[i2rs] Ben Campbell's No Objection on draft-ietf-i2rs-protocol-security-requirements-08: (with COMMENT)

"Ben Campbell" <ben@nostrum.com> Thu, 18 August 2016 02:45 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: i2rs@ietf.org
Delivered-To: i2rs@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B8B7512D605; Wed, 17 Aug 2016 19:45:04 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: "Ben Campbell" <ben@nostrum.com>
To: "The IESG" <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.29.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <147148830474.23714.14742463076688973726.idtracker@ietfa.amsl.com>
Date: Wed, 17 Aug 2016 19:45:04 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2rs/3SGCp9Q5hKNu7HtvbEcxQEEbcNc>
Cc: jhaas@pfrc.org, i2rs@ietf.org, i2rs-chairs@ietf.org, draft-ietf-i2rs-protocol-security-requirements@ietf.org
Subject: [i2rs] Ben Campbell's No Objection on draft-ietf-i2rs-protocol-security-requirements-08: (with COMMENT)
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2016 02:45:05 -0000

Ben Campbell has entered the following ballot position for
draft-ietf-i2rs-protocol-security-requirements-08: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-i2rs-protocol-security-requirements/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Version 8 resolved my discuss point for section 3.4. Thanks!

I don't think it resolved my discuss point for 3.2. I'm clearing anyway,
because I think my point has been made. I would prefer the language to
say that anything not explicitly marked as non-confidential in the
relevant data model MUST be sent over a protected transport. But I will
leave it to the authors to do the right thing.

I will leave my non-discuss comments below for reference. I think version
8 resolves at least some of them. Any remaining are up to you; none of
them are show stoppers.

-2.1: I am on the fence about other's comments about copying definitions
here--but if you do copy them here, it seems strange to not mention
"client" or "agent".

I agree with Alissa about equating privacy and confidentiality.

-3.1,: 
I’m confused by the first paragraph. I don’t find strings of the form of
SEC-REQ-XX in 7921. I think _this_ doc sets these requirements, right?

It’s not clear to me how 5 and 6 differ. Is it just a matter of the
additional “before establishing a connection” part in 6?

-3.4: Isn't 15 simply a restatement of the third item under 14?

3.5: The  MAYs in 19 and 20 seem like statements of fact. (That is, do
they simply recognize reality, or to they  grant permission?)