IETF Logo Mail Archive

Re: [IPsec] John Scudder's No Objection on draft-ietf-ipsecme-mib-iptfs-08: (with COMMENT)

John Scudder <jgs@juniper.net> Mon, 17 October 2022 20:57 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6462DC15257F; Mon, 17 Oct 2022 13:57:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.677
X-Spam-Level:
X-Spam-Status: No, score=-7.677 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=ZyaGpL3K; dkim=pass (1024-bit key) header.d=juniper.net header.b=Xl7bi41C
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q5YY-d-9OMOl; Mon, 17 Oct 2022 13:57:35 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C482C1522B1; Mon, 17 Oct 2022 13:57:35 -0700 (PDT)
Received: from pps.filterd (m0108158.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29HEld5w008377; Mon, 17 Oct 2022 13:57:35 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=iev/5AOyRp/8rgOc/DV436gP5hS4tv34DKDhvkvRmns=; b=ZyaGpL3KKJt0434q6pBViP0hmhK+jz7wWsx/RpKB4LdSJGjAzL2SaVlxXVWpxjXOwoAn eo/uzWVsSNuTultyWH00CysNpROd2w9OmkAigZFJBU41LdwtsRc6Qs7//mP7Gmy1bx0/ E0CkMUQ5cSn9NBbjsvzryuJO+m1cSOgOZ2DQv0ZBf3KGfZvADyTV46Ssdlxw5pBOQze/ FOkaxC2zIMxnyhoSxiFua383gtgJP0mrUdP14v7DPt8beGN7Ia2TrsHyAaDwo8VupMwd iO+iR6+/P3yQXoTCYsHRpCJukdfPfW1+bJof4T5F1OTpcIjuhhmDa6DbREr9y8QiNxt8 7A==
Received: from na01-obe.outbound.protection.outlook.com (mail-eastusazlp17011015.outbound.protection.outlook.com [40.93.11.15]) by mx0a-00273201.pphosted.com (PPS) with ESMTPS id 3k7rjr3xmk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 17 Oct 2022 13:57:34 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QB7XUTn6/x6E0AFHRcNCZlaP1AFptkvhAGWF1oC8i30ZhOiKBQU4Pxkbb3iLGOoSMdpgMdPZbecTKDuN4wGH5BSH02LhwPMJMVmpc4OOSZbmUIJKBY9socYcRdhYttQk6U2hwoE/VEYwS8OVj5MNtoEMak5jWeRXuVs9J7enew8iGXN3oZR3bOqxXDfOgff0ZwjNA6m43lazXdVmd71fNzj7hX5i6OL+FGt050OQujK0SSRAWHZ22pbKPoZYPElum3ks40FDCcP46fRS5x27ft6v8p6FnX8xtxAkYAbqWjekBTa/4liRT+6pf9XUuh86eTo69LxJBrZNQWU+QkBDvQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iev/5AOyRp/8rgOc/DV436gP5hS4tv34DKDhvkvRmns=; b=PZHl9FVCLKPPHyfdcGwA6qUl0PMYxCDi37kNsN3VBYlnWkgFvLKjGx6AudJD+p7Wv32EItEopwx/myW1xtcOl1jH9i6Py1JvRyk19ex5a5cC4tCGfvH/K3wNxrD6IYV02LlKbGvMODqmkCVI7SLSoXe1fxr9rz6TXXfrwRLRPi+LI6CFAn9lkTOc1S4Ci4Waulc3P2ELc16sn2m6TPhL583M3sz6horkh4Nu3LLiTZc2tx4Ax67S3sR5H2hgRQQ1TAl5DnAdiJY290VLCfKZxG7k/9ANpCdk9wkpUXfghJx8zxt+fSy+0eVdAdiWLwI+T7dsDvkIBhu0Ptz0xSyH/w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iev/5AOyRp/8rgOc/DV436gP5hS4tv34DKDhvkvRmns=; b=Xl7bi41CHmTVSanKVKIyiFWd2IcP1lmipRKzxwg/we7Q5VvuDlpZNNct+zJfUvk5g/YOeVhXX8mvtbmTfjSbEZesk94WlsEPdh0sO2BPVvIw4QgP17/CCwM6k6mZuffTqRmWYo7IHudrsc3Fk1lTdOxvbVvARaATfdJYjuHSnE4=
