Re: [mile] Ben Campbell's No Objection on draft-ietf-mile-iodef-guidance-10: (with COMMENT)
"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Tue, 05 September 2017 20:52 UTC
Return-Path: <pkampana@cisco.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2C27132E2F; Tue, 5 Sep 2017 13:52:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.52
X-Spam-Level:
X-Spam-Status: No, score=-14.52 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 59y0CD3FsOYr; Tue, 5 Sep 2017 13:52:11 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BBBBC132E2E; Tue, 5 Sep 2017 13:52:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4775; q=dns/txt; s=iport; t=1504644730; x=1505854330; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=DlCVACezvMdepjRpYtLCRhdKSKdhCRJosdxod1ayVcs=; b=EJYlQU6Dedj9S4oYJOachskhMa5afN9UHUSt7mkgO+2gCPVQ3goM9lLF bj+MuBtUbyEWN4ODdLiegBXZtVsw4N/it0C+sAZicegNs8E3t0FmtwHcP Mpjfpe59kUv41YSJqEtvB0kRy7/Ghn9PbOi+orqce0MeslL5zclHHTXZB s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ChAABiDa9Z/4ENJK1eGQEBAQEBAQEBAQEBBwEBAQEBg1pkgRUHjhCQIYFxligOggQKGAuFGwKEMj8YAQIBAQEBAQEBayiFGAEBAQEDAQE4NAsMBAIBCBEEAQEfCQcnCxQJCAIEAQ0FCIopELQIizoBAQEBAQEBAQEBAQEBAQEBAQEBAQEYBYMqggKBToFjgyiEQgESAQdKhUIFigaWbgKHWYMRiVyCHIVnineUfgIDCwIYAYE4AR84gQILdxUfKoUYHBmBTnYBiFiBIwGBDgEBAQ
X-IronPort-AV: E=Sophos;i="5.41,481,1498521600"; d="scan'208";a="281288988"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 05 Sep 2017 20:52:10 +0000
Received: from XCH-ALN-006.cisco.com (xch-aln-006.cisco.com [173.36.7.16]) by alln-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id v85KqA0I021039 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 5 Sep 2017 20:52:10 GMT
Received: from xch-aln-010.cisco.com (173.36.7.20) by XCH-ALN-006.cisco.com (173.36.7.16) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 5 Sep 2017 15:52:09 -0500
Received: from xch-aln-010.cisco.com ([173.36.7.20]) by XCH-ALN-010.cisco.com ([173.36.7.20]) with mapi id 15.00.1263.000; Tue, 5 Sep 2017 15:52:09 -0500
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Ben Campbell <ben@nostrum.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-mile-iodef-guidance@ietf.org" <draft-ietf-mile-iodef-guidance@ietf.org>, "mile@ietf.org" <mile@ietf.org>, "mile-chairs@ietf.org" <mile-chairs@ietf.org>
Thread-Topic: [mile] Ben Campbell's No Objection on draft-ietf-mile-iodef-guidance-10: (with COMMENT)
Thread-Index: AQHTIRuUryEFmYNF7EmJLWOhTYU8+KKgfFHQ
Date: Tue, 05 Sep 2017 20:52:09 +0000
Message-ID: <c195a782266247f6ae5e96d5f741a38a@XCH-ALN-010.cisco.com>
References: <150404804107.21445.3865722523779300659.idtracker@ietfa.amsl.com>
In-Reply-To: <150404804107.21445.3865722523779300659.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [64.102.56.144]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/i001WkvS2H2CFG_2JbydI5SD0rI>
Subject: Re: [mile] Ben Campbell's No Objection on draft-ietf-mile-iodef-guidance-10: (with COMMENT)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Sep 2017 20:52:13 -0000
Thank you for the detailed review Ben. About the normative language, we went and removed all the uses of uppercase normative language as we are not defining any new requirements for the protocols themselves. We used lowercase language that reiterates the "Informational" draft suggestions this document is making. I expect that there will be text in the Status of the Memo section saying "This document is not an Internet Standards Track specification; it is published for informational purposes." in the published informational doc. Xml2rf was not adding it automatically. Also removed references of 2119. We also rephrased or deleted a couple of sentences that you correctly pointed out were not clear. The rest of the issues and nits you pointed out are fixed as well, except for the RID one because RID was expanded above in the doc. The -11 version will be updated this week. -----Original Message----- From: mile [mailto:mile-bounces@ietf.org] On Behalf Of Ben Campbell Sent: Tuesday, August 29, 2017 7:07 PM To: The IESG <iesg@ietf.org> Cc: draft-ietf-mile-iodef-guidance@ietf.org; mile@ietf.org; mile-chairs@ietf.org Subject: [mile] Ben Campbell's No Objection on draft-ietf-mile-iodef-guidance-10: (with COMMENT) Ben Campbell has entered the following ballot position for draft-ietf-mile-iodef-guidance-10: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-mile-iodef-guidance/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I'm confused by the use of 2119 language in this document. Some of it seems to restate requirements already defined elsewhere. Some of it seems too vague for 2119 keywords (e.g. "SHOULD consider"). The rest seems like BCP material rather than informational, since it seems to say that we recommend people do certain things rather than describe choices and consequences. The latter is reasonable for an informational RFC, but the former belongs in standards track documents or BCPs. I suggest that the 2119 language be removed, the 2119 boilerplate be replaced with something that more accurately describes the intended meaning of MUST and SHOULD, or that you reconsider the intended status. IDNits calls out some issues that should be considered. (e.g. lack of an IANA considerations section.) Otherwise, I have a number of editorial comments: - General: This draft uses a lot of words (and repetition) to convey some very basic concepts. A good part of it could be summarized as "Don't include objects you don't need". Please consider editing for conciseness. - Title: Please expand IODEF in the title. - Abstract: It's only necessary to expand CSIRT on the first mention in the abstract. -1, first paragraph: Please mention the acronym IODEF the first time you expand it. -3, first paragraph: " It is important for IODEF implementers to be able to distinguish how the IODEF classes will be used in incident information exchanges. To do that one has to follow a strategy according to which of the various IODEF classes will be implemented. I don't understand the point of the second sentence. It seems to restate the idea from the first sentence in a more complicated way. -3.3, 2nd paragraph: I have trouble following the first sentence. I _think_ this paragraph seeks to distinguish attempted attacks from successful attacks, without actually using those terms. -4, section title: What kind of considerations? I assume the entire document is about considerations of one form or another. -4.1: s/cary/vary -4.1, 3rd paragraph: "IODEF implementers SHOULD NOT consider using" Does this mean "SHOULD NOT use"? (we can't really mandate what they consider.) -4.4 "SHOULD be treated carefully": That's vague for a 2119 keyword--can you offer more concrete guidance? (Or avoid the keyword?) "SHOULD consider" - also vague. -5.1: It's not clear whether "section 7" refers to this document or to [implementreport]. -5.2: Please expand RID on first mention. s/compteting/competing _______________________________________________ mile mailing list mile@ietf.org https://www.ietf.org/mailman/listinfo/mile
- [mile] Ben Campbell's No Objection on draft-ietf-… Ben Campbell
- Re: [mile] Ben Campbell's No Objection on draft-i… Panos Kampanakis (pkampana)
- Re: [mile] Ben Campbell's No Objection on draft-i… Ben Campbell