Re: [Ntp] Zaheduzzaman Sarker's No Objection on draft-ietf-ntp-port-randomization-06: (with COMMENT)

Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com> Fri, 04 June 2021 08:10 UTC

Return-Path: <zaheduzzaman.sarker@ericsson.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACA3A3A2E5B; Fri, 4 Jun 2021 01:10:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.698, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QQ822gxLkkD9; Fri, 4 Jun 2021 01:10:29 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2062.outbound.protection.outlook.com [40.107.22.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BF173A2E58; Fri, 4 Jun 2021 01:10:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dqMXs4YWM+bQlsRm76m5USWtY2mnScKFnYjvRsBlW+3H5EuzZIIz1bgmQWi/iAQX19W5eBuD8FbtmogZm+CfiMmaXwrANXUjzq5V2CoXuGK345nxFzNYoq24DcbmQCHKON951S8Wrlj7BXfYBdgpZW/qLdLab/KmVLOOhRgpK+aZ5UwfSQgfNe2SXiB0mK5LT5Lxa+fhNf/pnbe3jplWFgqM2yJsG2WIxNgTmooWRHaZI8pPiHJrilBqQPGRJDRo1m+h5ykRRnR7pZ2q4Zu/UWZ6vvTv3B4QBwg+UEZ2/CQo7OAnk651EfbRQftuIuo5ZhjB9jKMiCjjrd1/r7t05Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JLuzNOPghKuqIcZmGyuxyTlfC11OPQ+R2edcQuiTgjA=; b=k5FkvuEsbxzgKt1TfizubKrxdJdCfEkIWopEVdWqBs3kcznrUpga3vloBJ6Tm/vnsZjPgaaXi7tOlH9V5l1lKKymNRnnEqTqUu+DlYEiw36Qxo0dOCaemA2jAC8b6hWNhJ7dJzrzIuc+U+aWTuAVdxbWoLMsyedFj/bFFI+n0wyhHekOAup8tm3XNCIsNm22fssxmSKjdcgLkSXWFuUrO0dhWvjkV73s7iSrr1mYxZ3E355ZSbbtcZKTZ6OG85qmgqCO+P2LSBVM2FlFh+UyjJNafNzzqp+KvMl6J2CwbqW5HooUjoHhpflV1UVZsUQgRzFZCvHG6AvF6fSSBwS02w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JLuzNOPghKuqIcZmGyuxyTlfC11OPQ+R2edcQuiTgjA=; b=QHmWt95DMoutO4PKggPTgoA6Qs+3mKO0piWDuzt+qMsFoPOh3Rt9yaEA8Ol3hCLVzz59logaBfa1zhwSexYNgwDE22HtmYzp+Z0YYtfRr/f23kqE4hpSMsm1UbklgLxxovf/g1+XCVaB4jzGLfz9SHg2GGfgnA0i7PJ05hnbHaU=
Received: from HE1PR07MB4187.eurprd07.prod.outlook.com (2603:10a6:7:98::23) by HE1PR0701MB2171.eurprd07.prod.outlook.com (2603:10a6:3:2c::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4195.16; Fri, 4 Jun 2021 08:10:23 +0000
Received: from HE1PR07MB4187.eurprd07.prod.outlook.com ([fe80::9009:1473:2b0:160d]) by HE1PR07MB4187.eurprd07.prod.outlook.com ([fe80::9009:1473:2b0:160d%7]) with mapi id 15.20.4195.012; Fri, 4 Jun 2021 08:10:23 +0000
From: Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com>
To: Fernando Gont <fernando@gont.com.ar>, The IESG <iesg@ietf.org>, "fernando.gont@edgeuno.com" <fernando.gont@edgeuno.com>
CC: "draft-ietf-ntp-port-randomization@ietf.org" <draft-ietf-ntp-port-randomization@ietf.org>, "ntp-chairs@ietf.org" <ntp-chairs@ietf.org>, "ntp@ietf.org" <ntp@ietf.org>, "odonoghue@isoc.org" <odonoghue@isoc.org>
Thread-Topic: Zaheduzzaman Sarker's No Objection on draft-ietf-ntp-port-randomization-06: (with COMMENT)
Thread-Index: AQHXV7E2ItBBinax5UeG0Mqda5eg8KsDZoOAgAA9wwA=
Date: Fri, 4 Jun 2021 08:10:22 +0000
Message-ID: <359544F5-F0E7-4AFB-9869-3D3AC08C30D0@ericsson.com>
References: <162263963650.31656.11270664318727065542@ietfa.amsl.com> <1c9803b1-2d2a-e645-0760-add872835b4d@gont.com.ar>
In-Reply-To: <1c9803b1-2d2a-e645-0760-add872835b4d@gont.com.ar>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.49.21050901
authentication-results: gont.com.ar; dkim=none (message not signed) header.d=none;gont.com.ar; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [85.238.211.27]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3864a0bc-6d5a-434d-a901-08d9273033ce
x-ms-traffictypediagnostic: HE1PR0701MB2171:
