Re: [OPSAWG] Mirja Kühlewind's No Objection on draft-mm-wg-effect-encrypt-17: (with COMMENT)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Fri, 02 February 2018 15:19 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0AFB212D950; Fri, 2 Feb 2018 07:19:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4zw_eNCOD3Fj; Fri, 2 Feb 2018 07:19:51 -0800 (PST)
Received: from mail-pl0-x234.google.com (mail-pl0-x234.google.com [IPv6:2607:f8b0:400e:c01::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DDAC012783A; Fri, 2 Feb 2018 07:19:50 -0800 (PST)
Received: by mail-pl0-x234.google.com with SMTP id f4so6404746plr.10; Fri, 02 Feb 2018 07:19:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=K2SCS28/pj2qgPYcmSvr762sLWmD+9sWc3eJGrNJ410=; b=Pz5j9lsANDzR/DrkrFQ81T1x7IFSNexl3/YzPD0feIYMwL/e2oBh+O1dO53EybIRFO JfDWEOzquTTZXGCMQs32oalZAAAOw0s3QiePPqC2CsiVp2BIIvX+Bz9WL8OIVT/wOU34 7GwhQm10zX1TdUhcGQ05LEy2voBvhxIKDM55iKYe7qrBN1uZiNV9WmoSHFxrGjhG3F8v IBQe1kLehbcFUp1rwqou9zkG4ZAGn4h177FjZr3NOYbExVWkO6n4wQomw1LB8lzDjjDl dIdraDgCJ5BhuqcbzRNGQY4EjgJO7GeB7XjZruk/d0v6uApG0RH00iXGfavmMsZL1Snw xtZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=K2SCS28/pj2qgPYcmSvr762sLWmD+9sWc3eJGrNJ410=; b=iBJH/Ds2oSgSWZAxjWaCUz8j5fZ+VbSNpK0hJsJXJOLW9h1+IpWZFkD5dKGDzL3T4f gPsG/XuSYEywAqnJoo3ji8PjCnxvSWvBVyc8wkAGIc3unyasF5qx/2l1zvtEqYEb0iIX 1sm4woBZvqnkrDWCN9rjHNSKZZ/4mP3ztaUDZwGioNvuPH6++bvv/LdNXPw7MO52XNGi NAybAIESdTR6a3fhtkH7Fw70ToEEfRgqR704N8eVUuIb/h7E9CevSCchW5QjEI684Z8l DfZoQA78kvSuxx4MHaF7/lXqTXpqBDohpB+7JIUg+0rdALVlged5w0ooBzV8NPVTIbs5 NVQw==
X-Gm-Message-State: AKwxytehIiotLtx0eey0UTTEk4mKpQqxpg7XNpObaslTzuEm4lJcDbFT jBVTmrxxykiQYdOWQdkY+tBBzSiuLXVYMCTgvzg=
X-Google-Smtp-Source: AH8x224sLel5UjGcRSpYaqEQ09LqhzRHdNrHCoi+dwuZuJbfTki89xDOAtonMPoewHZX6YmxTBXmAe6gkdjyg/IQ6zQ=
X-Received: by 2002:a17:902:d905:: with SMTP id c5-v6mr34655353plz.225.1517584790399; Fri, 02 Feb 2018 07:19:50 -0800 (PST)
MIME-Version: 1.0
Received: by 10.100.186.143 with HTTP; Fri, 2 Feb 2018 07:19:09 -0800 (PST)
In-Reply-To: <151758185228.31857.12460535497311578201.idtracker@ietfa.amsl.com>
References: <151758185228.31857.12460535497311578201.idtracker@ietfa.amsl.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Fri, 02 Feb 2018 10:19:09 -0500
Message-ID: <CAHbuEH5eLoneTrJVGh5-XqhS6_zUtui6O15jG2-16V_2w_7JcQ@mail.gmail.com>
To: Mirja Kühlewind <ietf@kuehlewind.net>
Cc: The IESG <iesg@ietf.org>, opsawg@ietf.org, Warren Kumari <warren@kumari.net>, Paul Hoffman <paul.hoffman@vpnc.org>, draft-mm-wg-effect-encrypt@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/XpF30iSo9jpPf1UmkIv0iVidYeY>
Subject: Re: [OPSAWG] Mirja Kühlewind's No Objection on draft-mm-wg-effect-encrypt-17: (with COMMENT)
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Feb 2018 15:19:53 -0000
On Fri, Feb 2, 2018 at 9:30 AM, Mirja Kühlewind <ietf@kuehlewind.net> wrote: > Mirja Kühlewind has entered the following ballot position for > draft-mm-wg-effect-encrypt-17: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-mm-wg-effect-encrypt/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Really thanks a lot for all the work on this document! I changed my position > from discuss to no objection with these edits now because I think there are > still things that could be improved to make the document more useful. However, > I also think that it is important to publish this document soonish and I don't > think any additional delay would help the message significantly. Thanks, Mirja. I agree. We were hesitant to change the text more after the extensive IESG round of comments since we wanted to keep it close to what people agreed on so this wouldn't take too long to get out if modifications caused problems. Best regards, Kathleen > > ------------------------------- > Old comment for the record: > ------------------------------- > > I would be a 'Yes' because I think this document is very valuable, however, I > think it could be structured better to provide more value. The document is > rather long and has some redundancy due to the structure: while sections 2.-4. > are split based on the type of network operator, sections 5. and 6. are split > based on the protocol layer. Further I think section 2 could be further > extended because there are more cases to cover, also see (section 3 of) > https://tools.ietf.org/html/draft-dolson-plus-middlebox-benefits-03. See for > more concrete and mostly editorial comments below: > > 1) sec 2.1.1: "The definition of a flow will be based on a > combination of header fields, often as many as five for 5-tuple flows > (including addresses and ports for source and destination, and one > additional field such as the DSCP or other priority marking)." > Usually the 5th field is the protocol number; I'm not aware of any load > balancers that look at DSCP...? > > 2) sec 2.1.4 seems to cover two different cases: caching and differential > treatment > > 3) sec 2.1.6. should probably be called "Content Filtering" and "Mobility > Middlebox Content Filtering" should be an own subsection, as parental filtering > is not specific to mobile networks. > > 4) I don't really understand why sec 2.1.7 "Access and Policy Enforcement" is a > subsection of 2.1 "Middlebox Monitoring". Was that on purpose or an error? > Actually I don't really understand the structure of section 2 at all. What's > the difference between 2.1 and 2.2? I would group section 2.1.1, 2.1.2, and > 2.1.3 under Traffic Monitoring and move all other subsections of 2.1 one level > up... > > 5) sec 3 rather describes how encryption is already used and doesn't not really > discuss any effects of increased use of encryption. > > 6) there is quite some overlap between section 2 and 4.1.3. as the problems on > monitoring/troubleshoot are the same for enterprise network and other networks; > the only difference is that in enterprises TLS interception may be acceptable > while it's not for network operators. However, it would still be good to better > align these sections. > > 7) section 6 only describes with information is visible but not how and if this > information is used and what would happen if this information would go away. > > 8) section 7 should be integrated in the introduction because it sets the > context for this document and it's not needed to have read the rest of the > document to understand this section. > > -- Best regards, Kathleen
- [OPSAWG] Mirja Kühlewind's No Objection on draft-… Mirja Kühlewind
- Re: [OPSAWG] Mirja Kühlewind's No Objection on dr… Kathleen Moriarty
- Re: [OPSAWG] Mirja Kühlewind's No Objection on dr… Kathleen Moriarty