Re: [Gen-art] Review of draft-ietf-i2nsf-problem-and-use-cases-11
Alissa Cooper <alissa@cooperw.in> Tue, 11 April 2017 19:45 UTC
Return-Path: <alissa@cooperw.in>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 062B912FC15; Tue, 11 Apr 2017 12:45:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.72
X-Spam-Level:
X-Spam-Status: No, score=-2.72 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cooperw.in header.b=gffhU4SK; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=lfIIS8Qt
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5D2VmiEQxvjw; Tue, 11 Apr 2017 12:45:41 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9EE412EB22; Tue, 11 Apr 2017 12:45:41 -0700 (PDT)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 1A56520F26; Tue, 11 Apr 2017 15:45:41 -0400 (EDT)
Received: from frontend2 ([10.202.2.161]) by compute7.internal (MEProxy); Tue, 11 Apr 2017 15:45:41 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cooperw.in; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=DBStrk6+Zzp+rWv7Jw GgP/EKuYSFcKd//dyOO1FSzIo=; b=gffhU4SKdL0XjLeW0KuaRk0Jd3lQSHsNkZ pL49c7UmSVv9GTr9eQ5UCVYGmtbEoDtF8PmcpcxKoZxJ8g1eS1RC9fwG4yeWWYc/ pnRHZtyOptUkGqTWFigjl9/r6Q+fZyV9qafvyWUxhukPJQCNW0LKWWONkw6HdGt+ wqI5V9FiF0Fc8rRBTxijvI0WALnrdm5SzM/ysftc2PcyfAAi0wsw/Pe47x4vQ/iE FAw8GlAJ4FhFDNhb+rU0wjwpo51aUsADX/d7mLMP8iQXhStbCGJN3Jce9QvkwUPx ZQYchSWwenCvUbP9Jij4ToNxqAPSQonTlA+L5aE9FhGu21iyMUVA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s= fm1; bh=DBStrk6+Zzp+rWv7JwGgP/EKuYSFcKd//dyOO1FSzIo=; b=lfIIS8Qt jX6L0OywiGzvOxyjSsogPLWicM71jWW7v0VSvrafxd0Qn/2lmWJsWO9RJ4VZ9RuR ssEKkZEsRgxEmLadlwx29vudElSX9MVvxIPruwQUl5MBKn0RHJfkpVIWnMqT0obY AlaJtoIJvk3zznPNGYkeYeQNxScgihPXWrelKlSCG/PnMSZnrc5XI3/87rC7gyqg SZ3YXqyx9u3M8DZCiZTS/cW4dtluhQMQvOzIN//ueX0Xn0ftKUPyHK3WNSSS2UfW gEDAaS9xCcn4TsTrh5iEuikykfaW3mm8DijovFJwh0dkShqvm2/Gxes71z2IUhqL ZZZvMc5NBT+3hA==
X-ME-Sender: <xms:ZTLtWCDsf1N9--WTFyvOHhiPTa3mhmZJSmqbfhemmLYjgPXCicwAbQ>
X-Sasl-enc: ro2phRiSDoX9v+xP8q7+48NfzePPcKoFB+k0gShP1NUv 1491939940
Received: from sjc-alcoop-8817.cisco.com (unknown [128.107.241.178]) by mail.messagingengine.com (Postfix) with ESMTPA id D54A624526; Tue, 11 Apr 2017 15:45:39 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Alissa Cooper <alissa@cooperw.in>
In-Reply-To: <148952979419.24295.8210647087024239014@ietfa.amsl.com>
Date: Tue, 11 Apr 2017 15:45:38 -0400
Cc: gen-art@ietf.org, draft-ietf-i2nsf-problem-and-use-cases.all@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <E82868B3-8270-4502-9C98-867C07CC6BFF@cooperw.in>
References: <148952979419.24295.8210647087024239014@ietfa.amsl.com>
To: Dale Worley <worley@ariadne.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/g8GLZC4AmRkDg0GT7x4iLEyGV-Y>
Subject: Re: [Gen-art] Review of draft-ietf-i2nsf-problem-and-use-cases-11
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2017 19:45:45 -0000
Dale, thank you for your review. Sue, thanks for your engagement with Dale’s review. I will be ballotting ABSTAIN as I agree with the assessment from Alvaro and Mirja. Alissa > On Mar 14, 2017, at 6:16 PM, Dale Worley <worley@ariadne.com> wrote: > > Reviewer: Dale Worley > Review result: Ready with Nits > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please treat these comments just > like any other last call comments. > > Document: draft-ietf-i2nsf-problem-and-use-cases-11 > Reviewer: Dale R. Worley > Review Date: 2017-03-14 > IETF LC End Date: 2017-03-22 > IESG Telechat date: [unknown] > > Summary: > > This draft is basically ready for publication, but has nits > that should be fixed before publication. > > All of these nits are editorial. > > 1. Introduction > > This document describes the problem statement for Interface to > Network Security Functions (I2NSF) as well as some I2NSF use > cases. > A summary of the state of the art in the industry and IETF which > is > relevant to I2NSF work is documented in > [I-D.hares-i2nsf-gap-analysis]. > > The content of these sentences is very good, but the construction > seems to be peculiar. The document doesn't *describe* the problem > statement, the document *is* a statement. Similarly, > hares-i2nsf-gap-analysis *is* a summary of the state of the art. So > I > would use > > This document is the problem statement