Re: [Idr] Roman Danyliw's No Objection on draft-ietf-idr-eag-distribution-16: (with COMMENT)

Roman Danyliw <rdd@cert.org> Wed, 19 May 2021 22:04 UTC

Return-Path: <rdd@cert.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DD1A3A20F3; Wed, 19 May 2021 15:04:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.399
X-Spam-Level:
X-Spam-Status: No, score=-4.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hcXshd9V8CKH; Wed, 19 May 2021 15:04:25 -0700 (PDT)
Received: from veto.sei.cmu.edu (veto.sei.cmu.edu [147.72.252.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 170163A20DC; Wed, 19 May 2021 15:04:24 -0700 (PDT)
Received: from korb.sei.cmu.edu (korb.sei.cmu.edu [10.64.21.30]) by veto.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id 14JM4NLa013309; Wed, 19 May 2021 18:04:23 -0400
DKIM-Filter: OpenDKIM Filter v2.11.0 veto.sei.cmu.edu 14JM4NLa013309
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1621461863; bh=TQXunXcnBF/J5retNrfev6GLPo7DGsbIJL4Aw2HojPY=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=VSweTuRHz5oRYmujHEnESKZVLO+ccceteNWR5iM2ix3P00INVvr63OtLCCVjXagr6 v27M/ua3+WigNiN8vKLriGY2iBVu+FA5lCIU8CqUQT1R0lyK/urzF1NAAyOHRSLHBL 5XLeRgYs2ZLaVLwUzMJQeMYwKmOC71YjeqhMn+0M=
Received: from MURIEL.ad.sei.cmu.edu (muriel.ad.sei.cmu.edu [147.72.252.47]) by korb.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id 14JM4LHX031236; Wed, 19 May 2021 18:04:21 -0400
Received: from MORRIS.ad.sei.cmu.edu (147.72.252.46) by MURIEL.ad.sei.cmu.edu (147.72.252.47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Wed, 19 May 2021 18:04:21 -0400
Received: from MORRIS.ad.sei.cmu.edu ([fe80::555b:9498:552e:d1bb]) by MORRIS.ad.sei.cmu.edu ([fe80::555b:9498:552e:d1bb%13]) with mapi id 15.01.2242.008; Wed, 19 May 2021 18:04:21 -0400
From: Roman Danyliw <rdd@cert.org>
To: Benjamin Kaduk <kaduk@mit.edu>, Jeff Tantsura <jefftant.ietf@gmail.com>
CC: The IESG <iesg@ietf.org>, "draft-ietf-idr-eag-distribution@ietf.org" <draft-ietf-idr-eag-distribution@ietf.org>, "idr@ietf.org" <idr@ietf.org>, "aretana.ietf@gmail.com" <aretana.ietf@gmail.com>, Susan Hares <shares@ndzh.com>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>
Thread-Topic: Roman Danyliw's No Objection on draft-ietf-idr-eag-distribution-16: (with COMMENT)
Thread-Index: AQHXS+dAQlCm5p4qFEiVlF9I33O4q6rqbA0AgAAJeoCAAOgpoA==
Date: Wed, 19 May 2021 22:04:21 +0000
Message-ID: <a4cf232b8b7146f193d79edc38203c4e@cert.org>
References: <162134343909.18873.6150461240123862844@ietfa.amsl.com> <3d06050a-4e2d-44c5-873a-0dc3518655e6@Spark> <20210519041211.GI32395@kduck.mit.edu>
In-Reply-To: <20210519041211.GI32395@kduck.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.201.59]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/8D4lle80n6MZ8FOPmDMksPjy_wM>
Subject: Re: [Idr] Roman Danyliw's No Objection on draft-ietf-idr-eag-distribution-16: (with COMMENT)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 May 2021 22:04:35 -0000

Hi Jeff!

Ben spoke eloquently on my behalf.  My thinking is exactly as Ben describes it below ...

Roman

> -----Original Message-----
> From: Benjamin Kaduk <kaduk@mit.edu>
> Sent: Wednesday, May 19, 2021 12:12 AM
> To: Jeff Tantsura <jefftant.ietf@gmail.com>
> Cc: The IESG <iesg@ietf.org>rg>; Roman Danyliw <rdd@cert.org>rg>; draft-ietf-idr-
> eag-distribution@ietf.org; idr@ietf.org; aretana.ietf@gmail.com; Susan Hares
> <shares@ndzh.com>om>; idr-chairs@ietf.org
> Subject: Re: Roman Danyliw's No Objection on draft-ietf-idr-eag-distribution-
> 16: (with COMMENT)
> 
> Hi Jeff,
> 
> I'm not Roman, but I would have made the same comment.
> 
> I don't think that this is quite a question of "just" adding more references -- the
> -16 currently says that there is some kind of "required security [mechanisms?]"
> from the IGP, and that RFC 7308 specifies how to achieve that level of required
> security.  While RFC 7308 clearly is not a good reference for that, the question
> as to what the "required security [mechanisms?]" is/are remains unanswered.
> Once we know the answer to that, we can give better guidance about what
> references to use and how to write the text using those references.
> 
> Thanks,
> 
> Ben
> 
> On Tue, May 18, 2021 at 10:38:16PM -0500, Jeff Tantsura wrote:
> > Hi Roman,
> >
> > Thanks for your review.
> >
> > I see your point, practically, this draft uses  BGP-LS (RFC7752) to transport
> IGP data, and 7752 talks in details about security considerations.
> > The security section of RFC7308 is indeed quite short.
> > Would adding references to security sections of  OSPFv2 (RFC 3630), OSPFv3
> (RFC 5329) and IS-IS (RFC 5305) work for you?
> >
> > Thanks!
> >
> > Cheers,
> > Jeff
> > On May 18, 2021, 8:10 AM -0500, Roman Danyliw via Datatracker
> <noreply@ietf.org>rg>, wrote:
> > > Roman Danyliw has entered the following ballot position for
> > > draft-ietf-idr-eag-distribution-16: No Objection
> > >
> > > When responding, please keep the subject line intact and reply to
> > > all email addresses included in the To and CC lines. (Feel free to
> > > cut this introductory paragraph, however.)
> > >
> > >
> > > Please refer to
> > > https://www.ietf.org/iesg/statement/discuss-criteria.html
> > > for more information about DISCUSS and COMMENT positions.
> > >
> > >
> > > The document, along with other ballot positions, can be found here:
> > > https://datatracker.ietf.org/doc/draft-ietf-idr-eag-distribution/
> > >
> > >
> > >
> > > --------------------------------------------------------------------
> > > --
> > > COMMENT:
> > > --------------------------------------------------------------------
> > > --
> > >
> > > Per Section 4 (Security Considerations),
> > >
> > > It is assumed that the IGP instances originating this TLV will
> > > support all the required security (as described in [RFC7308]) in
> > > order to prevent any security issues when propagating the TLVs into
> > > BGP-LS.
> > >
> > > The Security Considerations (Section 3) of RFC7308 reads "This
> > > extension adds no new security considerations." What guidance is this
> sentence providing?
> > >
> > >
> > >