IETF Logo Mail Archive

Re: [OPSAWG] AD review of draft-ietf-opsawg-tlstm-update-10

"Rob Wilton (rwilton)" <rwilton@cisco.com> Mon, 06 February 2023 17:36 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17A4DC14CF09; Mon, 6 Feb 2023 09:36:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.596
X-Spam-Level:
X-Spam-Status: No, score=-9.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b="R8hXXMaX"; dkim=pass (1024-bit key) header.d=cisco.com header.b="iIxgPoM+"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gzCylcqmQMjw; Mon, 6 Feb 2023 09:36:22 -0800 (PST)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73604C14CEFE; Mon, 6 Feb 2023 09:36:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=22897; q=dns/txt; s=iport; t=1675704982; x=1676914582; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=8/cMAOQMW0PRkT/P4Qvw/ORt6UWaAJdA/vbTi7SNe1o=; b=R8hXXMaXS8UA/D2jDAqButBA4moY191wCyV50ml3wHlZV3FvGSwYZZ+g MkrzVvRRas0nL7O2+zIj41eEqixASNiELoJa503VceVet/Si5S/CHe1k2 JJF4ajLerOJ1tAqVTMGux70LQiIhSqCxQ6lurYxSeDBfiAYkq3FanDx7+ M=;
X-IPAS-Result: A0AZAADfOOFjmIoNJK1XAxwBAQEBAQEHAQESAQEEBAEBQIE7BwEBCwGBKTFSgQcCWTpFA4gbA4RQX4ghA5wUgSwUgREDVg8BAQENAQE5CwQBAYUHAoUnAiU0CQ4BAgQBAQEBAwIDAQEBAQEBAwEBBQEBAQIBBwQUAQEBAQEBAQEeGQUOECeFaA2GVQEBAQEDEhUGEwEBBzABDQICAQgOAwQBASEHBxsXFAkIAQEEDgUIGoJcAYIWgQwDAQ8Gnk4BgT8Cih94gQEzgQGCCAEBBgQEnx8JBYE7AYh8E4M6hF0nHIFJRIEVQ3mBbj6CYgKBKwESAQccBBsMCQgJg0qCLo8bgjOCaIgxCoE3dYEkDoFGgQsCCQIRc4EZCHgHNgNEHUADCzsyCj8UIQsLSisaGweBBiooFQMEBAMCBhMDIgINDRsxFAQpEw0nJiZDCQIDImIDAwQoLQkfBBwHFREkPAdWNQEFAg8fNwYDCQMCH06BICQFAwsVKkcECDYFBhw0EgIIDxIPBiZDDkI3NBMGXAEpCAMOEQNPgU4EL0OBFwoCBAEpJp48gSwBPTMBSxkBA1IBBByBMA8MGQoFAxEFkyKNfKB2gTYKg3SLXpUuFoN5gVKLEAOGZpEOXpdQgk6LBJRZZIRfAgQCBAUCDgEBBoFPEzprcHAVgyIJSRkPjiALAQ0Jg1CFFI06dQIQJgMCBwsBAQMJi3ABAQ
IronPort-PHdr: A9a23:WubKORIQtXZq3axu2dmcuWEyDhhOgF28FgIW659yjbVIf+zj+pn5J 0XQ6L1ri0OBRoTU7f9Iyo+0+6DtUGAN+9CN5XYFdpEfWxoMk85DmQsmDYaMAlH6K/i/aSs8E YxCWVZp8mv9P1JSHZP1ZkbZpTu56jtBcig=