for Interface to Network > Security Functions (I2NSF) as well as some I2NSF use cases. A > summary of the state of the art in the industry and IETF which is > relevant to I2NSF work is [I-D.hares-i2nsf-gap-analysis]. > > But maybe you'll prefer to ask the RFC Editor. > > This document also briefly describes the > following use cases summarized by > [I-D.pastor-i2nsf-merged-use-cases]: > > This sentence should start a new paragraph, as it's not connected to > the sentences before it. > > 3. Problem Space > > The following sub-section describes ... > > s/sub-section describes/sub-sections describe/ > > 3.1.1. Diverse Types of Security Functions > > NSFs by different vendors can have > different features and have different interfaces. > > It might be worth mentioning somewhere what seems to be a convention: > the document (or at least, section 3.1) is largely oriented toward > "service providers" who sell comprehensive network services > (including > security functions) to "customers", but who in turn buy security > functions from "vendors". Perhaps this could be entered as > terminology in section 2. > > The reason I mention this is that my background is as an end-user > (which is common in the IETF), so the term "service provider" > triggers > in my mind the idea "someone I buy something from". And the term > "vendor" triggers the *same* idea. But in this draft, the default > reader is a "service provider" and "vendor" is *not* the same thing. > > This point started to confuse me at the beginning of section 3.1.6. > > Security Functions in a Demilitarized Zone (DMZ): Examples of > this > function are firewall/ACLs, IDS/IPS, one or all of AAA services > NAT, forwarding proxies, and application filtering. > > The phrase "one or all of AAA services NAT" seems to be incorrect. I > suspect there's supposed to be a comma before NAT. > > Security gateways and VPN concentrators: Examples of these > functions are; IPsec gateways, Secure VPN concentrators that > handle bridging secure VPNs, and Secure VPN controllers for > data > flows. > > Unless "Secure VPN" is a name in itself, "secure" shouldn't be > capitalized. > > 3.1.2. Diverse Interfaces to Control and Monitor NSFs > > A challenge for monitoring is that an NSF cannot monitor what it > cannot view. Therefore, enabling a security function (e.g., > firewall > [I-D.ietf-opsawg-firewalls]) does not mean that a network is > protected. As such, it is necessary to have a mechanism to > monitor > and provide execution status of NSFs to security and compliance > management tools. There exist various network security monitoring > vendor-specific interfaces for forensics and troubleshooting. > > This paragraph seems awkward. Each sentence is reasonable, but the > connection between them is not clear to me. Perhaps the third > sentence has the meaning "... it is necesary to have a mechanism > ...to > verify that the NSF is seeing the traffic that is intended". > > The last sentence contains "network security monitoring > vendor-specific interfaces" which is awkward. Perhaps > > There exist various vendor-specific interfaces for network > security > monitoring, forensics, and troubleshooting. > > 3.1.4. More Demand to Control NSFs Dynamically > > The Security Service Providers ... > > The capitalization of "security service providers" is inconsistent. > Some times all three words are capitalized, and some times they're > not. > > 3.1.5. Demand for Multi-Tenancy to Control and Monitor NSFs > > Service providers may need several operational units to control > and > monitor the NSFs, especially when NSFs become distributed and > virtualized. > > You may want to explain what an "operational unit" is. As far as I > can tell, neither "unit" nor "operational" (in this sense) is used > elsewhere in this draft. > > 3.1.7. Lack of Mechanism for NSFs to Utilize External Profiles > > Many security functions depend on signature files or profiles to > perform (e.g., IPS/IDS signatures, DDos Open Threat Signaling > (DOTS) > filters). > > I think the words "to perform" should be removed. The sentence makes > more sense to me without those. Or, if there is a meaning that needs > to be specified, "to perform" probably isn't the right choice. "to > work" makes sense in this place, but is an informal usage. Perhaps > "to function". > > Today, the construction and use of black list databases > can be a win-win strategy for all parties involved. > > "win-win strategy" is a hackneyed phrase. This is better > > Today, the construction and use of black list databases > can be beneficial for all parties involved. > > However, it's not clear to me what additional information is carried > by "for all parties involved". And for that matter, is "today" > important here? > > I suspect that you mean something like this: > > Today, black list databases can be beneficial, and in the future > there might be open source signatures/profiles ... > > -- > > (e.g., by Snort, Suricata, Bro and Kisnet) > > s/Kisnet/Kismet/ > > "Snort, Suricata, Bro and Kisnet" reads like a reference -- I had to > look them up to discover that they are IDS software! > > But there needs to be some connection between a list of IDS software > systems and "open source signatures/profiles". Perhaps: > > Today, black list databases can be beneficial, and in the future > there might be open source signatures/profiles distributed as part > of IDS systems (e.g. Snort, Suricata, Bro and Kisnet). > > -- > > There is a need to have a standard envelope (i.e., the format) to > allow NSFs to use external profiles. > > This is awkward. Perhaps > > There is a need to have a standard format to allow NSFs to use > external profiles. > > 3.1.8. Lack of Mechanisms to Accept External Alerts to Trigger ... > > I2NSF controller(s) would manage the changing to the affected > policies ... > > This could be simplified to "I2NSF controller(s) would change the > affected policies ...". > > By monitoring the network alerts from DDoS ... > > Probably s/DDoS/DOTS/. > > ... I2NSF > can feed an alerts analytics engine that could recognize attacks > so > the I2NSF can enforce the appropriate policies. > > Here, "I2NSF" is being used as a noun, whereas the previous usage is > that it is an adjective, and "I2NSF controller(s)" would be used. > > ... provide information to the client ... > > I think this is clearer if s/the client/its clients/. "client" is > used with two meanings, one is "customer" (e.g., in the definition of > "Bespoke"), and more commonly as "software client". If you say "[the > controller's] clients", it is clear that you're using the second > meaning. > > 3.1.9. Lack of Mechanism for Dynamic Key Distribution to NSFs > > There is a need for a controller to distribute various keys to > distributed NSFs. To distribute various keys, the keys must be > created and managed. > > Perhaps combine these as > > There is a need for a controller to create, manage, and distribute > various keys to distributed NSFs. > > -- > > In addition, keys may be used to secure > the protocol and messages in the core routing infrastructure (see > [RFC4948]) > > Probably s/protocol/protocols/. > > If a device had an abstract key table > maintained by security services, a device could use these keys for > routing and seurity devices. > > s/seurity/security/ > > Typical English usage in this situation is "it could use ..."; > because > "it" is the subject of the second clause, it is presupposed to be the > same as the subject of the first clause. > > Conceptually, there must be an interface defined for routing/ > signaling protocols to make requests for automated key management > when it is being used, and to notify the protocols when keys > become > available in the key table. One potential use of such an > interface > is to manage IPsec security associations on SDN networks. > > I think you need to add a subject in "... and for XXX to notify the > protocols ..." for clarity, the omitted noun could be "interface" or > "protocols". > > The last sentence seems redundant, as security associations have been > discussed at the beginning of 3.1.9. Is there a particular reason to > point out IPsec at this point (since many secured protocols need > keys)? > > If protocols share > common mechanisms for authentication (e.g., TCP Authentication > Option [RFC5925]), then the same mapping may be reused. > > This sentence starts with "protocols [that] share common mechanisms" > but then mentions only one protocol. Do