Re: [ippm] Roman Danyliw's Discuss on draft-ietf-ippm-ioam-conf-state-07: (with DISCUSS and COMMENT)
Roman Danyliw <rdd@cert.org> Thu, 27 October 2022 14:21 UTC
Return-Path: <rdd@cert.org>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17201C14CE2B; Thu, 27 Oct 2022 07:21:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JDqVw8SXg2ZQ; Thu, 27 Oct 2022 07:21:31 -0700 (PDT)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0093.outbound.protection.office365.us [23.103.208.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E886C14F73E; Thu, 27 Oct 2022 07:21:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=ZeSeBSAyKxRDYKcI1g7taijETCeQSGUCx74LZe7YSFpGrxRKhSpaKjKRG6g6ijiAd7xbbeZgh8nLtkzHOKtHIFRFOaE75cAot49aifi2nWHyUiJ3pZE5uL7ldtQ5hHBBl84/vsQ4yuyNeGyzYEHu36WJrHf+6NtFsfpGb+cx02jc2vuIZyFOB71ZgnnIiGSvG6ROPA5f85Y8VI789KIne65soWY7V7cunlfzrO1kIF2xiJEMTq3+Tx9Ix5qbnrUAwCd4e/C6hZS3VSoOxT55y4+CKOfVncyHasnvBBGkp6xsIufStVX++0WBT2SSOX2USpAy2xFjIZnZQhpaG1Hgrw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OnB4QnU5HmDjuqhB4Mac63g4QVrCl367eUjYo54hHF0=; b=xWVPQN+OVcKeig9bSqlyQHs/7ovBshJ0dd+J34Ug2j+heKE0BGNc6JzIbVgHvsXsy9UTTSFZJwoZmcdMpW5qubA5Nt5a/rGCUDko4WilNiKELYTMpVSor4860FDRt5zoGthnEDykcYUwWiZR52D21V/W5C06L2jgH5nLZUIHzJaAihpmGyBHmeAyrfKXXIcXRqObwGYF7mCpd7WEQADKdSaqNGwTJJyd1bE1b4ZUk9loUAi/783ywbcoApUGdIdz8qXn95aRlDjj58icxmz3x5h0Mn+kol307bz3HUEHt9T42P3KBany77OAb7+2LoICGxLQ5+Telm0BZzUwd0yVSg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OnB4QnU5HmDjuqhB4Mac63g4QVrCl367eUjYo54hHF0=; b=dfEw+sAI4qcPJZp/Zo39TgCxcmDELDuU//tsnazJyk8onqeY7wIJum9Cs1dNW/VhPojTlsRm/D5HMY7AMo4THO34I1P4OdO/d2JEiynMRPbWpl4iDo6Ps1GLAuYKV1lcGF++RObXzhAPOc18heDre63MSkj95LrRtXt9ODwQaiU=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1238.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:17f::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.21; Thu, 27 Oct 2022 14:21:25 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::11dc:e93c:167b:f429]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::11dc:e93c:167b:f429%6]) with mapi id 15.20.5746.028; Thu, 27 Oct 2022 14:21:25 +0000
From: Roman Danyliw <rdd@cert.org>
To: "xiao.min2@zte.com.cn" <xiao.min2@zte.com.cn>
CC: "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-ippm-ioam-conf-state@ietf.org" <draft-ietf-ippm-ioam-conf-state@ietf.org>, "ippm-chairs@ietf.org" <ippm-chairs@ietf.org>, "ippm@ietf.org" <ippm@ietf.org>, "marcus.ihlar@ericsson.com" <marcus.ihlar@ericsson.com>
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-ippm-ioam-conf-state-07: (with DISCUSS and COMMENT)
Thread-Index: AQHY6OGq0kXZl0sdsUOe8GDnWmSDtq4gSWiAgAIDc5A=
Date: Thu, 27 Oct 2022 14:21:25 +0000
Message-ID: <BN2P110MB11079F6463BBBA3F54D60FA9DC339@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: 166675086250.47604.7864402101541987293@ietfa.amsl.com <202210261535570590272@zte.com.cn>
In-Reply-To: <202210261535570590272@zte.com.cn>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN2P110MB1107:EE_|BN2P110MB1238:EE_
x-ms-office365-filtering-correlation-id: 91f84ba2-8eaa-4404-c357-08dab82687bb
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: bFNnLOCNZrSJ6MUtYl1EEQyZ6EVLslh22wVZ1bq1Xs7I2kAK5OgN5GjvnGwaoO8JOh8Mp+D06hm7attZBnlEoAr10uVvGTFHXlY20rjhqe106dQ4HLhmSdfKqlsQ+B2hIIW5XbmU0wXnp5g8LLqUnl3+I0mbNn9QjFtg4MzWPY4IxknAcIQsxhCrMOJUUWn7dJkcJCTZpskZh+k54W9fzfuMtgJ9bCoAM5XY2KjjhOt2WXRZxaE6O4GPNB3ZgDZUUG2svRAJDAz+d3Wx2Jk07oGxEwnQeksKtpJduPmdP4xoflyo2XpRW/3ghhUDm5xo0uM7tXe924aBavpOhDaAoKr872OpiqgsZx2A9TC1p4RjFIROfM6FIF5Y357L4jbK8NJIXaCn8PttXG8grjd+DSSUgEp/5qZE98j8UjaHellEf3RPZREXvwjV7UlzQ98fDiu5ER+gpoCyjpzLYZH8Ofk3q3dyo7gyESfHgYBY9KBuqSfsVmNlP56HJH+6m5VkHbF3BjpU1iaGyYIBOUtzJtQQSvheTvkLxk+0Ws6y5enEbVLKOsqT4heSHi+4StJYyD4tzgppXWAddcYT/+erdU6CBw8v/MonO4tkWZ1N5I7Aco1OTKJ74CecP382o8qfTyxipGQmAxW9RHN2no51t1V8267fLul5H3aVxBj5ZqmexB2HXwfpjuGjO2CkM/BscnSr1usG2QorHwCYC219Qg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230022)(366004)(451199015)(76116006)(38070700005)(53546011)(33656002)(66556008)(86362001)(66446008)(64756008)(2906002)(66946007)(6916009)(8936002)(8676002)(52536014)(66476007)(5660300002)(6506007)(54906003)(9686003)(4326008)(26005)(38100700002)(7696005)(55016003)(186003)(82960400001)(71200400001)(166002)(966005)(122000001)(498600001)(83380400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: /SGqCq8hHkJUKs7/LG3h1aQdwii3mcDG2dCA4Jl1Ws36ELGB04caJlNvaj0M/xuJ54Ev7paBtv0xAP5ES5PFixZOP2S2fqF1tRgOnLWg8u5WBh2rlf0YTe+S3A0rAUYCUUArhkAko7Zfbcn2al+vxZAeuEzNYVYsPW++UWoUP5SrIXAJ5LWo8zyI/RJ3XA/2ZFparMrvE03Ek3xiLrXNUQ8JjXCxtBYAMYFrtwEE2QrSIE56h5U+gZGQqfyiaZ/iTh5kMPvXW7Cmw/DKig1h87Zs4GAz41ChI5cE1P7gp0LZWoFjlEUee8pBlA4iLEaI/tWJ/SqoZeS7QtqEkowbhT4JkcXgEkw0WX1tdZkuu8ZjdbOVApjHikXzf8GyU7cNWFXZpn5f8z4Oqy45Hcl4L1+P4PwOiTNe8Z0WQNCGuaE=