x-microsoft-antispam-prvs: <HE1PR0701MB2171D1D2EE4C7452B00B0BA49F3B9@HE1PR0701MB2171.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Z2ARnp34zBv54CkpPVMxZUllFZzLFKaWXNpEwmjfjD4D8AnBSXDzRKYb5IVfdNbvsO55z/6YR2WbGDrM4ZYnE5xyGZGgIy8gKUZLqMgrGeXIkRwpxSMFWejhW757W7E5/+UzTGr3jq/Xd0wnkxFXFXA+yhKD+1dWJeylzXx/gzCUrbJi1ylhkkLUkBFt9w95DB5gvtv1BmhQQAM4lq6b5gZZL0Q+Hx/NaEga+Rxwtpha11ta9Nd8lpxQVj+ltqEfNOM1Mg+BN0iPpeo9kAnadpNDcSSmOtXMAwLXWByAc0CdqzBvCdhHLuZCZH9+cp0L+tXVkc7yrZk1p2RVfFv9XxszATu4rtUOKYg5v9pU925WCi78RC8cIb4awOliblcROAeaMvfLfc9Ja/efR2TGfa4j/bfc/iX3Pg5UzP1KxX9djAzz+z9TofRvi3IJZ5rDdrBgJ5QugiaZI8bQeIKB3kN43i6MoC0bhWbhq5g6VaVJhoRyMvMYEg0tjZFHeCvIA2z1VqvKlqtzFqSXzBoaIzP+wG3EIwCMaoex+r5voY6ttOkR6UHWzlSw2P/LG1gjdeoYY1VEWjjXOM2f2O54Dah4ANv0ozTRMYTg4jmWLN6amykDy36tdpIdIVa+xTKlTJlKMxP8lds+Tk6miH3D7A5XSmF99OiXHazXKTDzpzMtPaW77qwrJQMUltk16lkYXAsMRbU/c6KTDG9q0l6tnn1yPRvtb8kxpCi7ziIXf6XUCzEL9JTBewUN+oD7W4YaM1Xp63ASMBqb2nX63y8QrA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB4187.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(39860400002)(366004)(376002)(396003)(6512007)(76116006)(71200400001)(53546011)(8936002)(6506007)(26005)(6486002)(38100700002)(122000001)(5660300002)(8676002)(36756003)(2906002)(33656002)(966005)(186003)(2616005)(110136005)(54906003)(44832011)(86362001)(478600001)(316002)(83380400001)(66446008)(4326008)(66476007)(66556008)(64756008)(66946007)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?utf-8?B?UjNjbVNKUXFTSkFiMU1nUUhMRDNTeHFPamdGUWs4bmNlNTRCc0hBVkhaLzBx?= =?utf-8?B?QzZHRDZaUVJPYWFWbThqRmpIZ1JVdlhnQnBiaUtsRldBZnFpNStFK2tVTHpQ?= =?utf-8?B?M1haZ0xHcWs0bGJqZHBtRkpyRHNZbDkwRWVRcVE0a1p1aDRGSGFjNmtpZ1JD?= =?utf-8?B?VWFqZlovNEVTRGh4ZEI2WUdNL29HRTBmRWhjSktuNFZJbmZDcGN3bnRZY3ho?= =?utf-8?B?aHo0U0RueElKc0VrT2J1ejZOWlR2QUlsR0ZZem5hQWJ4ZytML1JnS2VldGJP?= =?utf-8?B?VmVQRmFFZGcvTEdiODNuQWpLQXVlL3Y0RTFEcW5NZFlSWWI5SHE2Q0FucE1t?= =?utf-8?B?UnU5ZHFiU0Zsd01jaXlIT2s5UDEyRFFiSE5QQUI5cGluOXhRZUJZYmtwUWx0?= =?utf-8?B?aFFiQWt2eHY5WE5YTGNxemhTUXpvOTFMRXdqRVNyajE1VGNLUzlDUlpzNkhG?= =?utf-8?B?NHYwVW9WTmpvMHNlOGVPS2xkUXAyZW5BZHRYUWc0NTJkc0krRXNBSUFXTXRs?= =?utf-8?B?LzVDVmRIckpPWXcxRUxhVGtrNDd6THloczNzNzhneHF3dksyZzBBV1NlNXRI?= =?utf-8?B?UUlWZ0wzaEErRnAxQU5objdRZGg1dVZxQXl2N1VIaUxCajljYURkZW4vNVJK?= =?utf-8?B?dk5MeS9nSDE2WjFMU3p5T2VmQ2tNVVJEais0TXVvVlpSMkkyZ2hVMVA2a3NW?= =?utf-8?B?aXUrcndFYVAxekZzU1E1SHUzSUwzZWYyMHZJL2J1UVQyUmU1WkhpcjdlQ0dU?= =?utf-8?B?S3RqemNySENiS0swWThQNkh0ZThvWGNSQ2pSR3pEVm91UG1jVnl1T1JIUldJ?= =?utf-8?B?Qk1aVy83aWwzaXcwU09mYVpZbFo4L0RuK0lOVUt1bFJES2pQbEtKU0FPSWRZ?= =?utf-8?B?bk5GcVJIaDB1VWVSZWpIdXF2dEJISk1pVzBPWXJES1NMR2VzeEN3M1M1MENZ?= =?utf-8?B?dW1uNlgzOFFQQ3RhRU5zbXozbHErc2lnczdBamtZYWsvczhoZjlubUV2S1JC?= =?utf-8?B?a0JtQnRHN242Q2s3Z1N2UVVGZ0NnbGszZ21ZTWlEMTVWeU5aN01aZFV6Um1G?= =?utf-8?B?NlROU3JDY2JhNFhxajR3bjMvODYxeUpvNWVseTl0MS90TjlmU2dpWnhBOXVC?= =?utf-8?B?V0p1bDJLNWtjdXE4NFg4V0FYYTRSWTM2T1A4c01mVnFCaDQwdTRxcWUvV0JS?= =?utf-8?B?dXFnSTRFeGs2cmRPN2kyaW90Z3RNTGRNc3RNa0xOSFhuUXk3MDY1VEhhUDZX?= =?utf-8?B?cFU1c0lWWk1sZ3lDNFR2cVhrVzN0Q1FOZFJnWmNzSmNQMnNwK01aTnhMcktS?= =?utf-8?B?MXpBTnVnQitNcG9idElFSjQ1VmRpaEI2bzNoZ3NDMVhoRlorZDIvNkhScmUy?= =?utf-8?B?M1VUWUpLeFJ5MENwYS9rUW1McVBsNUJPd1pxVWd4MjBCV0swN3dTV3JjOXd0?= =?utf-8?B?QmJER2RGemU3QzlpaWViSkt3bm1HMzU5UVN3ZytEVTNZQTFBQXovb2dCajZq?= =?utf-8?B?U1VxcDJuR0lxdndHMXFta3ZROVM5N25oWC9mM1BLcHRnU1FtMnd1UjRWOTRP?= =?utf-8?B?N2Zqc0FVN2c4Z1g5N09uV1pCMDhER3RiNDlmTVpSSmZ6VGhmUkM5dGNMdHRO?= =?utf-8?B?T0lBTmpBeTE5SC80SWwwNzljYzBOTDFLemdLNElZVGJUb2RyQm0xMkdpU1Rx?= =?utf-8?B?Y24weHZuVnZ2eEZWYml2dUJXaWx1WGxORjNER09zSTIwdWx1WWpkZ3hNSVNI?= =?utf-8?B?Y01pV3R0ZUdQdlBFTmIxVEZCWmwyVUlVbkpGNWVOVHdocjNLUVlpQmFsenJU?= =?utf-8?B?Uk40Z1pkUzg3VkE3aUd3Zz09?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <C5CF896AEF567149962C1784A145C906@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB4187.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3864a0bc-6d5a-434d-a901-08d9273033ce
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jun 2021 08:10:22.8682 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: lTmxvzrhC16e6VSl57EyjEziEo4p/hHBe0WAa8C6QpbaTYT7vZlEFG3WEy5rX5RUuq5ZDP9G37Bx03TeL4tPbJQmvI1VK9InOwIGgxNwYJQpPioYh7v7hY57WZ1+ftxI
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2171
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/Y-Sz29KukBdOULbzdJRclazvpmo>
Subject: Re: [Ntp] Zaheduzzaman Sarker's No Objection on draft-ietf-ntp-port-randomization-06: (with COMMENT)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jun 2021 08:10:36 -0000

