IETF Logo Mail Archive

Re: Gen-ART LC Review of draft-ietf-dhc-relay-id-suboption-11

Ben Campbell <ben@nostrum.com> Fri, 21 December 2012 15:45 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98B1F21F8CEC; Fri, 21 Dec 2012 07:45:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.484
X-Spam-Level:
X-Spam-Status: No, score=-102.484 tagged_above=-999 required=5 tests=[AWL=0.116, BAYES_00=-2.599, SPF_PASS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wfaa02TCtIAY; Fri, 21 Dec 2012 07:45:15 -0800 (PST)
Received: from shaman.nostrum.com (nostrum-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:267::2]) by ietfa.amsl.com (Postfix) with ESMTP id ADB0621F8C31; Fri, 21 Dec 2012 07:45:14 -0800 (PST)
Received: from [10.0.1.14] (cpe-76-187-92-156.tx.res.rr.com [76.187.92.156]) (authenticated bits=0) by shaman.nostrum.com (8.14.3/8.14.3) with ESMTP id qBLFjDUE096742 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Fri, 21 Dec 2012 09:45:13 -0600 (CST) (envelope-from ben@nostrum.com)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
Subject: Re: Gen-ART LC Review of draft-ietf-dhc-relay-id-suboption-11
From: Ben Campbell <ben@nostrum.com>
In-Reply-To: <8D23D4052ABE7A4490E77B1A012B6307474418FF@mbx-01.win.nominum.com>
Date: Fri, 21 Dec 2012 09:45:15 -0600
Content-Transfer-Encoding: quoted-printable
Message-Id: <E1A0312B-2E9A-4FD6-AAAA-8AE03AE4B965@nostrum.com>
References: <BE996F07-CFB7-47F5-8B17-FA651C294FA3@nostrum.com> <F2B120E98374B2448745C1117BDA1854238F281F@BLRKECMBX23.ad.infosys.com> <8D23D4052ABE7A4490E77B1A012B6307474418FF@mbx-01.win.nominum.com>
To: Ted Lemon <Ted.Lemon@nominum.com>
X-Mailer: Apple Mail (2.1499)
Received-SPF: pass (nostrum.com: 76.187.92.156 is authenticated by a trusted mechanism)
Cc: "gen-art@ietf.org Review Team" <gen-art@ietf.org>, Bharat Joshi <bharat_joshi@infosys.com>, RAMAKRISHNADTV <RAMAKRISHNADTV@infosys.com>, "draft-ietf-dhc-relay-id-suboption.all@tools.ietf.org" <draft-ietf-dhc-relay-id-suboption.all@tools.ietf.org>, "ietf@ietf.org List" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Dec 2012 15:45:15 -0000

On Dec 21, 2012, at 8:27 AM, Ted Lemon <Ted.Lemon@nominum.com> wrote:

> On Dec 21, 2012, at 7:48 AM, RAMAKRISHNADTV <RAMAKRISHNADTV@infosys.com> wrote:
>> As Ted mentioned, our draft only proposes a new sub-option for relay-agent 
>> option which was originally created as part of RFC3046. So, the security 
>> considerations for RFC3046 apply to our draft as well. RFC3046 deployments may
>> use RFC4030 as explained above. So, we indicated in our draft to refer to 
>> both RFC3046 and RFC4030. But there are no specific security issues in the 
>> new relay-id sub-op
>> tion itself to make RFC4030 a MUST.
> 
> To put it a bit differently, changing the security considerations for RFC3046 is out of scope for this document.   It could certainly be argued that the security considerations for RFC3046 are too weak, but if that is an argument that someone wants to make, the argument should be made in the context of updating RFC3046, not in the context of adding a new DHCP relay option.
> 

Thanks Ted, that makes perfect sense. 

As I responded separately to Ramakrishna, is the SHOULD use 4030 language a new requirement specific to this draft? Or is it just describing requirements in 3046 or elsewhere?

Thanks!

Ben.

v2.23.0 | Report a Bug | By Email