[i2rs] Stephen Farrell's No Objection on draft-ietf-i2rs-protocol-security-requirements-15: (with COMMENT)

"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Thu, 29 September 2016 12:09 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: i2rs@ietf.org
Delivered-To: i2rs@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 435AC12B0A8; Thu, 29 Sep 2016 05:09:23 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>
To: "The IESG" <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.34.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <147515096327.18640.11876526456273916445.idtracker@ietfa.amsl.com>
Date: Thu, 29 Sep 2016 05:09:23 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2rs/4WYR2imdRjmL3kEgvAUKOvdEp1c>
Cc: jhaas@pfrc.org, i2rs@ietf.org, i2rs-chairs@ietf.org, draft-ietf-i2rs-protocol-security-requirements@ietf.org
Subject: [i2rs] Stephen Farrell's No Objection on draft-ietf-i2rs-protocol-security-requirements-15: (with COMMENT)
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Sep 2016 12:09:23 -0000

Stephen Farrell has entered the following ballot position for
draft-ietf-i2rs-protocol-security-requirements-15: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-i2rs-protocol-security-requirements/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------


Thanks for adding REQ-16. Comments below are unchanged
from my previous discuss ballot.

- The topic of marking things as allowing insecure read
access has been discussed a lot so I won't get into it
again.

- section 4: "Data passed over the insecure transport
channel MUST NOT contain any data which identifies a person
or any "write" transactions." I don't get what identifying a
write transaction might mean?

- 4.1: "AAA protocols MAY be used to distribute these
identifiers, but other mechanism can be used." If I'm doing
TLS with mutual-auth, then I need a private key and
certificate. I don't think AAA protocols can transport those
(and they probably ought not) so I'm not sure what's meant
here.

- 4.2: What do "valid identity" and "valid identifier" mean?
If the same then use the same terms. But I think you need to
define "validity" or else say that work needs to be done
later. 

- 4.3: I think you're saying here that the i2rs client is
trusted to simply assert the secondary identifier. If so,
then saying that would be good. If not, then I don't know
what you mean.

- 4.4: I still don't see why it'd not be better to use a
different protocol for the non-secure stuff and avoid all
the potential discussion and pitfalls of trying to do all
this in one protocol.

- 4.4: "It is mandatory to use (MTU) on any I2RS client's
Write transaction or the configuration of an Event Scope
transaction." Which "it" do you mean?

- 4.4: The BCP107 stuff is still not useful.

- 4.5: "detect when the data integrity is questionable" -
I've no idea what that means. Nor what it could mean.  Can
you explain?