IETF Logo Mail Archive

Re: [I2nsf] Secdir last call review of draft-ietf-i2nsf-sdn-ipsec-flow-protection-08

Gabriel Lopez <gabilm@um.es> Thu, 17 September 2020 14:22 UTC

Return-Path: <gabilm@um.es>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD3BA3A0BF5; Thu, 17 Sep 2020 07:22:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=um.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ycj5MuhmIXpL; Thu, 17 Sep 2020 07:22:04 -0700 (PDT)
Received: from mx02.puc.rediris.es (outbound3sev.lav.puc.rediris.es [130.206.19.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1A703A0BE6; Thu, 17 Sep 2020 07:22:03 -0700 (PDT)
Received: from xenon41.um.es (xenon41.um.es [155.54.212.167]) by mx02.puc.rediris.es with ESMTP id 08HEM1Yo004553-08HEM1Yp004553; Thu, 17 Sep 2020 16:22:01 +0200
Received: from localhost (localhost [127.0.0.1]) by xenon41.um.es (Postfix) with ESMTP id 346982105A; Thu, 17 Sep 2020 16:22:01 +0200 (CEST)
X-Virus-Scanned: by antispam in UMU at xenon41.um.es
Received: from xenon41.um.es ([127.0.0.1]) by localhost (xenon41.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id tc_NSATeCOFH; Thu, 17 Sep 2020 16:22:01 +0200 (CEST)
Received: from [192.168.8.101] (18.red-79-149-253.dynamicip.rima-tde.net [79.149.253.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: gabilm@um.es) by xenon41.um.es (Postfix) with ESMTPSA id 5FCB221058; Thu, 17 Sep 2020 16:21:59 +0200 (CEST)
From: Gabriel Lopez <gabilm@um.es>
Message-Id: <DE61AC6A-4902-4811-95D8-4C721F2B1FC3@um.es>
Content-Type: multipart/alternative; boundary="Apple-Mail=_5A10ACE7-3BD6-473D-B923-C25616245CC4"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
Date: Thu, 17 Sep 2020 16:21:50 +0200
In-Reply-To: <159915114284.18250.13963885423309139336@ietfa.amsl.com>
Cc: Gabriel Lopez <gabilm@um.es>, secdir@ietf.org, i2nsf@ietf.org, last-call@ietf.org, draft-ietf-i2nsf-sdn-ipsec-flow-protection.all@ietf.org
To: Derek Atkins <derek@ihtfp.com>
References: <159915114284.18250.13963885423309139336@ietfa.amsl.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=um.es; s=DKIM; c=relaxed/relaxed; h=from:message-id:content-type:mime-version:subject:date:cc:to:references; bh=YyYfbzqXxFwlxm2VyiT+RruyirHLPTrDWUQc19TrXU8=; b=nii+VU3gIOKVwLO17u9YPyowu5ckeQN2YzspflVcmkuFwaWWFW19GYDYYJmtZl44GD+DOOQOxFyy sVh8FrDf8R6wvEF5IdbsczeQmO6emlhgaw79JPLJGxzu/2luJQa52iVrU87pR8w6Dn4NePc/Nc3o FKpPBIhxLO7RvALyjekltG6fX6VTzxro11wnBv+OwU7jNAil8FDg9yZXdPZdXJjj1tEuRWOfvzGs uT0jvfcFQHx6Nbg2oitzVH/d+jD68MtdU+th4WWsEpenRlZyGcEn9nUv3BZ2/KHQX5aGaoPPOe8U GeYLdNnpJalCqT1xvjstiOZ9GWkzwg3IGIzxQg==
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/JgnuHeTqJpqzIOJxRf2iolX9LoE>
Subject: Re: [I2nsf] Secdir last call review of draft-ietf-i2nsf-sdn-ipsec-flow-protection-08
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2020 14:22:06 -0000

Hi Derek.

Thank you for the review and sorry for the delay.

We are modifying the text accordingly. 

Best regards, Gabi. 

> El 3 sept 2020, a las 18:39, Derek Atkins via Datatracker <noreply@ietf.org> escribió:
> 
> Reviewer: Derek Atkins
> Review result: Has Nits
> 
> Hi,
> 
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG.  These comments were written with the intent of improving
> security requirements and considerations in IETF drafts.  Comments
> not addressed in last call may be included in AD reviews during the
> IESG review.  Document editors and WG chairs should treat these
> comments just like any other last call comments.
> 
> Summary:
> 
> * With Nits
> 
> Details:
> 
> * NB: I did not review the Yang Models or Appendices
> 
> * Awkward sentence in section 8, top of page 21:
> 
>                              Moreover, the startup configuration
>    datastore MUST be also pre-configured with the required ALLOW
>    policies that allow to communicate the NSF with the I2NSF Controller
>    once the NSF is deployed.
> 
>  Specifically "that allow to communicate the NSF with ..." should be
>  changed, possibly to read "that allow the NSF to communicate with ..."
> 
> * at the end of 8.3 at the bottom of page 23 there is a space for "the
>  subtrees and data nodes and their sensitivity/vulnerability:" but
>  there is no list, it just goes onto the next paragraph at the top of
>  the next page.
> 
> -derek
> 
> 
> 
> _______________________________________________
> I2nsf mailing list
> I2nsf@ietf.org
> https://www.ietf.org/mailman/listinfo/i2nsf

-----------------------------------------------------------
Gabriel López Millán
Departamento de Ingeniería de la Información y las Comunicaciones
University of Murcia
Spain
Tel: +34 868888504
Fax: +34 868884151
email: gabilm@um.es

v2.23.0 | Report a Bug | By Email