IETF Logo Mail Archive

Re: [netmod] Suresh Krishnan's Discuss on draft-ietf-netmod-acl-model-19: (with DISCUSS)

Suresh Krishnan <Suresh@kaloom.com> Thu, 27 September 2018 05:06 UTC

Return-Path: <Suresh@kaloom.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB5CC130DC5; Wed, 26 Sep 2018 22:06:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=kaloom.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gmsyFbpO8td9; Wed, 26 Sep 2018 22:06:54 -0700 (PDT)
Received: from CAN01-QB1-obe.outbound.protection.outlook.com (mail-eopbgr660120.outbound.protection.outlook.com [40.107.66.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1C9A12F18C; Wed, 26 Sep 2018 22:06:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kaloom.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SalOIMXonIna/fBH/nbSuUrXEl0UPq4KIUlu8SPFFbA=; b=qLliuKl0rxmcjQc34IFS6gLNaO7u8bsSh8SeeakV2sgaejryxc9aGglGHfDD3NZwcSrqSqaAB9wbZo2FvZ5s+IDhfYUeXBDZkWZb/wRhC2pF7lk9NYyi18FQjK04crDJ0VRUfn/q4tk/Atn7AuVO2hCjIgJaBjjnP/q8HKey+R4=
Received: from YQBPR01MB0226.CANPRD01.PROD.OUTLOOK.COM (10.169.141.148) by YQBPR01MB0530.CANPRD01.PROD.OUTLOOK.COM (10.169.143.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1164.22; Thu, 27 Sep 2018 05:06:51 +0000
Received: from YQBPR01MB0226.CANPRD01.PROD.OUTLOOK.COM ([fe80::8dbd:5e3f:40e5:d4e1]) by YQBPR01MB0226.CANPRD01.PROD.OUTLOOK.COM ([fe80::8dbd:5e3f:40e5:d4e1%4]) with mapi id 15.20.1164.024; Thu, 27 Sep 2018 05:06:51 +0000
From: Suresh Krishnan <Suresh@kaloom.com>
To: Mahesh Jethanandani <mjethanandani@gmail.com>
CC: The IESG <iesg@ietf.org>, "draft-ietf-netmod-acl-model@ietf.org" <draft-ietf-netmod-acl-model@ietf.org>, Kent Watsen <kwatsen@juniper.net>, "netmod-chairs@ietf.org" <netmod-chairs@ietf.org>, "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: Suresh Krishnan's Discuss on draft-ietf-netmod-acl-model-19: (with DISCUSS)
Thread-Index: AQHUVh5ASf4H+zAxTUi6AXAMrLwkqaUDk48A
Date: Thu, 27 Sep 2018 05:06:51 +0000
Message-ID: <31264851-1F0E-44D0-9E54-BBBD080F7936@kaloom.com>
References: <153802301104.21537.2286706947979489902.idtracker@ietfa.amsl.com> <A493EEA5-B108-4EE5-8965-EE08CE3B4D4E@gmail.com>
In-Reply-To: <A493EEA5-B108-4EE5-8965-EE08CE3B4D4E@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Suresh@kaloom.com;
x-originating-ip: [45.19.110.76]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; YQBPR01MB0530; 6:2md0iRIPMFkgG8HnWDzy3wLl2v5USOhiaxW27mHJXCoKJNqz/qp+008al6QKjk4TgkphKQXZvCJagwHlZNd25bKwCh0XprIFmnA27HFESsy9PPInIuh21kWkamVzzZoX/PUHrSyHGMasTz5IeN+PSIpcS5wU/gx1QHqCJQGTEYwKW1OsJfNg56SMfOdO5A8652WWU3sgZAgutFOcJ7T1R0d0yfrrhmB6V7BhHgp/xvJm2Kuit0rz1LQsb7s7GSsttChQJUFT9uyuMogH8tUusLzY8bobQr2fsin2rKxWcTvdQfw48EXPG37YiKiYGZn4z5QBxa5hS25XbVv6C3FOT7M9PHx6DugOgVLeNTjyfGZA0TLG0ye3IxL9VdF9jcY1QTIbWCSqUtjzk/219hzKek/afKmo2TqoPL/GVvFNCXSV7wV8zxxUjyeR9HY3p3QIGOvfhhttUJPtgI7SW/CdGg==; 5:CgD28/mH32ZnbwoYZ0EsW8MsIKQLRJiKJlqQIs1zOe4wu9RwEix7dLQ0wLepf81hG2d7KBh4P9qvtuCWkfAsBdckvu+t2aIyRpCRb934k3aggquyF9enkp5ZNwcntvGBwu9Oqqh3wkt53uUxt85M79zzb+KA782H8aM5SWfviyU=; 7:OQfyerm95q9eZ9bOS9GAh8SXULD+nxYBw7HX6zWOIliNw7enBs5AyNd9N0PZkIZ4APx5LmcvFbmNCx10XqTMVc7cHu1kLLsb7WPIDM7v5Mv8hFho6pGGuZwGAhkeSobLQvfdufx8xTbOP4teO4IYhbzNGxU99jjIL5+jXSfzyxvTPZ2EOPqwbr+gEbs9VTCHvHNDIvhyV7vEeoCtMklkywh5OcAedptRByRRtTh9/8F0TtO0948m3xo47RhrJ44c
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 8fdc1751-b7e3-4037-f995-08d624370937
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(7021125)(8989299)(4534165)(7022125)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:YQBPR01MB0530;
x-ms-traffictypediagnostic: YQBPR01MB0530:
x-microsoft-antispam-prvs: <YQBPR01MB05300737AFB88B5EE188F464B4140@YQBPR01MB0530.CANPRD01.PROD.OUTLOOK.COM>
x-exchange-antispam-report-test: UriScan:(120809045254105)(85827821059158);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(10201501046)(3002001)(93006095)(93001095)(3231355)(944501410)(52105095)(149066)(150057)(6041310)(20161123562045)(2016111802025)(20161123564045)(20161123560045)(20161123558120)(6043046)(201708071742011)(7699051); SRVR:YQBPR01MB0530; BCL:0; PCL:0; RULEID:; SRVR:YQBPR01MB0530;
x-forefront-prvs: 0808323E97
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(39830400003)(396003)(346002)(366004)(376002)(199004)(189003)(8936002)(6436002)(1411001)(53936002)(6486002)(6306002)(82746002)(99286004)(5250100002)(6506007)(80792005)(76176011)(97736004)(81156014)(81166006)(14444005)(2906002)(2616005)(256004)(6512007)(34290500001)(71190400001)(446003)(11346002)(8676002)(5660300001)(6916009)(486006)(83716004)(86362001)(71200400001)(476003)(4326008)(102836004)(966005)(72206003)(25786009)(26005)(186003)(68736007)(6246003)(53546011)(39060400002)(14454004)(36756003)(508600001)(7736002)(305945005)(105586002)(106356001)(3846002)(6116002)(2900100001)(316002)(33656002)(66066001)(229853002)(54906003); DIR:OUT; SFP:1102; SCL:1; SRVR:YQBPR01MB0530; H:YQBPR01MB0226.CANPRD01.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: kaloom.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: AcUQMii/2kQF22SYWuqFKCbKZV96hQ0k3IfZ+XZqi+ehegvXslP7RADOJPfaepZItnTp1Scg7/RyFROPFMGLJTW5K6E4TWFAtRt31j2aQRLbIVWIkOcJCHsB7cUdeUcSSja22pJOzkR46QS1xpojn1V8pxJ4ZthK8q9DkgD/hDBOrvMXWtyvgIsZOwjcdgOXAoQSlP4/OgSAjtXKAPjN65moxAY3+A+wfJNY/MtNqfAZgItI1TPo5SQ+v2lfDS73jiun6Zox55GGUu/6ysT+L5rxwOo64LqKwurspAdWFbLV4qG82pjhreigxOe/QO7SrPoRDkRvZZMc6QezF5VH2O0pXSOa+V6LdXvuy5eIOys=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-ID: <F065370FA2CA4244961EB526ABC95FE2@CANPRD01.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: kaloom.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8fdc1751-b7e3-4037-f995-08d624370937
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2018 05:06:51.5343 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 47d58e26-f796-48e8-ac40-1c365c204513
X-MS-Exchange-Transport-CrossTenantHeadersStamped: YQBPR01MB0530
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/G4vKCinJlBulUCQbuTgStCw30bE>
Subject: Re: [netmod] Suresh Krishnan's Discuss on draft-ietf-netmod-acl-model-19: (with DISCUSS)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Sep 2018 05:06:57 -0000

