IETF Logo Mail Archive

Re: [Gen-art] Genart last call review of draft-ietf-mile-xmpp-grid-09

"Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com> Mon, 04 March 2019 18:26 UTC

Return-Path: <ncamwing@cisco.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C44E130F2A; Mon, 4 Mar 2019 10:26:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=QCWD78my; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=ToKbMs7w
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0lV0_f159Vdq; Mon, 4 Mar 2019 10:26:02 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E05BC12DF71; Mon, 4 Mar 2019 10:26:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=19439; q=dns/txt; s=iport; t=1551723962; x=1552933562; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=Pbayov+V3M0Hj7N/mi9uDf8hKyclDHRTeN71YqQpxJs=; b=QCWD78myZ64jgUywmQZY7cM8Ysd8rQrW4lW3bWQnTOmvdHRkAruP2n+J oPLgGDBg/9JgJo6DW7unKYpfasSCf05uY7a6cbCER89SzaVxINgqxFDVO nUKRIV8dbp187uAvsMzxJ1oTRD1IVcmO8aAoGeINZXGnD/PmfxUO9NcOR U=;
IronPort-PHdr: 9a23:5rRlfRbakB812DJ+BDb6Fbj/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el20gabRp3VvvRDjeee87vtX2AN+96giDgDa9QNMn1NksAKh0olCc+BB1f8KavsZCU/A8VEW3du/mqwNg5eH8OtL1A=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AEAABubX1c/5ldJa1kGgEBAQEBAgEBAQEHAgEBAQGBUQUBAQEBCwGBDS9QA2h0BAsnhAiDRwOEUIsBgleSLoVzgSQDVAsBASMJhEACF4QOIjQJDQEBAwEBAwEDAm0cDIVLBiMdAQE3AQ8CAQYCEgIuAgICMBcOAgQBDQWDIgGBEUwDFQEOjSuQXwKKFHGBL4J4AQEFhQAYggsDBYEvAYsnF4F/gREnH4JMgx4CggGCajGCJopBggOEBYckjBkJAodBizEZgXSFYoNIiASKZIEShEmMSAIEAgQFAg0BAQWBRziBVnAVZQGCQYIKDBeDS4UUhT9ygSiPbQEB
X-IronPort-AV: E=Sophos;i="5.58,440,1544486400"; d="scan'208,217";a="443961741"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Mar 2019 18:25:39 +0000
Received: from XCH-RCD-007.cisco.com (xch-rcd-007.cisco.com [173.37.102.17]) by rcdn-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id x24IPbUf021983 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 4 Mar 2019 18:25:37 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-RCD-007.cisco.com (173.37.102.17) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 4 Mar 2019 12:25:36 -0600
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 4 Mar 2019 12:25:35 -0600
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 4 Mar 2019 13:25:35 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector1-cisco-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Pbayov+V3M0Hj7N/mi9uDf8hKyclDHRTeN71YqQpxJs=; b=ToKbMs7wrObXK1oxSg+Pwnb8+QK09OWeZOIgYctlrRBeEIezcZq7TTwXWqi8LdRi0gRyuZaZvMT865aC9JP7alISxbvt1oKS8DSP+hO1WdWZJh4bfNzX/UVQAlsLpcODOqYVZ4w0ARMXI0qVX3JNWuJc96ZqXjPVS2KAUc//N4E=
Received: from BN6PR11MB1732.namprd11.prod.outlook.com (10.175.99.7) by BN6PR11MB4083.namprd11.prod.outlook.com (10.255.130.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1665.16; Mon, 4 Mar 2019 18:25:34 +0000
Received: from BN6PR11MB1732.namprd11.prod.outlook.com ([fe80::3df6:de14:447c:4146]) by BN6PR11MB1732.namprd11.prod.outlook.com ([fe80::3df6:de14:447c:4146%3]) with mapi id 15.20.1665.019; Mon, 4 Mar 2019 18:25:34 +0000
From: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
To: Alissa Cooper <alissa@cooperw.in>, Christer Holmberg <christer.holmberg@ericsson.com>
CC: IETF Gen-ART <gen-art@ietf.org>, "mile@ietf.org" <mile@ietf.org>, "draft-ietf-mile-xmpp-grid.all@ietf.org" <draft-ietf-mile-xmpp-grid.all@ietf.org>
Thread-Topic: Genart last call review of draft-ietf-mile-xmpp-grid-09
Thread-Index: AQHUpClhIiWTr3Yr/U+rMLkIwfhUFqXzFkmAgAD4aYCAAhEjAP//xrOAgAF3hYCABELTAA==
Date: Mon, 04 Mar 2019 18:25:34 +0000
Message-ID: <ABF894CD-41D0-433F-8E94-4E9A362C9CB6@cisco.com>
References: <154660505438.18349.15819160158224807890@ietfa.amsl.com> <2434D00A-DCFC-40D3-B604-8F3E6706BC9D@cisco.com> <9B68C9F5-E0B9-47A7-B816-55DEDAD33E5E@cisco.com> <DBE6E193-7C16-467A-B2B8-D7425542447D@cisco.com> <392C5079-E1AE-46A2-A86F-A3CC2AF20334@cisco.com> <AE093402-DD82-49D3-9BAE-82CD701CC2DE@cisco.com>