IronPort-Data: A9a23:TILGfKwf3KBHyca+YnB6t+cOxirEfRIJ4+MujC+fZmUNrF6WrkVSm GRKXTiFOfrfZzOjLYgnYYji9x8O6JDcnYIxQQQ6qlhgHilAwSbn6Xt1DatR0we6dJCroJdPt p1GAjX4BJloCCea/H9BC5C5xZVG/fngqoHUVaiVZUideSc+EH160Ug7xbZg6mJVqYHR7z2l6 IuaT/L3YDdJ6xYsWo7Dw/vewP/HlK2aVAIw5jTSV9gS1LPtvyV94KYkGE2EByCQrr+4sQKNb 72rILmRpgs19vq2Yz+vuu6TnkYiGtY+MeUS45Zbc/DKv/RMmsA9+vsrCdVNQlsOsS2qofUyx IRchK3zQi58a8UgmMxFO/VZOyh6OasD87jdLD3i98eS1EbBNXDrxp2CDmlvYtZeobgxWDoIr KdIQNwORkjra+ae2q26TvVrgOwoLdLgO8UUvXQIITTxUKp/H8+ZHPyiCdlw+Rltnvx8I8fne tsJRgpWcBrteAx9EwJCYH45tL742iagG9FCk3qSvbE+/Gf7zQFt3v7qKtW9UtCQTMtJ20eVu myD+HziCw4VccCb0iaAt2+0iubTkGXyXIY6FbCk+LhtmlL77m8NAQAZVV2TveO0lE+6XNQZI EsRkhfCtoA78EitC9L6RRD9/TiPvwUXXJxbFOhSBByxJrT8vhakKTkvUmd7cP8YkYw6FC0b5 xyCtoa8bdBwi4G9RXWY/7aSiDq9PykJMGMPDRPoqyNYurEPR6lu0nryosZf/L2d1YerR2mhq 9yehG1v2O1I0ZRjO7CToAif6w9AsKQlWeLcCu//cXis6A8xXJSsZpap5DA3Bt4fcd7EFDFtU JX48vVyAcgHCZWL0SeKWuhIQfei5u2ON3vXhlsH83gdG9aFpSXLkWN4uW4WyKJV3iAsImaBj Kj74lg52XOrFCH2BZKbmqroYyjQ8YDuFM7+StffZcdUb556eWevpX8xOBDKhjC3wBF8ycnT3 Kt3l+7xVh727ow6klKLqxs1itfHOwhnnzqIHMCnp/hZ+ePGPiH9pUg53KumN7Bls/zsTPT9+ NdEPMzC0ARETOD7eUHqHX07czg3wYwALcmu8aR/L7fbSiI/QT1JI6GKm9sJJdc695m5Y8+Vp BlRrGcClgqm7ZAGQC3XAk1ehETHAM8i8CtiZXNE0JTB8yFLXLtDJZw3L/MfFYTLPsQ/pRKoZ 5Hpo/m9P8k=
IronPort-HdrOrdr: A9a23:be7o9alTN2L91jVhlppU42ZJNtjpDfOSimdD5ihNYBxZY6Wkfp +V8sjzhCWatN9OYh0dcIi7SdW9qXO1z+8Q3WBjB8bcYOCGghrkEGgG1+rfKlLbalXDH4JmpM Vdmu1FeaDN5DtB/IrHCWuDYq0dKbC8mcjC74q/vhRQpENRGttdBmxCe2Gm+zhNNXB77O0CZf yhD6R81l+dUEVSSv7+KmgOXuDFqdGOvonhewQ6Cxku7xTLpS+06ZbheiLokSs2Yndq+/MP4G LFmwv26uGIqPeg0CLR0GfV8tB/hMbh8N1eH8aB4/JlZAkEyzzYJbiJaYfy/wzdk9vfqmrCV+ O85ivICv4Dq085uFvF5ScFlTOQlwrGoEWSt2NwyUGT0PARAghKTfaoQeliA0PkA41KhqAk7E sD5RPoi7NHSRzHhyjz/N7OSlVjkVe1u2MrlaoJg2VYSpZ2Us4YkWUzxjIiLH47JlOy1Kk3VO 11SM3M7vdfdl2XK3jfo2l02dSpGnA+BA2PTEQOstGcl2E+pgEy82IIgMgE2nsQ/pM0TJdJo+ zCL6RzjblLCssbd7h0CusNSda+TmbNXRXPOmSPJkmPLtBNB1vd75rspLkl7uCjf5IFiJM0hZ TaSVtd8XU/fkr/YPf+q6GjMiq9NFlVcQ6dv/22vaIJyYEUbICbQxG+dA==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos; i="5.97,276,1669075200"; d="scan'208,217"; a="54167271"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 06 Feb 2023 17:36:21 +0000
Received: from mail.cisco.com (xfe-aln-002.cisco.com [173.37.135.122]) by alln-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id 316HaK98016816 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Mon, 6 Feb 2023 17:36:20 GMT