Hi Mahesh,
  Thanks for your quick reply. Please find comments inline.

> On Sep 27, 2018, at 12:57 AM, Mahesh Jethanandani <mjethanandani@gmail.com> wrote:
> 
> Hi Suresh,
> 
>> On Sep 26, 2018, at 9:36 PM, Suresh Krishnan <suresh@kaloom.com> wrote:
>> 
>> Suresh Krishnan has entered the following ballot position for
>> draft-ietf-netmod-acl-model-19: Discuss
>> 
>> When responding, please keep the subject line intact and reply to all
>> email addresses included in the To and CC lines. (Feel free to cut this
>> introductory paragraph, however.)
>> 
>> 
>> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
>> for more information about IESG DISCUSS and COMMENT positions.
>> 
>> 
>> The document, along with other ballot positions, can be found here:
>> https://datatracker.ietf.org/doc/draft-ietf-netmod-acl-model/
>> 
>> 
>> 
>> ----------------------------------------------------------------------
>> DISCUSS:
>> ----------------------------------------------------------------------
>> 
>> This document is missing ACL handling for ICMPv6 (RFC4443) completely. As the
>> ICMP types and codes are different for ICMP and ICMPv6 I think this model
>> should be included to cover ICMPv6.
> 
> I understand that there are many protocols that fall into such a criteria. As has already been discussed, we are offering the minimum set of protocols for which there is a demand, while giving the option to extend it through augmentations of the base model.

I understand where you are coming from but ICMPv6 is not just another protocol. It is a core protocol in the IPv6 protocol suite. Do you know of any systems that support IPv6 acls but not support ICMPv6 there?

> 
> Let us not boil the ocean. As it is, this draft has been in the works for more than 4 years.

This is a very clear and bounded request (i.e. not boiling the ocean). I do not think this will be significant amount of work. If you do feel otherwise, I will be glad to revisit my position

Regards
Suresh

v2.23.0 | Report a Bug | By Email