Re: AD Evaluation : draft-ietf-6man-ra-pref64-06
Lorenzo Colitti <lorenzo@google.com> Sat, 02 November 2019 14:57 UTC
Return-Path: <lorenzo@google.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9213512004E for <ipv6@ietfa.amsl.com>; Sat, 2 Nov 2019 07:57:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.256
X-Spam-Level:
X-Spam-Status: No, score=-16.256 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ym8W0DofR7_y for <ipv6@ietfa.amsl.com>; Sat, 2 Nov 2019 07:57:14 -0700 (PDT)
Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 291BD120025 for <ipv6@ietf.org>; Sat, 2 Nov 2019 07:57:14 -0700 (PDT)
Received: by mail-io1-xd2a.google.com with SMTP id h9so13990369ioh.2 for <ipv6@ietf.org>; Sat, 02 Nov 2019 07:57:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0an/uPnI072dtp4SEPc0LZrnql58vA9orsNIIYR6I3s=; b=ZX7vyrna5DwvR9DyxtGws74228o9UCCkqfjwxdZ7pWtYVvRAVpYNTO7l/5lvInSag1 9zvfYdp73gODtLUyUp/M1G287IvrgflGYZ7vUaLyivr1avqq0+AYej5dSLdCFPYsmv3o kEFQjev5ulx0jDzTSDhITkBGWZB/+tvsoVj4YfC6GfSWCZZPqZxx7aENfeceIT/tQ3Td CvWT64Vfi/TLdHOTF4Rw/RTApqlpGqAdXEh3VFHColC/cCygRVxpZF0djulgTX10+SO5 UXnLAjLwojaQj9YR9jEw3p1lMQWNESrg5lw0q7w4Tft6mEuGbYY170qrG2aS6qEPyWPi WPDw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0an/uPnI072dtp4SEPc0LZrnql58vA9orsNIIYR6I3s=; b=rNVJsjyKA6DuzfP791jamuAxZIEyeNof6qraE9Fg5nxys0qawmQO+/RObYeQRB+HB8 KoOHR/R+fPxtYBHJGlCssIlgrzHV4XLv53P5+3prcrreBNoXAmUgoMJXT/+u9vZg80TD SoCtAnZVcyiR11StWFdK34ITy8DpZit69NBvvWkVxMnEYLkcZ9j6lBlKxXxyMiMEVQYl rmPIXab67gTAlXWhAU5m+RP5f+AUPneGFcAGj1eOsPW2AtWMdf5BWyI2Ni467IS3exvs +b1K8kFcf19UlyrACes0+tZk21grVPD5M65+5lUEGPPuI28QQZtYK+VaknKZ9ufLHbaq /yIQ==
X-Gm-Message-State: APjAAAVkvb4/eqyvE0d8374W3/njHooIxDOsJxBAG4pJ9p6HLfBLy04i b+hx31BUNdqdO9rHPgzOuN5hOcqrL/jgVwpbM3oNbw==
X-Google-Smtp-Source: APXvYqyJE991Tn9rJHqGXu9HdZZrFt35f2tvslfh8JthZxqTmqMvp5U8tMQNQY8/7GvNAaiL20XXVExeMU4O5WVuRKg=
X-Received: by 2002:a6b:3b50:: with SMTP id i77mr16097782ioa.241.1572706632968; Sat, 02 Nov 2019 07:57:12 -0700 (PDT)
MIME-Version: 1.0
References: <F1B31C38-7CDB-4057-A573-D6AF76B264D3@kaloom.com> <CAKD1Yr1vOqTvEsv0oCm+bu7CkFwiyFv8_G1XM+4JAKYLoA21aA@mail.gmail.com> <7E0096AC-9EBC-4D82-AF22-349311EA46CE@kaloom.com>
In-Reply-To: <7E0096AC-9EBC-4D82-AF22-349311EA46CE@kaloom.com>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Sat, 02 Nov 2019 23:57:01 +0900
Message-ID: <CAKD1Yr1pp8qA5ibA6esZUDz1LUPH3FYHiMfNRJjF9qYhhNOX+g@mail.gmail.com>
Subject: Re: AD Evaluation : draft-ietf-6man-ra-pref64-06
To: Suresh Krishnan <Suresh@kaloom.com>
Cc: "draft-ietf-6man-ra-pref64@ietf.org" <draft-ietf-6man-ra-pref64@ietf.org>, IETF IPv6 Mailing List <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000003242ca05965e4c47"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/lHKHeDfh-OAB9Kl1-mKz7W8CWA8>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Nov 2019 14:57:17 -0000
