IETF Logo Mail Archive

Re: [I2nsf] Request for Help for I2NSF YANG Drafts under IESG Evaluation

"Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com> Wed, 20 April 2022 02:49 UTC

Return-Path: <jaehoon.paul@gmail.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73EEF3A19B6 for <i2nsf@ietfa.amsl.com>; Tue, 19 Apr 2022 19:49:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.099
X-Spam-Level:
X-Spam-Status: No, score=-0.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_HK_NAME_FM_MR_MRS=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URI_DOTEDU=1.997] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id No9Wti-xKysD for <i2nsf@ietfa.amsl.com>; Tue, 19 Apr 2022 19:48:58 -0700 (PDT)
Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D1473A19B8 for <i2nsf@ietf.org>; Tue, 19 Apr 2022 19:48:57 -0700 (PDT)
Received: by mail-lf1-x12d.google.com with SMTP id t25so452507lfg.7 for <i2nsf@ietf.org>; Tue, 19 Apr 2022 19:48:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8TvdVpWWs+zK+kQ07KpQgdhuaq4TJ6g8Lh/InuS7g28=; b=aWUxHc1NotZTfCz3ExHAtzQ7aw/ermg0ZA9/mtI6Jnm99RctqqnzZVrbsOfFjyKAMe Aw/7ShzS4haOzzL7s1E/e5hj6kE2nlv4AFSTAlRjPSvi2o2/gJOoEO5pz7w/Egwxo/fS MjQsgBO6tuPvzHzm0zyC9FfHgpnTi89ZfuTynpfpm2Jut7CCQJZwYzsrqjP9bawc7MBR IhyAGUE18NBengDH6NTzrpGggso0r4pS/yTUxLydiHoTeiMaJ/c9BtGpT2MlUSGuNqnB U8f4GgC89sD0Q+yqM6zIKwRnociufUTw/V67svdVaUxJHKoChjaao6mqiSecR5fKZbi1 NU5w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8TvdVpWWs+zK+kQ07KpQgdhuaq4TJ6g8Lh/InuS7g28=; b=indS8tiAF7TBY5P2fyUcubnAa049+ith2StYn4Dvy1CXLtHIRkSBYsF58ZG0JFRN+w cy8A8IIHojfhg7qWRB9pWkHsRS6KKxlW73Q4Nw62Hr4OWbpWMw1XX+QUjQsgNxtS3L3n rsbRlDVNhD07o22kX4H3UuGnEggAbZXaFXd2RFaZXdIvML7fqwwzzUONBV/JyomXJ8ZC RkeDjc7A04bC8gKLAhHj1MVBs5TNXKj33lvChv1fmuXmtyJao2l5pF1l2CduapXio7/O EcEBPGzqPYYQzC+W6p9xDbN59v3UxuWORG7gpTffTrqysvhTvhZT6hoJAzRJMn1bHIJ4 hYcA==
X-Gm-Message-State: AOAM530uSho/+7Y9rVX/yLlcaxHubTIsXcxk0wvr7O155kJUMjV2Vn67 4clex8+VQxgwb3lMl1v4EapJuOOD7Fg5+hvCJdkg6Szo
X-Google-Smtp-Source: ABdhPJw9RAY/rdh0DFdHlkjS64wSSYwrFZwvbMH6HS2qg3ZTeqb8XP2Lk6nxdYhVIU1u5uQHeMqwMFEW+gbHD4UhwBc=
X-Received: by 2002:a19:f518:0:b0:46d:58b:160c with SMTP id j24-20020a19f518000000b0046d058b160cmr13032842lfb.533.1650422935432; Tue, 19 Apr 2022 19:48:55 -0700 (PDT)
MIME-Version: 1.0
References: <CAPK2DezFcN7g+kVDdQvvGs5=ZSVTsbZRpEPdVbnqoGkM9ioxow@mail.gmail.com> <4c7a648-5f14-3abd-964c-4a88e4baccac@nohats.ca> <CAPK2DezkBb-M43KJTns1=bkMC5+1RwwDR==-3BoOfrX+Xz_0=g@mail.gmail.com> <1cd38ff9-4137-f7ab-7821-a02a7c22a827@nohats.ca>
In-Reply-To: <1cd38ff9-4137-f7ab-7821-a02a7c22a827@nohats.ca>
From: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Date: Wed, 20 Apr 2022 11:48:44 +0900
Message-ID: <CAPK2DeyxoYtVTm35EO2U3VB8nV+R3MeuJORCxzpWjeX4JWdwNA@mail.gmail.com>
To: Paul Wouters <paul@nohats.ca>
Cc: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>, Roman Danyliw <rdd@cert.org>, "i2nsf@ietf.org" <i2nsf@ietf.org>, skku-iotlab-members <skku-iotlab-members@googlegroups.com>
Content-Type: multipart/alternative; boundary="000000000000cbb2b405dd0d0873"
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/yboMW3VMX-R9GoFpUfF8z9pdrOA>
Subject: Re: [I2nsf] Request for Help for I2NSF YANG Drafts under IESG Evaluation
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Apr 2022 02:49:03 -0000

Hi Paul,
Thanks a lot for your quick review and confirmation.

