[Int-area] Roman Danyliw's No Objection on draft-ietf-intarea-frag-fragile-15: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Thu, 08 August 2019 00:40 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: int-area@ietf.org
Delivered-To: int-area@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A6C9D12008A; Wed, 7 Aug 2019 17:40:28 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-intarea-frag-fragile@ietf.org, Joel Halpern <joel.halpern@ericsson.com>, Joel Halpern <jmh@joelhalpern.com>, intarea-chairs@ietf.org, jmh@joelhalpern.com, int-area@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.100.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <156522482867.8301.3746321427604928192.idtracker@ietfa.amsl.com>
Date: Wed, 07 Aug 2019 17:40:28 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/zzEGyQXhEBLDtfnwzKoI74C1380>
Subject: [Int-area] Roman Danyliw's No Objection on draft-ietf-intarea-frag-fragile-15: (with COMMENT)
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 00:40:29 -0000

Roman Danyliw has entered the following ballot position for
draft-ietf-intarea-frag-fragile-15: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-intarea-frag-fragile/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

** I support Alissa Cooper's discuss item

** Section 3.7.  Per the discussion about NIDS, evasion using fragments also
arose when stateless pattern matching occurred.

** Section 3.7.  Related to NIDS, naïve flow-based anomaly detection
systems/analytics have also been known to introduce false positives, if IP
packet counts are confused with IP fragment counts.

** Editorial
-- Section 1.  Per “but the designer should to be aware that fragmented packets
may result in blackholes”, the reference to a “blackholes” seems imprecise.

-- Section 2.1.  Typo.  s/Whlie/While/

-- Section 3.8.2.  Recommend adding a sentence at the end of the first
paragraph to suggest this is just an example.  I’ve seen even worst default
ICMP policies in consumer routers.

-- Section 3.8.2.  Typo.  s/a incorrect/an incorrect/

-- Section 5.1. Typo. s/signalling/signaling/