you mean > > If several protocols share a > common mechanism for authentication (e.g., TCP Authentication > Option [RFC5925]), then the same mapping may be used for all > usages of that mechanism. > > -- > > 3. Automated Key management needs to support both symmetric keys > and > group keys via the abstract key service provided by items 1 > and > 2. > > s/Key/key/ > > I think "via the abstract key service provided by items 1 and 2" is > redundant here. > > 3.2. Challenges Facing Customers > > o Which critical communications are to be preserved during > critical > events and which hosts are continue service, > > "are continue service" seems to be incorrect in some way. > > o What signaling information is passed to a controller that during > a > Distributed Denial of Service in order to ask for mitigation > services (within the scope DOTS working group), > > "that" should be removed, I think. > > 3.2.2. Today's Control Requests are Vendor Specific > > Without a standard technical > standard interface that provides a clear technical > characterization, > the service provider faces many challenges: > > Should "standard technical standard interface" be "standard > interface" > or "standardized interface"? > > No standard technical characterization, APIs, or Interface > > I think you want a colon after this phrase to parallel the other > items > in the list. > > Managing by scripts de-jour: The current practices rely upon > the > use of scripts that generate other scripts which automatically > run > to upload or download configuration changes, log information > and > other things. These scripts have to be adjusted each time an > implementation from a different vendor technology is enabled on > a > provider side. > > The phrase "on a provider side" doesn't read well. Perhaps "by a > service provider"? > > 3.3. Lack of Standard Interface to Inject Feedback to NSF > > The following sub-section describes the problems and challenges > facing customers and security service providers when some or all > of > the security functions are no longer physically hosted by the > customer's adminstrative domain. > > s/adminstrative/administrative/ > > As more sophisticated threats arise, enterprises, vendors, and > service providers have to rely on each other to achieve optimal > protection. Cyber Threat Alliance (CTA, > http://cyberthreatalliance.org/) is one of those initiatives that > aim > at combining efforts conducted by multiple organizations. > > This paragraph doesn't fit well in the flow of the text. The second > sentence seems like it's basically a reference, and the link should > be > put down in the references. But I think the point resembles the > discussion in 3.1.7, that you want to enable organizations to pass > among themselves new profiles, which the customers or service > providers can insert into NSFs in a simple way. Perhaps > > As more sophisticated threats arise, protection will depend > on enterprises, vendors, and service providers being able to > cooperate to develop optimal profiles, e.g., through initiatives > like [CTA]. > > and then combine with the paragraph which follows: > > The standard interface to provide security profiles to the NSF > should > interwork with the formats which exchange security profiles > between > organizations. > > 3.5. Difficulty to Validate Policies across Multiple Domains > > As discussed in the previous four sections, both service providers > ... > > Probably s/sections/sub-sections/. > > ... and customers have needs to express policies and profiles ... > > s/needs/need/ > > This section and the next section (section 3.6) xamine what ... > > s/xamine/examine/ > > (Have you spell-checked this draft?) > > ... happens in two specific network scnearios: ... > > s/scnearios/scenarios/ > > a) multi-domain control of > security devices hosted on virtual and non-virtual ... > > There is a noun missing after "virtual and non-virtual". > > Hosted security service may instantiate NSFs in Virtual Machines > ... > > You probably don't want to capitalize "virtual machines" here. > > To > set-up this cross-domain service, the security controller must be > able to communicate with NSFs and/or controllers within its domain > and across domains to negatiate