In-Reply-To: <AE093402-DD82-49D3-9BAE-82CD701CC2DE@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.7.190210
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ncamwing@cisco.com;
x-originating-ip: [2001:420:292:1260:1dfe:3a6c:3efe:7107]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 02ced1e5-e1ad-47ee-b87f-08d6a0cecabc
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600127)(711020)(4605104)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:BN6PR11MB4083;
x-ms-traffictypediagnostic: BN6PR11MB4083:
x-microsoft-exchange-diagnostics: 1;BN6PR11MB4083;23:TGZ9wSRZsNkZX9OqsNl+XVbjoBOHcNAhBLDDEhMwwvxUAtQLLcUejDTErC+eLqcEqjHDv5kgIBlb0wv9YV88cfgRJlKvj87hRKnkhLlWB9uBKtLrko+RdeHTCZHRlXmnPpoXOb9ZQz64PceOxE9+LpZOfS1RIOdfoKh56NzwGHGCh7uXS66nA+ol7DjWaHwJIc6/JzylSSF/ZlPv1qtI0j7TEMWyTg3aT03a5k7ljtWxXXkkcv6mayrs5+MjsCF5nDahp3BbL6pGTdn0I7gXCHrt98JIMDakBnBmo7h8b01HjakO2DPYyycFiiyiB8lOjtv1GYp+1OP01CsCcqOwq09xiFBkSFwvbY3IHBIuKCCBfMjfObIfCDEl57TIY7Cc07iMy2p44URm/27Rz/Xu3o5P6lnI0f/ihGUI10uPwoJapWiW0WtObRTISJK3UgMvkgtwp9CVeu2ue6Ur+RhrLCRk1o3r8o4vOWLEjQKDE2RTLpH9ZSgEoJvYPl+Dpds1jqaYoJn27bTOGev8hCeonqljYqo/O4OJ4MqM7YxnDQyHB0ePkFYw+WuYmbWBaG7xaWjsn9a5VIWN35X3DLacR8Za0c+71TwuyW1kNknKI0OEttln1PfSW2gc+I0BSuWTuhdpnrX8dvRBpUtYXbCNeSJI1VpxfNlAUldwsNgnsvekMsgnu4qA6SuD51YYD8lQRDcPD8THIpxX/jCDYhM8wd5xDWP6GUb7AgTa3L5rdCtpAplFjMmdqlP46Hg+IzQy8FpppQaaTZPfEOaF6YnVmhXitmTTASLlMJAwNhT8GMKtRfjvv515FVVmTfbmt2c01xaCkTcutPJecQrvcEq5BtHgBXh23pNxssypRW0TVWAm3ghIItrhHUmLKsCCGeJebjGtjw+CB29a42OrLjCVSsR+SK4BQZUbP+hEOLcfJC95RU7b0+nFaVn2hauZDXpnAXjk4bMocKIgK6Nq05ZOIGE3psPS0WUgr438gC9KMjTO9kFoOKCrhIDFw9qfzZhYzkWmezHysxSQ9xfDnKM/f5lxcYLoe2lGopAlbaL7JDe9LM1Ed6zGRRMKxQicl4HlTzoT2oX98A8AI/EhbnMjuuMw8s0dmt9Mqas/d0s5eozVJ8VE+D9Qu32AYx3lIOXidZyOsbYMb6NqK1+ehWjDntrtgeflYfprAYwUBDXhLG1ZAzscLJ9z57Tj/1tnu1ZqkOuDOQtyl+5O9rjsqLVdNl9mi1PZRySD+b5SYITuTBRxaMR/SR4zdQBRSZrVecZCIcOETU34VOaddtLp2tuyK+mguSZyLIPhH4O1+Cy3tlc=
x-microsoft-antispam-prvs: <BN6PR11MB4083A6276467C925E399B046D6710@BN6PR11MB4083.namprd11.prod.outlook.com>
x-forefront-prvs: 09669DB681
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(39860400002)(346002)(396003)(136003)(366004)(51444003)(189003)(199004)(6512007)(54896002)(6306002)(6436002)(229853002)(97736004)(105586002)(25786009)(4326008)(106356001)(68736007)(82746002)(2906002)(33656002)(6486002)(6116002)(36756003)(6246003)(93886005)(46003)(14444005)(256004)(186003)(8676002)(8936002)(54906003)(478600001)(2616005)(81156014)(486006)(110136005)(11346002)(446003)(81166006)(476003)(58126008)(316002)(14454004)(83716004)(71190400001)(71200400001)(102836004)(53546011)(76176011)(99286004)(6506007)(86362001)(7736002)(53936002)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR11MB4083; H:BN6PR11MB1732.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: rdrjj8Bf6+wo584fEtPsUFlEOyqX0HB1eBUELxQoKRJkt2uEbOA0TpLRrYuGMZpAHL15/yIwuGgD24G/HM/kpmSMlP1yiRvkkD26zOu9yoH3CLFvGbbc0AEsxo2h2JMJirr9EOFx+93hFw0I9lLSPCCgIpqHnzyun6AXkiXBPVkCCAe0JkLF/LRkGLFaT6cXdJKIoIyyMtLBvoHOGrIhPhhoG1feMaCAuGXZbbjeIihEcr3VZOdeVIEI1gnKG38VuYnX7lfrIUGMRWVEA22QakE2TC7b8FGuASpRbxqe93Gtx9d+Riejc6ai2CibIztfYT/sWlGp0BWCeYY38vLSTa4ZfuD/Rw4bdgJsgR9L0weULJN5OkVRurBTvkl412opHI50558zu5qArpW6DeGZvOa617rBs+xKDByPYBXqft4=
Content-Type: multipart/alternative; boundary="_000_ABF894CD41D0433F8E944E9A362C9CB6ciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 02ced1e5-e1ad-47ee-b87f-08d6a0cecabc
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Mar 2019 18:25:34.3805 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB4083
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.17, xch-rcd-007.cisco.com
X-Outbound-Node: rcdn-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/w6p_0zBeoZcUq3oxUb1LMpvrmx4>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-mile-xmpp-grid-09
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2019 18:26:06 -0000

