Re: Gen-ART LC Review of draft-ietf-karp-routing-tcp-analysis-05.txt
Ben Campbell <ben@nostrum.com> Wed, 21 November 2012 23:13 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54FA821F84C4; Wed, 21 Nov 2012 15:13:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.479
X-Spam-Level:
X-Spam-Status: No, score=-102.479 tagged_above=-999 required=5 tests=[AWL=0.121, BAYES_00=-2.599, SPF_PASS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TNe4AXAf5M6S; Wed, 21 Nov 2012 15:13:04 -0800 (PST)
Received: from shaman.nostrum.com (nostrum-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:267::2]) by ietfa.amsl.com (Postfix) with ESMTP id 4EDB021F84C2; Wed, 21 Nov 2012 15:13:04 -0800 (PST)
Received: from [10.0.1.9] (cpe-76-187-92-156.tx.res.rr.com [76.187.92.156]) (authenticated bits=0) by shaman.nostrum.com (8.14.3/8.14.3) with ESMTP id qALNCx3D077248 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Wed, 21 Nov 2012 17:12:59 -0600 (CST) (envelope-from ben@nostrum.com)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
Subject: Re: Gen-ART LC Review of draft-ietf-karp-routing-tcp-analysis-05.txt
From: Ben Campbell <ben@nostrum.com>
In-Reply-To: <F53DCC9A-8AA1-42D4-BF19-88ABCCCA68A7@gmail.com>
Date: Wed, 21 Nov 2012 17:12:57 -0600
Content-Transfer-Encoding: quoted-printable
Message-Id: <3B3FEC40-3D96-4F77-A628-E80DFAEB2278@nostrum.com>
References: <18E6B18A-D465-47C6-9E06-886DFBFA1F67@nostrum.com> <F53DCC9A-8AA1-42D4-BF19-88ABCCCA68A7@gmail.com>
To: Mahesh Jethanandani <mjethanandani@gmail.com>
X-Mailer: Apple Mail (2.1499)
Received-SPF: pass (nostrum.com: 76.187.92.156 is authenticated by a trusted mechanism)
Cc: draft-ietf-karp-routing-tcp-analysis.all@tools.ietf.org, "gen-art@ietf.org Review Team" <gen-art@ietf.org>, "ietf@ietf.org List" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Nov 2012 23:13:05 -0000
Hi, thanks for the response. I removed sections that didn't seem to need further comment: On Nov 19, 2012, at 1:58 AM, Mahesh Jethanandani <mjethanandani@gmail.com> wrote: [...] >> >> *** Minor issues *** : >> >> -- section 2.2, last paragraph: >> >> The IKE mention lacks context. Do you mean to suggest IKE with IPSec? I assume so, but there's been no mention of IPSec so far. > > No. It implies the use of IKEv2 protocol for performing mutual authentication and establishing SA. There is no suggestion of using IKE with IPSec. > > How about this? > > For point-to-point key management IKEv2[RFC5996] protocol provides ... 5996 describes IKEv2 as a component of IPSec, and a key-management mechanism for ESP and AH SAs. Now, I won't claim to be an IKE expert by any extent, but I think that if you mean to use IKE _without_ IPSec it would be good to add a sentence or two pointing that out. Or is there some other reference that could be used that describes using IKEv2 for non-IPSec SAs? > > >> >> -- section 2.3.2: >> >> It would be helpful for this section to describe whether privacy issues actually matter or not, rather than just stating the issues to be similar to those for other routing protocols. > > Changed it to: > > Labels, like routing information are distributed in the clear. There is currently no requirement for labels to be encrypted and that work is outside the scope of the KARP working group. WFM > >> >> -- section 3.1, 2nd paragraph: >> >> Does this mean that privacy is really not needed, or just that LDP does not state a requirement for privacy? > > Further clarified it in this section. > > Labels are similar to routing information which is distributed in the clear. It is important to ensure that routers exchaning labels are mutually authenticated and that there are no rogue peers or unauthenticated peers that can compromise the stability of the network. However, there is currently no requirement that the labels be encrypted. Okay > >> >> -- Section 6 (Security Considerations), 4th paragraph: >> >> If replay protection is required, shouldn't the draft discuss the details somewhere? I see only one mention in passing outside of this section. > > I have moved the replay protection requirement to the gap analysis section. > > However, this document is a analysis draft, and it is my understanding that details on what replay protection methods should be adopted, is best left to the routing protocols in question. That's fine, pointing out the gap is sufficient. > >> >> *** Nits/editorial comments ***: >> >> -- IDNits indicates some unused and obsoleted references. Please check. > > Found one unused reference and have removed it. Seems like there were more than one. From IDNits: == Missing Reference: 'IRR' is mentioned on line 92, but not defined == Unused Reference: 'RFC2409' is defined on line 585, but no explicit reference was found in the text == Unused Reference: 'RFC3547' is defined on line 588, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2385 (Obsoleted by RFC 5925) -- Obsolete informational reference (is this intentional?): RFC 2409 (Obsoleted by RFC 4306) -- Obsolete informational reference (is this intentional?): RFC 3547 (Obsoleted by RFC 6407) [...] > >> >> -- section 2.1, 5th paragraph: >> >> A mention of SHA1 seems needed here. Section 2.3.1.2 states the concerns about TCP-md5 more clearly. > > The 6th paragraph states the concern and mentions SHA-1. Did you want something more to be included? No, sorry, on a re-read I think it's okay. [...] >> >> -- section 4, 2nd paragraph: "In addition Improving TCP’s Robustness to Blind In-Window Attacks." >> >> sentence fragment. > > Changed it to say: > > In addition, the recommendations in Improving TCP's Robustness to Blind In-Window Attacks > Am I correct in assuming this merges with the following sentence? Otherwise, it's still a fragment. [...] Thanks! Ben.
- Gen-ART LC Review of draft-ietf-karp-routing-tcp-… Ben Campbell
- Re: Gen-ART LC Review of draft-ietf-karp-routing-… Mahesh Jethanandani
- Re: Gen-ART LC Review of draft-ietf-karp-routing-… Ben Campbell
- Re: Gen-ART LC Review of draft-ietf-karp-routing-… Mahesh Jethanandani
- Re: Gen-ART LC Review of draft-ietf-karp-routing-… Mahesh Jethanandani
- Re: [Gen-art] Gen-ART LC Review of draft-ietf-kar… Ben Campbell