Best Regards,
Paul

2022년 4월 20일 (수) 오전 11:47, Paul Wouters <paul@nohats.ca>님이 작성:

> On Wed, 20 Apr 2022, Mr. Jaehoon Paul Jeong wrote:
>
> > Hi Paul,
> > Thanks for your review.
> > I have submitted the revised draft reflecting your comments and
> questions:
> >
> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-monitoring-data-model-18
> >
> > There are my answers to your comments and questions inline below.
>
> Thanks. Your changes and answers addressed my concerns. I've changed my
> ballot to NO OBJECTION.
>
> Paul
>
> > On Wed, Apr 20, 2022 at 12:25 AM Paul Wouters <paul@nohats.ca> wrote:
> >       On Tue, 19 Apr 2022, Mr. Jaehoon Paul Jeong wrote:
> >
> >       > 2. I2NSF Monitoring Interface YANG Data Model
> >       > -
> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-monitoring-data-model/
> >       > - Paul Wouters is holding Ben Kaduk's DISCUSS position, and
> needs to check whether my revision satisfies Ben's DISCUSS or not.
> >       > - This draft has gotten 9 supporting ballots (Yes or No
> Objection).
> >
> >       Yes it addresses most of the DISCUSS items. I am about to change
> it but
> >       I have one question left:
> >
> >       Section 6.7.1 had comments about firewall rule counters and
> properties,
> >       and the document change just removed the listed properties. I am a
> >       little confused how this addresses Ben's point. How do people know
> which
> >       properties are defined ?
> >
> >  => [PAUL] As mentioned in page 3 in the revision letter, the
> information (including
> >       src-ip, dst-ip, src-port, dst-port, protocol, and app) in Section
> 6.7.1 was
> >       included by mistake, since this information is not included in the
> YANG data
> >       model. The purpose of the firewall counter is to show what a
> security policy
> >       in the firewall has done. Thus, we removed the unnecessary fields
> from
> >       Section 6.7.1 and updated the description.
> >
> >
> >       Some review comments:
> >
> >               The QUIC traffic should not be treated as UDP traffic
> >
> >       You probably mean to say "treated as generic UDP traffic". It _is_
> still
> >       UDP traffic after all.
> >
> >  => [PAUL] You are right. I have updated the sentence according to your
> comments as follows:
> >       "The QUIC traffic should not be treated as generic UDP traffic and
> >         will be considered in the future I2NSF documents."
> >
> >               The cookies information needs to be kept confidential and
> >               is not RECOMMENDED to be included in the monitoring data
> unless
> >               the information is absolutely necessary to help to enhance
> the
> >               security of the network.
> >
> >       I am not sure why this header is specifically treated compared to
> other
> >       HTTP headers. Please write "NOT RECOMMENDED" (eg uppercase the
> 'not').
> >       This text does address Ben's DISCUSS.
> >
> >  => [PAUL] This is because cookies contain the information to degrade
> security and privacy
> >       as mentioned in RFC 6265 (HTTP State Management Mechanism).
> >       I have updated the text about the HTTP Cookies header in Section
> 6.3.4 as follows:
> >       "o cookies: The HTTP Cookie header field of the request from the
> user agent.
> >        Note that though cookies have many historical infelicities that
> degrade
> >        security and privacy, the Cookie and Set-Cookie header fields are
> widely used
> >        on the Internet [RFC6265]. Thus, the cookies information needs to
> be kept
> >        confidential and is NOT RECOMMENDED to be included in the
> monitoring data
> >        unless the information is absolutely necessary to help to enhance
> the
> >        security of the network.
> >
> >        Thanks.
> >
> >        Best Regards,
> >        Paul
> >
> >
> >       > 3. I2NSF NSF-Facing Interface YANG Data Model
> >       > -
> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-facing-interface-dm/
> >       > - This draft has gotten 9 supporting ballots (Yes or No
> Objection) and Éric Vyncke changed his DISCUSS to ABSTAIN.
> >       > - This draft needs another review of one among the IESG ADs with
> No Record.
> >
> >       I will cast my ballot for this one later today after I've had a
> change
> >       to review it.
> >
> >       Paul
> >
> >
> >
>
-- 
===========================
Mr. Jaehoon (Paul) Jeong, Ph.D.
Associate Professor
Department Head
Department of Computer Science and Engineering
Sungkyunkwan University
Office: +82-31-299-4957
Email: pauljeong@skku.edu, jaehoon.paul@gmail.com
Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
<http://cpslab.skku.edu/people-jaehoon-jeong.php>

v2.40.4 | Report a Bug | By Email | System Status