Re: [i2rs] Ben Campbell's No Objection on draft-ietf-i2rs-protocol-security-requirements-08: (with COMMENT)

"Susan Hares" <shares@ndzh.com> Thu, 18 August 2016 02:55 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C34FD12B063; Wed, 17 Aug 2016 19:55:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.738
X-Spam-Level: *
X-Spam-Status: No, score=1.738 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, RDNS_NONE=0.793] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Vw7BYz9cN_j; Wed, 17 Aug 2016 19:55:40 -0700 (PDT)
Received: from hickoryhill-consulting.com (unknown [50.245.122.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E7FD12D130; Wed, 17 Aug 2016 19:55:40 -0700 (PDT)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=174.124.169.225;
From: "Susan Hares" <shares@ndzh.com>
To: "'Ben Campbell'" <ben@nostrum.com>, "'The IESG'" <iesg@ietf.org>
References: <147148830474.23714.14742463076688973726.idtracker@ietfa.amsl.com>
In-Reply-To: <147148830474.23714.14742463076688973726.idtracker@ietfa.amsl.com>
Date: Wed, 17 Aug 2016 22:54:37 -0400
Message-ID: <000801d1f8fb$dd471d00$97d55700$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQINh8A5dk5cjuLgs2hgWO8Payjh05/W5f/w
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2rs/zXoEByEoCn27bx2RJ-X7G9cIocc>
Cc: jhaas@pfrc.org, i2rs@ietf.org, i2rs-chairs@ietf.org, draft-ietf-i2rs-protocol-security-requirements@ietf.org
Subject: Re: [i2rs] Ben Campbell's No Objection on draft-ietf-i2rs-protocol-security-requirements-08: (with COMMENT)
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2016 02:55:42 -0000

Ben: 

I'd be glad to take any further suggestions on section 3.2 that improves it for you.  Does modifying this section from 

Old/
A non-secure transport can be used for publishing telemetry data 
or other operational state that was specifically indicated to
non-confidential in the data model in the Yang syntax.  
/

New/
A non-secure transport can be used for publishing telemetry data 
or other operational state that was specifically indicated to
non-confidential in the data model in the Yang syntax.  
Anything not specifically marked as "non-confidential" MUST 
be transmitted over a secure transport connection.
/

Help your concerns on version 3.2? 

Sue 


-----Original Message-----
From: Ben Campbell [mailto:ben@nostrum.com] 
Sent: Wednesday, August 17, 2016 10:45 PM
To: The IESG
Cc: draft-ietf-i2rs-protocol-security-requirements@ietf.org; Jeffrey Haas; i2rs-chairs@ietf.org; jhaas@pfrc.org; i2rs@ietf.org
Subject: Ben Campbell's No Objection on draft-ietf-i2rs-protocol-security-requirements-08: (with COMMENT)

Ben Campbell has entered the following ballot position for
draft-ietf-i2rs-protocol-security-requirements-08: No Objection

When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-i2rs-protocol-security-requirements/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Version 8 resolved my discuss point for section 3.4. Thanks!

I don't think it resolved my discuss point for 3.2. I'm clearing anyway, because I think my point has been made. I would prefer the language to say that anything not explicitly marked as non-confidential in the relevant data model MUST be sent over a protected transport. But I will leave it to the authors to do the right thing.

I will leave my non-discuss comments below for reference. I think version
8 resolves at least some of them. Any remaining are up to you; none of them are show stoppers.

> -2.1: I am on the fence about other's comments about copying definitions here--but if you do copy them here, it seems strange to not mention "client" or "agent".

[Sue] Removed definitions. 

> I agree with Alissa about equating privacy and confidentiality.
[Sue]: Removed definition with this text. 

-3.1,: 
>? I’m confused by the first paragraph. I don’t find strings of the form of SEC-REQ-XX in 7921. I think _this_ doc sets these requirements, right?

This document restates the concepts in RFC7921, and adds specific numbers.  The restatement in this form allows requirements to be checked against the developed protocol. 


> It’s not clear to me how 5 and 6 differ. Is it just a matter of the additional “before establishing a connection” part in 6?

Version 08 has these two merged. 


> -3.4: Isn't 15 simply a restatement of the third item under 14?

Changed this text.  Please review the new 13 and 14. 

3.5: The  MAYs in 19 and 20 seem like statements of fact. (That is, do they simply recognize reality, or to they  grant permission?)

They provide a list of approved examples so that the NETCONF/RESTCONF can review these examples.  These examples will help the NETCONF/RESTCONF in their design discussions. 

Sue