Received: from MN2PR05MB6109.namprd05.prod.outlook.com (2603:10b6:208:c4::20) by BN3PR05MB2627.namprd05.prod.outlook.com (2a01:111:e400:7bb1::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5723.16; Mon, 17 Oct 2022 20:57:31 +0000
Received: from MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::5ff3:5ab3:9b32:4719]) by MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::5ff3:5ab3:9b32:4719%4]) with mapi id 15.20.5723.020; Mon, 17 Oct 2022 20:57:31 +0000
From: John Scudder <jgs@juniper.net>
To: Don Fedyk <dfedyk@labn.net>
CC: The IESG <iesg@ietf.org>, "draft-ietf-ipsecme-mib-iptfs@ietf.org" <draft-ietf-ipsecme-mib-iptfs@ietf.org>, "ipsecme-chairs@ietf.org" <ipsecme-chairs@ietf.org>, "ipsec@ietf.org" <ipsec@ietf.org>, "kivinen@iki.fi" <kivinen@iki.fi>
Thread-Topic: John Scudder's No Objection on draft-ietf-ipsecme-mib-iptfs-08: (with COMMENT)
Thread-Index: AQHY4mUgjr+DtrYTlEms1NwtOyi1ya4TDaGAgAADupU=
Date: Mon, 17 Oct 2022 20:57:31 +0000
Message-ID: <5EC62B52-6D78-4C6C-B316-F974CADAFE23@juniper.net>
References: <166603768760.24237.2356807788720394352@ietfa.amsl.com> <PH7PR14MB5368CF730C72E7227686ADA2BB299@PH7PR14MB5368.namprd14.prod.outlook.com>
In-Reply-To: <PH7PR14MB5368CF730C72E7227686ADA2BB299@PH7PR14MB5368.namprd14.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR05MB6109:EE_|BN3PR05MB2627:EE_
x-ms-office365-filtering-correlation-id: 34ca68d2-b4a3-4cd2-afe0-08dab0823562
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: JXGw+jAxFAfNNB32AO7n4BhFOLyOSpFucGAKo0ErIg/7MGWnjhup4nT+Z+5f1AE/Q7GGwE5BrDcK9mNuUJTSgsojCssDHZGAWGTwnbDXnbA9sjupvzlUUfZVHdCov/8A3+kiG3xygCRuHGvI08reisTdq6vSo99MyQddWuK0DXwoBOe7l4vp2ce9UxtnjMe4pqTlFwaNhTPvImxrkTlJzubkJhEnZTDKbL/hcDgYMYfJyJNzqLd+2Qh3UP/eJR2hmUG9YYMFlKqxvXCB9b88JT6DFMC7WbsQ6KCK0GCG6asEYMwySjd5Kzv5dg3YU6H2pSYxIby0PkdY9cQnlRsHKBtpLHqyGxag4X8F5qkToF2/74tvb8ofGf1/A8N2S0Dv4XueyCaRE9hU7QRsVQhzTEhppnMnbaNu90HvaxDXaZqyet8yD8e1J56s73W6c4zvARXPAFhe0zKUy+qM1rXzRRlpFAj14fcrO3sWVbKEIv1LeOBDo8gBCXEYvF1TNNEQtludncmez6LkzJpvNrlHU6Zm5JSeUsn6qPjZ8Dl2JaHHukZIyskuYikVJxwT/wTM43CEDtd+B8SzQwcyeaPwpLBQqCU0AAdfb8JbZvf+FNDwuxL0eqZhdPsxH/wRtSuNLH7pYFDWUBoeTsPCsHFtKMxbJcCk3EcETLEDO8XmL5gRh4eQvQrh98nSXQGOhOOTVVDLHuUQOwqKWQQUkSM1hABSaqoFB3cwWu+fEnz2ddtxOw3+PdIwtr4JhxjXWFgRq9lRG+MGHThdqivf7Y6drv039XJUSAIkPkYhbNbw0SJloPE6WWGrzV8DPTJoGKeB
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB6109.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(136003)(39860400002)(346002)(376002)(396003)(366004)(451199015)(122000001)(36756003)(38070700005)(86362001)(33656002)(53546011)(64756008)(6512007)(4326008)(66446008)(26005)(6506007)(8676002)(6916009)(5660300002)(41300700001)(66556008)(966005)(478600001)(71200400001)(6486002)(66946007)(66476007)(76116006)(91956017)(8936002)(316002)(54906003)(38100700002)(186003)(83380400001)(2616005)(2906002)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: mq2jYH6QC7w6OpRJc0h32FUo+vlfjz4KMWbxd7i+v6Mfxk5OPv595OoDM66V2lVoUPydI7KAR8GY6hEanm07zgKr7kb57xb76Es3iXDh4V1rIhugq8fr6H9Pql+B37nGfm5PyrzjcUmXYRPc0rRKl7XeiB0+blz2iG5fkhATBgQpQVGsqB1/Ri6Bpxe6hK8MXwz466ykfQ2VNV3AbxQBKdvm66mqxw378q7TUqF/akHDOBuNe4CQfSDJrCj2z2a4ZjNjHdlagzU9Dzfp4NpODBHYxVX9Ry/L8Amo3B0HiIgOjiSECKiawBhZ3hnY4vvcMIpNsVLXA2Uk8x9QWmt2bmIQqnqJz4ayFxku+GrF3ETfH6RG9aFqKza2IoVGC0NOE0cj3+v1NBSK2yxQ1bXc9pW3+yJSUlDBHOr4B1vOG5XpFu63jses7bpETXp87VO3J9w1jNxf6boOgfwQiEn6a3lhApQNluL6adjkj4hxG31DmdyaJwFqSnW2CRixlQ+0afw2XTnUsWWWYsdNqTd/gYOVlnLlpYq/z0qDpk1NZjTPV2Q53kKsH8/Z6rd5ibEdwv5RP32m27KqhTeiljaCgVOdr9VloCfPz3ckgrQS8eu6rVAFf7dd6ddHAxhNpxar9nO4KHiY/qgj6/PXPXUMuP24TfwlQYrQgJIQfRsDlieG3wcpZpJu9rgfLyAsrZW9apizqsnGL5sL2qW2QDh9jfL1iueF8433mR0ik01AVyT3+GgzQdSSzoubZrTahnjcN/1v8DEfIIPnuAk7IWFCHnNj+HhTsNxHa6t1a+HMwcmBl5LwGHtOSFmdt3v/kqrsqw63Iqo8kLhG9sKiKdUC38c5wkIZMr7vSFZa7UjmEjFC+tDNDGaCWPmC7JL0UTP1zjBUOkezcWvWY5hg9/1W2gFtEFXjhnsJWEDEA4DoopgmCOSwoxrUBrp5IVgfZbJdTp9Fg1Obm8p3+zK8QfNCT+w0snh6rkzR0M2qBXfed/gWPjqZTYaPZSk24VGtL0BvOqwMRnBlP4eYOPLyFMIQzD3YQEqc3T8xDiiKz16tw3vUhGTvWQbA2gJC2HvJklpeoPMtzs0nNgz+l2Yx5LG9sgndoKi8JQVgs503woyWsLCWLb2ydf9/ojcUdMXl6jsmQLZYIOotcihNPkkLbwj4w9QG65AL5iG+SMRL5zKA1tE0fOShifsAUQgO6w5egew0IGbBarVp+l5hS2/6O7J65wTeah9aPm/Vei1WNAeLNgp/7ubqeuIKCOOZeJhWUXnE85i0avbPTdhRQb+5aF6DX1fBriRn/TlQrjLEYTCa+PthWUnIFYsC8tReup2WuwvEyg4cNkGI4v8tYHSkQzb78oVnf1mt19qHuoZAt9L+MCUGc2FXKUQeUHp/gtUwHJjk5GPSJgjX3cLUlxfaV16Mp6QjpnMdYrqOnNz3DwaMnOWRzOHgc65YJmjTI70fUa+q9ZvrMwxyMIZ+dU5A4vpqOm81VceWqyrpXslcntTmnR060TBHskeNxE/zaOup6IIDtSkx592ttkIaPzrMsuGo5gVl7hjsMiE4ay8vV0X+pCyD6guxcv7YTZFdqcqG89QS
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB6109.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 34ca68d2-b4a3-4cd2-afe0-08dab0823562
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Oct 2022 20:57:31.3931 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: oxcaWE8TdPfKRWwENpPPfkzotm7Q/UdodNkrryv8z23xBajjSAxNxWTRGHoVB5Bj
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR05MB2627
X-Proofpoint-GUID: quIu2m1_8Kx3Pk6ZyQl310nFxIW90dQP
X-Proofpoint-ORIG-GUID: quIu2m1_8Kx3Pk6ZyQl310nFxIW90dQP
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-17_13,2022-10-17_02,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 clxscore=1011 priorityscore=1501 mlxscore=0 malwarescore=0 spamscore=0 mlxlogscore=999 impostorscore=0 adultscore=0 phishscore=0 bulkscore=0 suspectscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210170119
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/gCHOAiSs7uuAOHOcFH62ON4SbwM>
Subject: Re: [IPsec] John Scudder's No Objection on draft-ietf-ipsecme-mib-iptfs-08: (with COMMENT)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Oct 2022 20:57:40 -0000

