IETF Logo Mail Archive

[nfsv4] Roman Danyliw's No Objection on draft-ietf-nfsv4-rfc5661sesqui-msns-03: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 18 December 2019 02:05 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: nfsv4@ietf.org
Delivered-To: nfsv4@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C79A120043; Tue, 17 Dec 2019 18:05:43 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-nfsv4-rfc5661sesqui-msns@ietf.org, nfsv4-chairs@ietf.org, magnus.westerlund@ericsson.com, nfsv4@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.113.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <157663474296.5117.5297432225833522411.idtracker@ietfa.amsl.com>
Date: Tue, 17 Dec 2019 18:05:42 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/1xWoxSRBeMCw9ZvTeckg8muagss>
Subject: [nfsv4] Roman Danyliw's No Objection on draft-ietf-nfsv4-rfc5661sesqui-msns-03: (with COMMENT)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Dec 2019 02:05:43 -0000

Roman Danyliw has entered the following ballot position for
draft-ietf-nfsv4-rfc5661sesqui-msns-03: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-nfsv4-rfc5661sesqui-msns/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I conducted this review in the spirit of draft-roach-bis-documents-00 and the
significant security caveats enumerated in Appendix C.  A big thanks to Sean
Turner for his SECDIR reviews and the authors for incorporating this feedback
where appropriate.

** Section 1.1.  The motivation for the editorial approach taken in this
document is cited as being in [I.D-roach-bis-documents] but there is not such
reference in the document.

** The SECDIR review asked about retaining id-sha1 in Section 14.3.  The WG was
going to be consulted.  What was the resolution?  In the spirit of this focused
review, keeping it REQUIRED doesn’t present an issue, IMO.  However, would
there be a reduced set of algorithms that could be RECOMMENDED in the Security
Considerations?

** Section 21, Per “When DNS is used to convert server names to addresses and
DNSSEC [29] is not available, the validity of the network addresses returned
cannot be relied upon.”, this concern about the fidelity of the DNS information
is a helpful consideration.  It would be worth mentioning/recommending the use
of other DNS technologies such as DNS over TLS [RFC7858] and DNS over HTTPS
[RFC8484] that could provide additional/alternatives confidence mechanisms in
the DNS data.

v2.23.0 | Report a Bug | By Email