Re: [Int-area] xping and IPv6 Node Information Queries (????)

神明達哉 <jinmei@wide.ad.jp> Tue, 28 March 2017 23:23 UTC

Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8918C129583 for <int-area@ietfa.amsl.com>; Tue, 28 Mar 2017 16:23:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.702
X-Spam-Level:
X-Spam-Status: No, score=-1.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.197, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ddXPZB7GciGJ for <int-area@ietfa.amsl.com>; Tue, 28 Mar 2017 16:22:59 -0700 (PDT)
Received: from mail-qt0-x22e.google.com (mail-qt0-x22e.google.com [IPv6:2607:f8b0:400d:c0d::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F336212949D for <int-area@ietf.org>; Tue, 28 Mar 2017 16:22:55 -0700 (PDT)
Received: by mail-qt0-x22e.google.com with SMTP id r45so77680808qte.3 for <int-area@ietf.org>; Tue, 28 Mar 2017 16:22:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=pCdmZb9rMBbYQS1Mck3HuH0EaKk+pfR0UTdSJYFN/BA=; b=QiWtll5ce0lAfGBv19LV4YjecsMur+EuMYlhGVAllZBx/wOwThSy7RsGhhjLX7jE9i mVTsDbiCDlQjHCMvGDYiY5wvVGre1HJr040P4byoxaYTjZMz84JiSzQopzSaF7Ofzr/y uwMnf7sn89ZQ8WviYd0EAzVhNQsyp8dmruomumiSbEZAVGHkMQ9rvHRQ6oEJ+6oSP+OM HpNmcaUMBhcqci6Sh9i+hI5V/oBXJ8uoJqyhiX6/ohz06MIBW+2iVd/e43StnSMrHzDc nF+x1U8G5zwge9Gl0pfrbRcns8FKbNwrd+qs2hrEijoGaxKf2gvcSBbkaljLCGAFPaFc vBww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=pCdmZb9rMBbYQS1Mck3HuH0EaKk+pfR0UTdSJYFN/BA=; b=RVWVKtgF3iZ1jEScn4gAqQv0YilRFPDqxaCPJ0DuMaOIQaWWrDtqnsZEgC4EDsgLIJ f9FX8Kw5x8zZsNQBGytwJ9HD5Cm7ii1sXWHkDXJcsdcG2FrniVbRoj79/4PaZyBY8QgE yxivghanzjHuGwFt+WOv3Xnu8pU3M3sOapg6U4KLIuVUsDrvc01FtVUJRQ0m1WEIb87B lsNCakFxZ0Xi3FegVaBJ5ZC9O8qhYQe7dkM9Bq7NyuZjmSM9VKd0XToCLy2sv/l48mQ2 paHUJwFBVD0rAJ3qRx6KA7/UWfC5lJjp1syPRhQ9jPqiADD/djgDTYus/neVCY0QehtX DL+w==
X-Gm-Message-State: AFeK/H15qR/+kbUIHjMu7YlPg37R8hpcWw9lhiiHpfgJxkP78sua6fl5dimUxZPBFrp00opmUVYKHxZXTeiM/Q==
X-Received: by 10.237.42.194 with SMTP id t60mr31515781qtd.269.1490743374961; Tue, 28 Mar 2017 16:22:54 -0700 (PDT)
MIME-Version: 1.0
Sender: jinmei.tatuya@gmail.com
Received: by 10.237.61.204 with HTTP; Tue, 28 Mar 2017 16:22:54 -0700 (PDT)
In-Reply-To: <BLUPR0501MB20518CF62E95CB1C482B3BEFAE320@BLUPR0501MB2051.namprd05.prod.outlook.com>
References: <BLUPR0501MB20518CF62E95CB1C482B3BEFAE320@BLUPR0501MB2051.namprd05.prod.outlook.com>
From: 神明達哉 <jinmei@wide.ad.jp>
Date: Tue, 28 Mar 2017 16:22:54 -0700
X-Google-Sender-Auth: S5QopFbaCXd7acGKrh2FuRa1ty4
Message-ID: <CAJE_bqe09puLMmcBf990x73jZDHQ8n9YFZv2BRgzvAHe-Utpgw@mail.gmail.com>
To: Ron Bonica <rbonica@juniper.net>
Cc: "int-area@ietf.org" <int-area@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/hh82AR9DaJwwKl-D0MSFl-eT16s>
Subject: Re: [Int-area] xping and IPv6 Node Information Queries (????)
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Mar 2017 23:23:00 -0000

At Tue, 28 Mar 2017 23:04:26 +0000,
Ron Bonica <rbonica@juniper.net> wrote:

> Nominally, XPING only returns the following information:
>
> - Interface status (UP/DOWN/Does not exist)
> - Protocols running on the interface (IPv4, IPv6)
>
> Some additional information may be gleaned. We see this as a
> security issue and present mitigations. Please see the Security
> Considerations section.

It looks good to me.  I didn't intend to say xping is a bad idea just
like NIQ isn't deployed very well, but just wanted to point out that
both share some similar considerations.  And so this is a suggestion
for a future version of this draft:

> > Maybe the xping draft refers to
> > it and explains how these two are different.

--
JINMEI, Tatuya