for the services needed. > > s/set-up/set up/ ("set up" is a verb (more or less), "set-up" is the > action of setting up or the thing which is set up.) > > s/negatiate/negotiate/ > > 3.6. Software-Defined Networks > > Software-Defined Networks have changed the landscape of data > center > designs by introducing overlay networks deployed over ToR switches > that connect to a hypervisor. > > You probably should spell out "ToR switch"; "top of rack switch" is > not yet listed in Wikipedia as a meaning of "ToR". > > 4.1. Basic Framework > > Integrity of the NSF: by ensuring that the NSF is not > compromised; > > Isolation: by ensuring the execution of the NSF is > self-contained > for privacy requirements in multi-tenancy scenarios. > > Provenance of NSF: Customers may need to be provided with > strict > guarantees about the origin of the NSF, its status (e.g., > available, idle, down, and others), and feedback mechanisms so > that a customer may be able to check that a given NSF or set of > NSFs properly conform to the the customer's requirements and > subsequent configuration tasks. > > The punctuation and capitalization is inconsistent between the list > items here. I suggest changing the first two to (more or less) > sentences: > > Integrity of the NSF: Ensuring that the NSF is not compromised. > > Isolation: Ensuring the execution of the NSF is self-contained > for privacy requirements in multi-tenancy scenarios. > > Probably s/Provenance of NSF/Provenance of the NSF/. > > In order to achieve this, the security controller may collect > security measurements and share them with an independent and > trusted > third party (via Interface 1) in order to allow for attestation of > NSF functions using the third party added information. > > Would this really be via Interface 1? It looks like Interface 1 only > goes to the customer's client, not a 3rd party service, and it is > used > for passing security requests. This is made clearer in the next > paragraph, but it would probably be better to only say that there > needs to be an interface to 3rd parties for services like this, and > it > may be a variant of Interface 1 or it may be a distinct interface. > > 4.2. Access Networks > > Figure 3 shows how these virtual > access nodes for different types of customers connect connect > through > virtual access nodes an NSF. > > s/connect connect/connect/ > > The grammar of the sentence needs fixing also somewhere near "nodes > an > NSF". > > These use cases define the interaction between the operator and > the > vNSFs through automated interfaces, typically by means of > Business- > to-Business (B2B) communications. > > Is "Business-to-Business (B2B) communications" a technical term? It > doesn't seem to me to convey any additional information, since most > of > the usages envision that NSFs may be provided by outside vendors, so > pretty much any communication with an NSF may be business-to-business > communication. > > Service Provider: Service requests for policies that protect ... > > There isn't a "Service Provider" illustrated in the figure. I assume > that the Service Provider looks much like the other three cases, > since > those look very much like each other, but some sort of illustration > should be provided. Especially if the Service Provider has further > customers (presumably further to the left in the figure), that would > be a more complex architecture. > > ... may want to get > their dedicated NSFs (most likely vNSFs) for direct control > purposes. > > This is rather informal usage. Perhaps better: > > ... may want to contract separately for dedicated NSFs ... > > -- > > In this case, here are the steps to associate vNSFs to specific > customers: > > There are two cases discussed in the paragraph before this sentence, > and it's not obvious which one this sentence is connected to via "In > this case". Or does it apply to both? If it applies to the second > case only, I suggest splitting the last two sentences off as a > separate paragraph. If this sentence applies to all cases in this > subsection, I suggest removing "In this case". > > 4.3. Cloud Data Center Scenario > > The on-demand, dynamic nature of security service delivery > essentially encourages that the network