-ietf-dime-4over6-provisioning-04: (with COMMENT)
Thread-Index: AQHQz7kkM+psF2YBkU60UpkoW1k0DZ3+h2Yg
Date: Thu, 06 Aug 2015 07:34:24 +0000
Message-ID: <A6A061BEE5DDC94A9692D9D81AF776DF409EE785@SZXEMA512-MBX.china.huawei.com>
References: <20150805195831.24117.11508.idtracker@ietfa.amsl.com>
In-Reply-To: <20150805195831.24117.11508.idtracker@ietfa.amsl.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.66.77.95]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <http://mailarchive.ietf.org/arch/msg/dime/pls1uC7G1VQPo4P0KlBigHYof1c>
Cc: "dime-chairs@ietf.org" <dime-chairs@ietf.org>, "draft-ietf-dime-4over6-provisioning@ietf.org" <draft-ietf-dime-4over6-provisioning@ietf.org>, "dime@ietf.org" <dime@ietf.org>, "draft-ietf-dime-4over6-provisioning.shepherd@ietf.org" <draft-ietf-dime-4over6-provisioning.shepherd@ietf.org>, "draft-ietf-dime-4over6-provisioning.ad@ietf.org" <draft-ietf-dime-4over6-provisioning.ad@ietf.org>
Subject: Re: [Dime] Ben Campbell's No Objection on draft-ietf-dime-4over6-provisioning-04: (with COMMENT)
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dime/>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Aug 2015 07:34:37 -0000
Hi Ben, Thanks for the comments. Please see my reply below: Best Regards, Cathy > -----Original Message----- > From: DiME [mailto:dime-bounces@ietf.org] On Behalf Of Ben Campbell > Sent: Thursday, August 06, 2015 3:59 AM > To: The IESG > Cc: draft-ietf-dime-4over6-provisioning@ietf.org; dime-chairs@ietf.org; > dime@ietf.org; draft-ietf-dime-4over6-provisioning.shepherd@ietf.org; > draft-ietf-dime-4over6-provisioning.ad@ietf.org > Subject: [Dime] Ben Campbell's No Objection on > draft-ietf-dime-4over6-provisioning-04: (with COMMENT) > > Ben Campbell has entered the following ballot position for > draft-ietf-dime-4over6-provisioning-04: No Objection > > When responding, please keep the subject line intact and reply to all email > addresses included in the To and CC lines. (Feel free to cut this introductory > paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-dime-4over6-provisioning/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks for an easy-to-read document. I have a few questions and comments, > that I hope can be resolve easily: > > -- 3.2: > Is it possible (or reasonable) for the FQDN to include an internationalized > domain name? That is, is there a need for a idn or precis dependency? (I'm not > saying there _is_ such a need; I'm just > asking.) I think it is possible for the FQDN to include an IDN. But this document does not define the FQDN encoding. It just follows the definition in RFC1035, RFC1123 and RFC2181. > > -- 6.1, 2nd paragraph: > > So you mean MiTM attacks _on_ peers, or _by_ peers? I assume the second, > since the first can be mitigated with TLS. (I’m not sure I would call this a MiTM > per se, it’s just an issue that compromised or malicious nodes already in the > path may do bad things.) The MiTM attacker may alter the information sent between the peers. So you are right, it should be changed to "by_peers". Thanks. > > -- 6.2: > Thanks for including this--but I think it needs a bit more. I assume from these > sections that some of these AVPs are "security-sensitive" as defined in the > referenced section of RFC 6733. That section invokes requirements to use > mutually authenticated TLS or IPSec, and to be sure that messages do not > traverse any nodes that are not explicitly trusted. > It would be good to explicitly list which AVPs from this draft qualify as such > (unless the answer is "all of them"), and to explicitly mention that the > additional requirements apply to their use. I think all the AVPs in this draft qualify the requirements defined in RFC 6733. > > > _______________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/listinfo/dime
- [Dime] Ben Campbell's No Objection on draft-ietf-… Ben Campbell
- Re: [Dime] Ben Campbell's No Objection on draft-i… Zhouqian (Cathy)
- Re: [Dime] Ben Campbell's No Objection on draft-i… mohamed.boucadair
- Re: [Dime] Ben Campbell's No Objection on draft-i… Ben Campbell
- Re: [Dime] Ben Campbell's No Objection on draft-i… Zhouqian (Cathy)