Thanks Alissa and Christer, please see further comments below:



On 1/4/19, 4:31 AM, "Christer Holmberg" <christer.holmberg@ericsson.com> wrote:



    Reviewer: Christer Holmberg

    Review result: Ready with Issues



    I am the assigned Gen-ART reviewer for this draft. The General Area

    Review Team (Gen-ART) reviews all IETF documents being processed

    by the IESG for the IETF Chair.  Please treat these comments just

    like any other last call comments.



    For more information, please see the FAQ at



    <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.



    Document: draft-ietf-mile-xmpp-grid-09

    Reviewer: Christer Holmberg

    Review Date: 2019-01-04

    IETF LC End Date: 2019-01-14

    IESG Telechat date: Not scheduled for a telechat



    Summary: The document is well written, easy to read, and technically I have no

    issues. However, as shown below, I do have some questions for clarifications.



    Major issues: None



    Minor issues:



    Q1: There is no explanation of what kind of security-related information is

    distributed. What kind of security? I assume it is some kind of application

    security, and not XMPP security.

[NCW] IODEF is one such exchange format that allows for security-relevant

Information to be shared.  As IODEF is “Incident Response”, it is a type of security information.

Once SACM has an Exchange format, we can show how that can be distributed using XMPP as well.



    Q2: Is there a reason why XMPP-Grid is only defined for security-related

    information? Isn’t XMPP-Grid a way of distributing ANY type on information in a

    secure manner?

[NCW] Yes it can distribute any type of information. The focus of this document is to show

how XMPP-Grid could be used for distributing IODEF security events.



    Q3: It is not clear to me what XMPP-Grid provides that “normal” secure XMPP

    doesn’t. Is XMPP-Grid only an architecture, using standard XMPP components? If

    so, I think that should be made more clear.

[NCW] Yes, it is only an architecture that uses standard XMPP components.  The abstract and introduction states as much in that the “document describes how to use XMPP”.  We could update the first part of the introduction by making the following change:

“This document defines an architecture, e.g. “XMPP-Grid” as a method for using….

Does that help??



    Q4: While section 8 does reference RFC 6120 for the usage of TLS, I can’t find

    any references to other security considerations in RFC 6120. Is everything in

    section 8 XMPP-Grid specific?

  [NCW] Yes, Section 8 are specific to XMPP Grid architecture and the components of XMPP it proposes. But since the draft basically demonstrate the use of XMPP, it should absorb the considerations described in 6120 too.  We will adjust the Security considerations to state that as well.



    Q5: Section 4 talks about a “typical” workflow. I assume that means there could

    be others?

[NCW] Yes, while we expect implementations may extend or leverage other components (XEPs) of XMPP,

Section describe a representative workflow

.



    Nits/editorial comments:



    Q6: The document talks about using XMPP-Grid for distributing

    “security-relevant”/”security-related” information. I suggest using consistent

    terminology.

  [NCW] Thanks for pointing this out. We will make the changes to be consistent with

“security-relevant” information.

v2.23.0 | Report a Bug | By Email