security "devices" be in > software or virtual form factors, rather than in a physical > appliance > form. > > I think you want to s/form factors/forms/. (The phrase "form factor" > seems to be abused to mean many things.) > > Another example is that IPS/ > IDS services for investment banking and non-banking traffic may be > separated for regulatory reasons. > > Is "investment banking" specific here, or does this statement also > apply to "banking" generally? Or is "non-banking traffic" really > "non-investment-banking traffic" (in which case calling it "other > traffic" is probably better)? > > 4.3.2. Firewall Policy Deployment Automation > > Even though most vendors support similar firewall features, the > actual rule configuration keywords are different from vendors to > vendors, making it difficult for automation. > > Probably s/actual rule/specific rule/ or even just "specific". > > 4.3.3. Client-Specific Security Policy in Cloud VPNs > > Clients of service provider-operated cloud data centers not only > need > to secure Virtual Private Networks (VPNs), but also [X] virtual > security > functions that apply the clients' security policies. > > There's an understood verb at the location marked [X]. I think it's > supposed to be "to secure", and if so, the usage is correct. But > it's > hard to read, so I think it would be better to not omit the verb. > > 4.4. Preventing Distributed DoS, Malware and Botnet attacks > > Many networks such as Internet of > Things (IoT) networks, Information-Centric Networks (ICN), Content > Delivery Networks (CDN), Voice over IP packet networks (VoIP), and > Voice over LTE (VoLTE) are also exposed to such attacks. > > This seems to be just a specialization of the preceding sentences. > Does it add more information? (E.g., perhaps there are special > considerations for each of these types of networks, in which case it > might be useful to state that.) > > 4.5. Regulatory and Compliance Security Policies > > Organizations are not only supposed to protect their networks > against > attacks, but they should also adhere to various industry > regulations: > > It's probably better to s/should also/must also/! > > 7. Security Considerations > > Having a secure access to control and monitor NSFs is crucial for > hosted security services. > > Probably s/a secure/secure/. > > Therefore, proper secure communication > channels have to be carefully specified for carrying controlling > and > monitoring traffic between the NSFs and their management entity > (or > entities). > > I think you can condense this to "management entity(ies)", but you > probably should talk to the RFC Editor about it. > > In addition, the Flow security policies specified by customers can > conflict with providers' internal security policies which may > allow > unauthorized traffic or unauthorized changes to flow polices (e.g. > customers changing flow policies that do not belong to them). > > I don't think you want to capitalize "flow" here. > > It's not clear to me what "which may allow unauthorized ..." applies > to. It seems like there's an important issue in just > > In addition, the Flow security policies specified by customers can > conflict with providers' internal security policies > > It seems that solving I2NSF requires a clear understanding of how the > customer's policies and the provider's policies interact. (I would > think something is allowed only if both policies allow it, but the > reality may be more complex.) > > The rest of the sentence seems redundant given the discussion in the > rest of document. > > Therefore, it is crucial to have proper AAA [RFC2904] to authorize > access to the network and access to the I2NSF management stream. > > It seems to me that this is a rather generalized need for I2NSF, and > not connected to the previous sentences. So I would omit "Therefore" > and put it as a separate paragraph. > > [END] > > > _______________________________________________ > Gen-art mailing list > Gen-art@ietf.org > https://www.ietf.org/mailman/listinfo/gen-art
- Re: [Gen-art] [I2nsf] Review of draft-ietf-i2nsf-… Susan Hares
- Re: [Gen-art] Review of draft-ietf-i2nsf-problem-… Alissa Cooper
- [Gen-art] Review of draft-ietf-i2nsf-problem-and-… Dale Worley