Hi Don,

If I understand you right, the answer on the security section amounts to “it’s just the standard boilerplate, John”. ;-) Which is fine — I was really more curious than anything else, there’s nothing wrong about the text in question, it just seems superfluous in this context. 

I’m fine if you want to keep it as written. 

Thanks for the quick reply,

—John

> On Oct 17, 2022, at 4:44 PM, Don Fedyk <dfedyk@labn.net> wrote:
> 
> Hi John
> 
> Please see [Don] inline:
> 
> Thanks
> Don
> 
> -----Original Message-----
> From: John Scudder via Datatracker <noreply@ietf.org>
> 
> 
> John Scudder has entered the following ballot position for
> draft-ietf-ipsecme-mib-iptfs-08: No Objection
> 
> When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)
> 
> 
> Please refer to https://urldefense.com/v3/__https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/__;!!NEt6yMaO-gk!GWDkwYgWBDmuOyF7fu0N7_eVqGssdVMCFEWzoWnh6CvVm7br9S5McKqG16UimDnm5wakihg7EgM$
> for more information about how to handle DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-ipsecme-mib-iptfs/__;!!NEt6yMaO-gk!GWDkwYgWBDmuOyF7fu0N7_eVqGssdVMCFEWzoWnh6CvVm7br9S5McKqG16UimDnm5wak1jfSRXA$
> 
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> # Routing AD comments for draft-ietf-ipsecme-mib-iptfs-08
> 
> ## COMMENTS
> 
> ### Section 4.2
> 
> You have "TFS bit rate may be specified at layer 2 wire rate" and "TFS bit rate
> may be specified at layer 3 packet rate". Shouldn't that be "as", not "at"? I
> did go looking for insight in ipsecme-yang but it just made me think that
> document has the same (looks to me like a) bug.
> 
> [Don] Yes "as" is better. I will make a note for both docs.
> 
> ### Section 6
> 
> I'm a little mystified why "For the implications regarding write configuration"
> considering this is a read-only MIB? (Which the very next paragraph goes on to
> say.) The same applies a few paragraphs down where you talk about "who on the
> secure network is allowed to access and GET/SET (read/change/create/delete) the
> objects in this MIB module" -- isn't it really just who can GET (read) the
> objects? And the same for the "Further" bullet point.
> 
> [Don] We have specified YANG for full control write and read and SNMP MIB in this document for read only viewing of the MIB for backwards compatibility.
> The SNMP versions paragraph is a warning about using SNMP version that are vulnerable.  The text was added as an overall security recommendation, and we did not scope that to read only for this MIB because is a general SNMP security comment.
> 
> Is that explanation OK or would you like to see a change?
> 
> 
> 
> 
> 
> 
> ## NITS
> 
> - s/paccket/packet/
> 
> 
>

v2.23.0 | Report a Bug | By Email