Re: [Idr] Roman Danyliw's No Objection on draft-ietf-idr-eag-distribution-16: (with COMMENT)

Jeff Tantsura <jefftant.ietf@gmail.com> Fri, 04 June 2021 21:56 UTC

Return-Path: <jefftant.ietf@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EF8D3A2284; Fri, 4 Jun 2021 14:56:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id exl5fHXUJBpE; Fri, 4 Jun 2021 14:56:08 -0700 (PDT)
Received: from mail-pj1-x1032.google.com (mail-pj1-x1032.google.com [IPv6:2607:f8b0:4864:20::1032]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03C8F3A2283; Fri, 4 Jun 2021 14:56:07 -0700 (PDT)
Received: by mail-pj1-x1032.google.com with SMTP id k22-20020a17090aef16b0290163512accedso5830086pjz.0; Fri, 04 Jun 2021 14:56:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:message-id:in-reply-to:references:subject :mime-version; bh=5G/naAHfCikyzoQR6HY3exjCHPm8UpizFJ+t8fCgs2Q=; b=IsHtnIlrsFIQw7svuTo8RQ5/GEByv+++KYBz9E2QVYyp+mPMdd9YoVVsvD03FJZ3U7 RyxqzF8e14L8+PnIPdcZCLvP2N599iy50ZYWaC2ZdSCxeulCqrsjETxxl6ueA8SF1aY5 RL+It+pw47CgoEVFRwCmYk3wivEahMyOr7jp+SdDsy/0bwXv7a4WxOEzFMMp1g5BpCP6 NPA0/6Q+yVOLU88hcXswnltOE1KPfrQ4pSHNYZZuALx3VgvhQX7ZLo4hzojhvUNaEliG hB+FyikFvc3nTqExl1Jnp1EzCtfmkX2zWyByCQbw6pnvdfnHjJcLoLwqSOkoST0z4ha+ /fyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:message-id:in-reply-to :references:subject:mime-version; bh=5G/naAHfCikyzoQR6HY3exjCHPm8UpizFJ+t8fCgs2Q=; b=Xk5Qz8XlEO2PPQH61okgmbHTV6cvd/yVj8xKJBnVu/c2DOLNaTO2nzCuI0unYb4gVm XFYjEgx2PQtbfgG7WckW6k+z9cigQjEYmGUsAIjxzCT4Gn3tON5ydMN7VmWHP3FIQDmO Dv9Z8MkQjAqHBAh5nNyZO+9lOuy9QuUdYVedWVSzFYDLc3Kv0k+h/ve7RnStC5BJ8hDi MPRfFArZKDyD363eQES22mXy1lgV3cgydYyCi9fXtyUAi9tqdrixLCbKMY3JJqTdeltA IZv0xm+N5SKh4EaKPYxEyH39+xbH2Re80YRnC7wwmvwZu9gCI8PkMB7+jRm9Jo5gpQS8 mSAQ==
X-Gm-Message-State: AOAM533Z5t5w1oFpDclQT31sBGi9YKmZ39F64/P5tNTGlSrH9LzUN8pF 03UeBIOFPEW0YzT9WcF8YsY=
X-Google-Smtp-Source: ABdhPJwUwwc898+RWe1LRX8HReXIy0Wkfuon9peKQOGaFHiN5SoOfyUm/z4ytL3i0mBd9wYxnWQRDw==
X-Received: by 2002:a17:902:b687:b029:eb:6491:b3f7 with SMTP id c7-20020a170902b687b02900eb6491b3f7mr6358642pls.38.1622843767088; Fri, 04 Jun 2021 14:56:07 -0700 (PDT)
Received: from [192.168.1.2] (c-73-63-232-212.hsd1.ca.comcast.net. [73.63.232.212]) by smtp.gmail.com with ESMTPSA id v22sm2476859pff.105.2021.06.04.14.56.05 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 04 Jun 2021 14:56:06 -0700 (PDT)
Date: Fri, 4 Jun 2021 14:55:59 -0700
From: Jeff Tantsura <jefftant.ietf@gmail.com>
To: Benjamin Kaduk <kaduk@mit.edu>, Roman Danyliw <rdd@cert.org>
Cc: The IESG <iesg@ietf.org>, "=?utf-8?Q?draft-ietf-idr-eag-distribution=40ietf.org?=" <draft-ietf-idr-eag-distribution@ietf.org>, "=?utf-8?Q?idr=40ietf.org?=" <idr@ietf.org>, "=?utf-8?Q?aretana.ietf=40gmail.com?=" <aretana.ietf@gmail.com>, Susan Hares <shares@ndzh.com>, "=?utf-8?Q?idr-chairs=40ietf.org?=" <idr-chairs@ietf.org>
Message-ID: <36384354-27a3-4234-87ac-8dd1b1de8151@Spark>
In-Reply-To: <a4cf232b8b7146f193d79edc38203c4e@cert.org>
References: <162134343909.18873.6150461240123862844@ietfa.amsl.com> <3d06050a-4e2d-44c5-873a-0dc3518655e6@Spark> <20210519041211.GI32395@kduck.mit.edu> <a4cf232b8b7146f193d79edc38203c4e@cert.org>
X-Readdle-Message-ID: 36384354-27a3-4234-87ac-8dd1b1de8151@Spark
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="60baa174_6b68079a_dc46"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/zIjKJuYHUn8dhr-yK5J7mFtknWU>
Subject: Re: [Idr] Roman Danyliw's No Objection on draft-ietf-idr-eag-distribution-16: (with COMMENT)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jun 2021 21:56:14 -0000