Received: from xfe-rtp-002.cisco.com (64.101.210.232) by xfe-aln-002.cisco.com (173.37.135.122) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.9; Mon, 6 Feb 2023 11:36:20 -0600
Received: from NAM04-BN8-obe.outbound.protection.outlook.com (64.101.32.56) by xfe-rtp-002.cisco.com (64.101.210.232) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.9 via Frontend Transport; Mon, 6 Feb 2023 12:36:20 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=l4xk3NBdgLLriA/2Qjkl8XjfuJCZ19fgaQtLpPBlNtASlyrFG/1ICMBPzu30kstlt7aknj6hfynhS5iHoU89whm5EtvD3k6BluDf6MWZ/sHZr9XRJNjnnzZjmCujUUlt8ow8P/nUcnETPtjrS0TE9S5U0KSyh0q89B9wZL8xXKgWF02fbO7GelqaX/RzQibTzZGuqF62hnh+5YP51JxXuo4IzzT3L9xfNq+8606C0I/xMeZhCzLTmFvmY4D/+r5b+4W9IzDQtY30RysHNhM8I/+YElHje1aR/TdZTRBf8waj1rX/DPLHkQ39rHet5BPQntCXT8NsaDmDnueRaNRtOw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=++aYIfw/hvIxcjhZe1X4liUVVif2a2WmWTUyQgHzI38=; b=NoEOccJ6X5X41bhuT3LN/bKPj51d9F25Pg3tKGSE82HfMeHdL5YnGr6cuThdqKUuCUIp5BXuXWQprqUVeLH8yPek9aQXrU1WP5AZIKPsX31355R732D9Grt/O63l3RNKNJgEPfjpf1tcGhhzv7EJf9KyZ951hPaSI3snR8npZOIqQuoZJDEEQ5lIgdZikH/8Uf16kgJtntQYD0nhK4kWGSMiWbFqkstAySCf15XPVA+sP7Tvu0RKNBYM8vnp2zO7pqToVdtD6mbxio5d6/opXevMTriweODnuMTv0Ge8634ZwyAP7a5oZzvckQXtRAFCuF+pjSNUapnm1L05TOuzpg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=++aYIfw/hvIxcjhZe1X4liUVVif2a2WmWTUyQgHzI38=; b=iIxgPoM+syFueDMHvG8upVQunKDMOdL45AY3ws1hFs8bT9wDiOrpF2kwreHra1JIGyWamMXr2vBKoSy+y5xgn51wdNhvTD0W9oENnGlY623e0MJfF/bdow1vRHPNsZWpr9ZowHoTyBjYztfHj+GT3canlC0n+sLuCRyKg8160KU=
Received: from BY5PR11MB4196.namprd11.prod.outlook.com (2603:10b6:a03:1ce::13) by SA2PR11MB5148.namprd11.prod.outlook.com (2603:10b6:806:11e::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6064.35; Mon, 6 Feb 2023 17:36:18 +0000
Received: from BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::d500:e34:daa8:6946]) by BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::d500:e34:daa8:6946%7]) with mapi id 15.20.6064.032; Mon, 6 Feb 2023 17:36:17 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Kenneth Vaughn <kvaughn@trevilon.com>
CC: "draft-ietf-opsawg-tlstm-update.all@ietf.org" <draft-ietf-opsawg-tlstm-update.all@ietf.org>, "opsawg@ietf.org" <opsawg@ietf.org>