Content-Type: multipart/alternative; boundary="_000_BN2P110MB11079F6463BBBA3F54D60FA9DC339BN2P110MB1107NAMP_"
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 91f84ba2-8eaa-4404-c357-08dab82687bb
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2022 14:21:25.1375 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1238
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/f_3yuYiNW07CffeIGdMEu6xu2rs>
Subject: Re: [ippm] Roman Danyliw's Discuss on draft-ietf-ippm-ioam-conf-state-07: (with DISCUSS and COMMENT)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Oct 2022 14:21:36 -0000
Hi Xiao! Thanks for the quick response. The refined text described below addresses my concerns. Roman From: iesg <iesg-bounces@ietf.org> On Behalf Of xiao.min2@zte.com.cn Sent: Wednesday, October 26, 2022 3:36 AM To: Roman Danyliw <rdd@cert.org> Cc: iesg@ietf.org; draft-ietf-ippm-ioam-conf-state@ietf.org; ippm-chairs@ietf.org; ippm@ietf.org; marcus.ihlar@ericsson.com Subject: Re: Roman Danyliw's Discuss on draft-ietf-ippm-ioam-conf-state-07: (with DISCUSS and COMMENT) Hi Roman Thank you for the review and thoughtful comments. Please check inline the proposed changes that will be incorporated into the next revision. Best Regards, Xiao Min Original From: RomanDanyliwviaDatatracker <noreply@ietf.org<mailto:noreply@ietf.org>> To: The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>; Cc: draft-ietf-ippm-ioam-conf-state@ietf.org<mailto:draft-ietf-ippm-ioam-conf-state@ietf.org> <draft-ietf-ippm-ioam-conf-state@ietf.org<mailto:draft-ietf-ippm-ioam-conf-state@ietf.org>>;ippm-chairs@ietf.org <ippm-chairs@ietf.org<mailto:ippm-chairs@ietf.org>>;ippm@ietf.org <ippm@ietf.org<mailto:ippm@ietf.org>>;marcus.ihlar@ericsson.com <marcus.ihlar@ericsson.com<mailto:marcus.ihlar@ericsson.com>>;marcus.ihlar@ericsson.com <marcus.ihlar@ericsson.com<mailto:marcus.ihlar@ericsson.com>>; Date: 2022年10月26日 10:21 Subject: Roman Danyliw's Discuss on draft-ietf-ippm-ioam-conf-state-07: (with DISCUSS and COMMENT) Roman Danyliw has entered the following ballot position for draft-ietf-ippm-ioam-conf-state-07: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ippm-ioam-conf-state/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Section 6. A deployment can increase security by using border filtering of incoming and outgoing echo requests/replies. Thanks for calling out the security impact of echo request/replies. Since the cited RFC9197 reminds the reader that a “network operator is expected to enforce policies that prevent IOAM traffic from leaking outside of the IOAM-Domain”, why is this guidance not mandatory? Would the following text be more appropriate? NEW A deployment MUST ensure that border filtering drops inbound echo requests with a IOAM Capabilities Container Header from outside of the domain, and drops outbound echo request/replies with IOAM Capabilities Headers leaving the domain. [XM]>>> Yes, I think the text proposed by you is more appropriate. Typo s/a IOAM Capabilities/an IOAM Capabilities. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you to Chris Lonvick for the SECDIR review. Section 3.1. Typo. s/begining/beginning/ Section 6. Typo. s/securiy/security/ [XM]>>> OK, will fix. Thank you for catching them.
- [ippm] Roman Danyliw's Discuss on draft-ietf-ippm… Roman Danyliw via Datatracker
- Re: [ippm] Roman Danyliw's Discuss on draft-ietf-… xiao.min2
- Re: [ippm] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw
- Re: [ippm] Roman Danyliw's Discuss on draft-ietf-… xiao.min2
- Re: [ippm] Roman Danyliw's Discuss on draft-ietf-… xiao.min2