Hi,

Thanks for addressing my comments. Please see inline below.

BR
Zahed

On 2021-06-04, 08:29, "Fernando Gont" <fernando@gont.com.ar> wrote:

    Hello, Zaheduzzaman,

    Thanks so much for your comments! -- In-line...

    On 2/6/21 10:13, Zaheduzzaman Sarker via Datatracker wrote:
    [....]
    > I have two observations,
    > 
    >      *   it says "This issue has been tracked by US-CERT with VU#597821, and has
    >      been
    >     assigned CVE-2019-11331." Please provide proper reference to the mentioned
    >     terminologies and assignment.

    Does this look better:

        This issue has been assigned CVE-2019-11331 [VULN-REPORT].


    where:

        [VULN-REPORT]
                   The MITRE Corporation, "CVE-2019-11331", April 2019,
                   <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-
                   2019-11331>.

    ?


Yes, this is somewhat better. I would suggest following

   This issue has been assigned CVE-2019-11331 [VULN-REPORT], CVE is list of publicly disclosed cybersecurity vulnerabilities which feeds the US National Vulnerability Database (NVD) [NVD].

[NVD] https://nvd.nist.gov/ 



    >      *   removal of section 5: I don't think implementation status is a bad idea
    >      to be included in the memo. If not in a section, may be as appendix.

    Typically, these sections are removed (thereś an RFC on the topic). But 
    I wouldn't mind myself to e.g. keep the Implementation Status in an 
    Appendix.

If there is no one screaming at it then that will be a good idea.

BR
Zahed