On Sat, Nov 2, 2019 at 1:11 PM Suresh Krishnan <Suresh@kaloom.com> wrote: > On Sat, 2 Nov 2019, 12:49 Suresh Krishnan, <Suresh@kaloom.com> wrote: > >> Please use a documentation prefix, say 192.0.2.0/24, instead of the >> RFC1918 address currently used in the example. >> > > Are you sure this would be an improvement? > > > Yes, I think so :-). Addresses in examples end up being used in real life > far too often. I am not going to insist on this change and I leave it to > your discretion. > Either way is fine by me. I have a mild preference to keep as is. Jen? > "Providing all >> configuration in Router Advertisements increases security by ensuring >> that no other protocols can be abused by malicious attackers to >> provide hosts with invalid configuration.” >> >> This is not strictly true, right? e.g. Someone can still use PCP to >> override the Pref64 information from the RA. Suggest rewording to something >> like this > > > Well, only if nodes implemented the PCP method, which they don't... but > yes, this is true in theory. > > > Given that the PCP method is a IETF defined mechanism and this document > does put it on the top of the pecking order, I think it is better to use > something like the alternate formulation that I suggested. > Your alternative formulation works for me. To be pedantic, though: the text says "providing all configuration in Router Advertisements". If the network is providing "all" configuration via RA, then it's not using PCP, right?
- AD Evaluation : draft-ietf-6man-ra-pref64-06 Suresh Krishnan
- Re: AD Evaluation : draft-ietf-6man-ra-pref64-06 Lorenzo Colitti
- Re: AD Evaluation : draft-ietf-6man-ra-pref64-06 Suresh Krishnan
- Re: AD Evaluation : draft-ietf-6man-ra-pref64-06 Ted Lemon
- Re: AD Evaluation : draft-ietf-6man-ra-pref64-06 Lorenzo Colitti
- Re: AD Evaluation : draft-ietf-6man-ra-pref64-06 Lorenzo Colitti
- Re: AD Evaluation : draft-ietf-6man-ra-pref64-06 Michael Richardson
- Additional Documentation Prefixes (was Re: AD Eva… Suresh Krishnan
- Re: Additional Documentation Prefixes (was Re: AD… Michael Richardson
- Re: Additional Documentation Prefixes (was Re: AD… Brian E Carpenter
- Re: Additional Documentation Prefixes (was Re: AD… Job Snijders
- Re: AD Evaluation : draft-ietf-6man-ra-pref64-06 Jen Linkova
- Re: Additional Documentation Prefixes (was Re: AD… Mark Smith
- Re: Additional Documentation Prefixes (was Re: AD… Brian E Carpenter
- Re: Additional Documentation Prefixes (was Re: AD… Michael Richardson
- Re: Additional Documentation Prefixes (was Re: AD… Suresh Krishnan
- Re: Additional Documentation Prefixes (was Re: AD… Mark Smith
- Re: Additional Documentation Prefixes (was Re: AD… Suresh Krishnan
- Re: Additional Documentation Prefixes (was Re: AD… Suresh Krishnan
- Re: Additional Documentation Prefixes (was Re: AD… Suresh Krishnan
- Re: AD Evaluation : draft-ietf-6man-ra-pref64-06 Suresh Krishnan
- Re: AD Evaluation : draft-ietf-6man-ra-pref64-06 Jen Linkova
- Re: Additional Documentation Prefixes (was Re: AD… Jen Linkova
- Re: [Ext] Re: AD Evaluation : draft-ietf-6man-ra-… Leo Vegoda