Re: [I2nsf] Opsdir last call review of draft-ietf-i2nsf-sdn-ipsec-flow-protection-08
Gabriel Lopez <gabilm@um.es> Thu, 17 September 2020 14:36 UTC
Return-Path: <gabilm@um.es>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C7E93A0C27; Thu, 17 Sep 2020 07:36:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=um.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rmUCET-fTYZn; Thu, 17 Sep 2020 07:36:46 -0700 (PDT)
Received: from mx01.puc.rediris.es (outbound3mad.lav.puc.rediris.es [130.206.19.141]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15ECA3A0B82; Thu, 17 Sep 2020 07:36:45 -0700 (PDT)
Received: from xenon44.um.es (xenon44.um.es [155.54.212.171]) by mx01.puc.rediris.es with ESMTP id 08HEahXq019890-08HEahXr019890; Thu, 17 Sep 2020 16:36:43 +0200
Received: from localhost (localhost [127.0.0.1]) by xenon44.um.es (Postfix) with ESMTP id 3E22021FCD; Thu, 17 Sep 2020 16:36:43 +0200 (CEST)
X-Virus-Scanned: by antispam in UMU at xenon44.um.es
Received: from xenon44.um.es ([127.0.0.1]) by localhost (xenon44.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 5Uq6eio7rp3z; Thu, 17 Sep 2020 16:36:43 +0200 (CEST)
Received: from [192.168.8.101] (18.red-79-149-253.dynamicip.rima-tde.net [79.149.253.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: gabilm@um.es) by xenon44.um.es (Postfix) with ESMTPSA id 3B0E721FC7; Thu, 17 Sep 2020 16:36:40 +0200 (CEST)
From: Gabriel Lopez <gabilm@um.es>
Message-Id: <D0BB5127-A717-4589-8D18-4D824009AA9F@um.es>
Content-Type: multipart/alternative; boundary="Apple-Mail=_967B229E-2E77-444D-9D8E-5A2B35826F8B"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
Date: Thu, 17 Sep 2020 16:36:39 +0200
In-Reply-To: <159913907315.13254.7744541288939456234@ietfa.amsl.com>
Cc: Gabriel Lopez <gabilm@um.es>, ops-dir@ietf.org, i2nsf@ietf.org, last-call@ietf.org, draft-ietf-i2nsf-sdn-ipsec-flow-protection.all@ietf.org
To: menachemdodge1@gmail.com
References: <159913907315.13254.7744541288939456234@ietfa.amsl.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=um.es; s=DKIM; c=relaxed/relaxed; h=from:message-id:content-type:mime-version:subject:date:cc:to:references; bh=vDb1BprUcd7TQMhbAlTTSRUEf3At6mLj4m6KdyFvZi0=; b=3tt+OIQF69Vs862rv8MCYkG9TZYJHndwAbHG4zD0ymf3RgZj6zVlDwtrGmA68b3miSF4V31hglks bgk7OPVTO9IzNs2v7ZlEiePVxW38duLJ4guyLA7eP0mcYry4Clk5KxpidyvWq1DHkI/2RCCByakT mEBbK94BVOm+pU2Nnt+yk/JJDKc5kAsfCFzF2urRkgzcBZ8xWticY3aIWb1FBDQ+fue7WJereSLo SUPY2F98qYBu8KEePV7oq70v4niiRgwmGeNuJFE1CI2iETFG2c3zU1uK5QG2WMeKSkRvVfbBoEba jMgqr40Ei3mK4tKiPmmrwRWzHS5z9WrfmaYfGw==
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/Eo9pY5yYnD57glCGUamluXjghKE>
Subject: Re: [I2nsf] Opsdir last call review of draft-ietf-i2nsf-sdn-ipsec-flow-protection-08
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2020 14:36:54 -0000
Hi Menachem. Thank you for this review. We have applied your suggestions. Best regards, Gabi. > El 3 sept 2020, a las 15:17, Menachem Dodge via Datatracker <noreply@ietf.org> escribió: > > Reviewer: Menachem Dodge > Review result: Has Nits > > This document is well written and very readable. > > Nits > ---- > Section 5.3: The first paragraph appears to be repeated. It appears at the end > of page 11 and also at the start of page 12. > > Section 5.4 first paragraph: > OLD --> "This information is incorporated to a list of NSFs under its control" > Suggest --> This information is incorporated in a list of NSFs under its > control" > > Section 8: Security Considerations: > > OLD --> In particular, the I2NSF Controller will handle cryptographic material > so that the attacker may try to access this information. Although we can > assume this attack will not likely > to happen due to the assumed security measurements to protect the I2NSF > Controller, it deserves some analysis in the hypothetical case the attack > occurs. > > Suggest --> In particular, the I2NSF Controller will handle cryptographic > material thus the attacker may try to access this information. Although we can > assume this attack is not likely > to happen due to the assumed security measurements to protect the I2NSF > Controller, it still deserves some analysis in the hypothetical case that > the attack occurs. > > Section 8.1 last bullet > > OLD --> If certificates are used, the NSF MAY generate the private key and > exports the public key for certification to the I2NSF Controller. How the NSF > generates these cryptographic material (public key/ private keys) and exports > the public key it is out of scope of this document. > > Suggest --> If certificates are used, the NSF MAY generate the private key and > export the public key for certification to the I2NSF Controller. How the NSF > generates these cryptographic material (public key/ private keys) and exports > the public key, is out of scope of this document. > > > > _______________________________________________ > I2nsf mailing list > I2nsf@ietf.org > https://www.ietf.org/mailman/listinfo/i2nsf ----------------------------------------------------------- Gabriel López Millán Departamento de Ingeniería de la Información y las Comunicaciones University of Murcia Spain Tel: +34 868888504 Fax: +34 868884151 email: gabilm@um.es
- [I2nsf] Opsdir last call review of draft-ietf-i2n… Menachem Dodge via Datatracker
- Re: [I2nsf] Opsdir last call review of draft-ietf… Gabriel Lopez