[homenet] comments on babel-profile-03

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 13 November 2017 06:16 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DF43128D16 for <homenet@ietfa.amsl.com>; Sun, 12 Nov 2017 22:16:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EoC0FmkHE2cn for <homenet@ietfa.amsl.com>; Sun, 12 Nov 2017 22:16:03 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A342C129445 for <homenet@ietf.org>; Sun, 12 Nov 2017 22:16:03 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 44064BDF9 for <homenet@ietf.org>; Mon, 13 Nov 2017 06:16:01 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bFnCP_bl0Zhc for <homenet@ietf.org>; Mon, 13 Nov 2017 06:15:59 +0000 (GMT)
Received: from [31.133.132.197] (dhcp-84c5.meeting.ietf.org [31.133.132.197]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 09CFEBDD8 for <homenet@ietf.org>; Mon, 13 Nov 2017 06:15:58 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1510553759; bh=ri8/UHXwCi7Y70CEoZlRtdYPMDlIi3EagDEHjKqMDS4=; h=To:From:Subject:Date:From; b=GtnQqTjttJuRLU/qbz803k2HcxCMgUzNH5VosZBg753VvJZGqOyNsGuM9l/bhdmg5 xu/JErSLNJ0zkWvkY+q4VTGlS+jerDkSC5yhQSpKgpI3EACu7cSsWPlNSIpVSr2DUH rL8+C/32YzWuLNjPWshWeGfCzl17Q84gK9/L64MA=
To: "homenet@ietf.org" <homenet@ietf.org>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <9d3963f1-68a4-6925-f8b5-282be6f15787@cs.tcd.ie>
Date: Mon, 13 Nov 2017 06:15:55 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="jp9qais1NM8ka8QUEVtcmpgv186m6k5vK"
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/JdgaV5f2gsq5U9hoaeaayxxraKM>
Subject: [homenet] comments on babel-profile-03
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Nov 2017 06:16:06 -0000

Hiya,

I re-read babel-profile-03 and have a few comments (below)
offered as a WG participant (i.e. chair hat off) as part of
WGLC.

If any of these were discussed already, then just pointing
me at the archive is a fine answer. (And apologies for not
having been active in the WG earlier if there are such cases.)

- Req5: Is "MUST be... of a similar magnitude..." clear enough?

- 2.2: I'm not sure this entire section is useful. If there is
something specific we'd like to avoid (at a MUST NOT or NOT
RECOMMENDED level), it'd be better to say exactly what.

- NR2: I don't see the point of that. If

- section 3: "...using the existing redistribution mechanisms"
could maybe do with a reference for seme well known OS.

- NR3: I don't see what is not required here, that seems like a
straightforward 2119 MAY statement

- section 4: "only susceptible" seems like overstatment.  If
babel picks up routes from the OS and then annouces those,
then it seems the statement is not true, as any way of getting a
route into the OS will cause babel to propogate that, or am I
wrong? If not, then the babel profile seems to be susceptible to
any problems that cause a dodgy route to be installed in the OS
kernel.

- section 4: "secured at a lower layer" includes links with no
security (in reality), is that right?

- section 4: "trusted X" is not a good term unless you say
who/what is trusting whom/what for what. So, s/trusted
links/links/ would be better.

- section 4: The security properties here seem to be directly
and wholly dependent on nodes being able to safely identify
interfaces into the categories in 5.1 of 7788. I need to do
some more reading to convince myself that that's a good thing
to assume. If there are weaknesses in that assumption, then
it'd be better to call those out here, as that'd help folks
who're implementing and might also help in the later process
for this draft. (IOW, I won't be the only one to ask, so we
might as well be up-front if there are weak points in that
argument;-)

- section 4: I dislike the plan of assuming lower layer security
but if that's the WG consensus, then that's what it is. Is
there a link to the discussion that concluded that in the WG
archive? I suspect we'll be asked by directorate reviewers/IESG
so good to have that now. If there's no such link, then we
probably should start a specific thread that ends with that
conclusion (or changes the draft.)

Cheers,
S.