Re: [I2nsf] FW: Merged I2NSF problem statement and Use Case - draft-hares
"Susan Hares" <shares@ndzh.com> Mon, 21 December 2015 16:16 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C9A61A909E for <i2nsf@ietfa.amsl.com>; Mon, 21 Dec 2015 08:16:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.054
X-Spam-Level:
X-Spam-Status: No, score=-99.054 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bQOPlzYvkJn7 for <i2nsf@ietfa.amsl.com>; Mon, 21 Dec 2015 08:16:52 -0800 (PST)
Received: from hickoryhill-consulting.com (hhc-web3.hickoryhill-consulting.com [64.9.205.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D59D71A909C for <i2nsf@ietf.org>; Mon, 21 Dec 2015 08:16:51 -0800 (PST)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=74.43.47.177;
From: Susan Hares <shares@ndzh.com>
To: "'Zarny, Myo'" <Myo.Zarny@gs.com>, i2nsf@ietf.org
References: <002701d13ac4$24025a30$6c070e90$@ndzh.com> <A3233753A4B65F43BCA1B64DA99A9C230809569C2F@GSCMAMP19EX.firmwide.corp.gs.com>
In-Reply-To: <A3233753A4B65F43BCA1B64DA99A9C230809569C2F@GSCMAMP19EX.firmwide.corp.gs.com>
Date: Mon, 21 Dec 2015 11:16:21 -0500
Message-ID: <00a901d13c0a$f1f06c60$d5d14520$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_00AA_01D13BE1.091EF840"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQMPnHmelZuXAp4G2vd1mUXoIavDtgK+NI+jnELqCgA=
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/vcqhVp_AiREkHWDMLBVzb4_XUl8>
Cc: adrian@olddog.co.uk, 'Linda Dunbar' <linda.dunbar@huawei.com>
Subject: Re: [I2nsf] FW: Merged I2NSF problem statement and Use Case - draft-hares
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Dec 2015 16:16:59 -0000
Myo: Thank you for the comments. I will work on a revision for sections 3.1.9 and 3.1.10 plus copy editing. Ill send a revision of 3.1.9 and 3.1.10 to the list later today. Ill also read through the text again looking for copy editing errors. Sue From: I2nsf [mailto:i2nsf-bounces@ietf.org] On Behalf Of Zarny, Myo Sent: Monday, December 21, 2015 11:00 AM To: 'Susan Hares'; 'i2nsf@ietf.org' Cc: 'adrian@olddog.co.uk'; 'Linda Dunbar' Subject: Re: [I2nsf] FW: Merged I2NSF problem statement and Use Case - draft-hares Hi Sue, Thanks very much for putting this together. Its quite challenging to put various threads together in a sensible order, which youve successfully done. And far easier to nitpick, which Ill do here. A few comments: · Section 3.1.9 can be better worded. o Right now, its describing not just the requirements for DOTS controller interfaces but also what to do about them. The text should describe why we need standard interfaces for: § DOTS controllers to which external entities (such as NSFs or users) can signal the need for DDOS mitigation, revoke mitigation policies, etc. § Network entities that will execute (implement/withdraw/get stats, etc.) DDOS mitigation functions o It describes the mysterious I2NSF Controller which I think the original author meant some network security controller. IMHO, I2NSF covers the interfaces for DOTS controllers and NSFs (and anything in between.) This draft shouldnt prescribe how mitigation policies may be carried out. (Policies may be executed through an intermediary like a network security controller or by calling the NSFs themselves.) · A similar issue with Section 3.1.10. It speaks of a controller distributing keys in the very first sentence. The need, as it does describe later in the paragraph, is a standard interface to provision and distribute the keys. Lets not muddy waters by declaring who may invoke the said interfaces. We should at least add for example, a controller or something like that. · Section 3.3 describes the general need for standard interfaces that could interpret [security] policies. Now, my understanding is that the current I2NSF charter doesnt really deal with policy interpretation beyond the most basic. But it can probably stand as is now since its describing the requirements. · Overall, we need to do a sweep of copy-editing (for typos, grammar, etc.) My two cents From: I2nsf [mailto:i2nsf-bounces@ietf.org] On Behalf Of Susan Hares Sent: 19 December 2015 8:17 PM To: i2nsf@ietf.org Cc: adrian@olddog.co.uk; 'Linda Dunbar' Subject: [I2nsf] FW: Merged I2NSF problem statement and Use Case - draft-hares Sending this just to list. Sue From: Susan Hares [mailto:shares@ndzh.com] Sent: Saturday, December 19, 2015 8:11 PM To: 'i2nsf@ietf.org' Cc: 'antonio.pastorperales@telefonica.com'; 'ldunbar@huawei.com'; 'diego.r.lopez@telefonica.com'; 'myo.zarny@gs.com'; 'N.Leymann@telekom.de'; 'michaelq@prime-tel.com'; 'mohamed.boucadair@orange.com'; 'Christian.jacquenet@orange.com'; 'shaibalc@us-ignite.org'; 'adrian@olddog.co.uk'; 'Kathleen Moriarty' Subject: Merged I2NSF problem statement and Use Case - draft-hares I2NSF folks and my co-authors: I have merged all the changes you suggested into Lindas problem statement and combined this with the use cases. Please let me know if you have any concerns or changes to the resulting document. If anyone was left off the Contributors section, would you please let me know. This document is the combination of lots of peoples hard work. I will upload it as draft-hares-merged-i2nsf-problem-use-cases-00.txt along with the XML on Sunday evening (12/20/2015) and then ask for WG adoption. Ill watch for comments in the next few weeks and revise the text. Does I2NSF have a github repository? If so, we can put the XML there to change it. Sue Hares
- [I2nsf] FW: Merged I2NSF problem statement and Us… Susan Hares
- [I2nsf] Merged I2NSF problem statement and Use Ca… Susan Hares
- Re: [I2nsf] FW: Merged I2NSF problem statement an… Zarny, Myo
- Re: [I2nsf] FW: Merged I2NSF problem statement an… Susan Hares