Hi Roman and Ben,

Thank you very much for the review and comments, mentioning  rfc7308 as a reference in the security section was an error.
Please review draft-ietf-idr-eag-distribution-19 and let me know whether your comments have been addressed.

Thanks and have a great weekend.

Cheers,
Jeff
On May 19, 2021, 3:04 PM -0700, Roman Danyliw <rdd@cert.org>rg>, wrote:
> Hi Jeff!
>
> Ben spoke eloquently on my behalf. My thinking is exactly as Ben describes it below ...
>
> Roman
>
> > -----Original Message-----
> > From: Benjamin Kaduk <kaduk@mit.edu>
> > Sent: Wednesday, May 19, 2021 12:12 AM
> > To: Jeff Tantsura <jefftant.ietf@gmail.com>
> > Cc: The IESG <iesg@ietf.org>rg>; Roman Danyliw <rdd@cert.org>rg>; draft-ietf-idr-
> > eag-distribution@ietf.org; idr@ietf.org; aretana.ietf@gmail.com; Susan Hares
> > <shares@ndzh.com>om>; idr-chairs@ietf.org
> > Subject: Re: Roman Danyliw's No Objection on draft-ietf-idr-eag-distribution-
> > 16: (with COMMENT)
> >
> > Hi Jeff,
> >
> > I'm not Roman, but I would have made the same comment.
> >
> > I don't think that this is quite a question of "just" adding more references -- the
> > -16 currently says that there is some kind of "required security [mechanisms?]"
> > from the IGP, and that RFC 7308 specifies how to achieve that level of required
> > security. While RFC 7308 clearly is not a good reference for that, the question
> > as to what the "required security [mechanisms?]" is/are remains unanswered.
> > Once we know the answer to that, we can give better guidance about what
> > references to use and how to write the text using those references.
> >
> > Thanks,
> >
> > Ben
> >
> > On Tue, May 18, 2021 at 10:38:16PM -0500, Jeff Tantsura wrote:
> > > Hi Roman,
> > >
> > > Thanks for your review.
> > >
> > > I see your point, practically, this draft uses  BGP-LS (RFC7752) to transport
> > IGP data, and 7752 talks in details about security considerations.
> > > The security section of RFC7308 is indeed quite short.
> > > Would adding references to security sections of  OSPFv2 (RFC 3630), OSPFv3
> > (RFC 5329) and IS-IS (RFC 5305) work for you?
> > >
> > > Thanks!
> > >
> > > Cheers,
> > > Jeff
> > > On May 18, 2021, 8:10 AM -0500, Roman Danyliw via Datatracker
> > <noreply@ietf.org>rg>, wrote:
> > > > Roman Danyliw has entered the following ballot position for
> > > > draft-ietf-idr-eag-distribution-16: No Objection
> > > >
> > > > When responding, please keep the subject line intact and reply to
> > > > all email addresses included in the To and CC lines. (Feel free to
> > > > cut this introductory paragraph, however.)
> > > >
> > > >
> > > > Please refer to
> > > > https://www.ietf.org/iesg/statement/discuss-criteria.html
> > > > for more information about DISCUSS and COMMENT positions.
> > > >
> > > >
> > > > The document, along with other ballot positions, can be found here:
> > > > https://datatracker.ietf.org/doc/draft-ietf-idr-eag-distribution/
> > > >
> > > >
> > > >
> > > > --------------------------------------------------------------------
> > > > --
> > > > COMMENT:
> > > > --------------------------------------------------------------------
> > > > --
> > > >
> > > > Per Section 4 (Security Considerations),
> > > >
> > > > It is assumed that the IGP instances originating this TLV will
> > > > support all the required security (as described in [RFC7308]) in
> > > > order to prevent any security issues when propagating the TLVs into
> > > > BGP-LS.
> > > >
> > > > The Security Considerations (Section 3) of RFC7308 reads "This
> > > > extension adds no new security considerations." What guidance is this
> > sentence providing?
> > > >
> > > >
> > > >