Thread-Topic: AD review of draft-ietf-opsawg-tlstm-update-10
Thread-Index: AdkTw/MQYFAehOIIR4uerqRC6M81FADHRkCACNvdkgA=
Date: Mon, 06 Feb 2023 17:36:17 +0000
Message-ID: <BY5PR11MB4196B7E79B2B16D8A21B89FDB5DA9@BY5PR11MB4196.namprd11.prod.outlook.com>
References: <BY5PR11MB4196AAFB9EE88F039CC30A0BB5E59@BY5PR11MB4196.namprd11.prod.outlook.com> <5EB84798-7A51-4A2D-BF17-59FC93ED6AB6@trevilon.com>
In-Reply-To: <5EB84798-7A51-4A2D-BF17-59FC93ED6AB6@trevilon.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BY5PR11MB4196:EE_|SA2PR11MB5148:EE_
x-ms-office365-filtering-correlation-id: e5508101-12c5-412b-210f-08db0868a6eb
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: V2VpwlO8Z4sAcbwetkCq/ryyZhAUPFQxK4CPp5fVb3vlr87BZYZJBDtxH2I1pOFEWpXDrkIgLsm56dd7RLxW8vwqbfodTMOM1n921OAPw9oOtUprKrCYe3ULpOVvdy+uPrq2gHuNbRc5GI/9fX1blVchdFxTUr1wf4zvG6nhOhWVfGwC58gbezcz8DWJaiXPk3kXHJrOjdt9iOGk/tfF+KjLB8CVhhnDSaM56m63x4piAOHtnXnRu/DHioPK3ESLT3vetrV4MuJYajbZGAy2+tdcZth/RfU7j+EMaHfgUGSbPnaVGFBrdkxHdnjy8W9oCAEuZJ470o9wXuBAQpd8Fq5iUX0HiDV1I3XY+DhIZQQXQE6IfpxBf6lqkYj0XxQEAgQ9r+R6TLq/HdK0RVm8pxJGGnrHnnNGZsDyIs+2eear0ovxG7+NeJKZ1kFOKIRXmvEEAzm8+RsLKqZc7sTpvPJcLmXMxZde/GvSDv2tHtGT9ehXmb+H+5IysIx01QJVB4U2iMpoBTQOgLjzYvr0+1vWHEtuiwjonIVjGj87yWG3pJmaXU7kjtm2Ikl8wRhgbnTjXBE3S65x0WCwajPvtK4zeS4YsEevJvmLqPUWfT2l0vdVxOWVLpwb0Kt5ClT9F48YYwhuZJ4jtccRs8SFF5YMksGVujf7LxBN/R6wl5aQI9Y+YapdKsoNcTBZl3VPDSoaCfjKZXL46FbPVnE2gFQD16xzabk8q7pZJbVAuRk=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4196.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230025)(136003)(366004)(346002)(39860400002)(396003)(376002)(451199018)(41300700001)(66946007)(4326008)(54906003)(76116006)(8676002)(52536014)(64756008)(66556008)(8936002)(66446008)(316002)(6916009)(66476007)(5660300002)(9326002)(166002)(38070700005)(40140700001)(33656002)(86362001)(38100700002)(122000001)(7696005)(9686003)(186003)(6506007)(53546011)(83380400001)(55016003)(2906002)(15650500001)(478600001)(71200400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: DIumFIxgdBwh8mLPjQCGeECTj5x9OlltVbmklLXvCmy6na46fGU/mRZmrgJk1UZdJEhu2MJlaACi8DHZt/oI3qfyASIhuejyeaj8odWA5WxD76IRM5PozXZjdWiTpAS0POpMTLWmvZ4CcWkSCBO6rd/xafEB9M9v6UsqhplAp/OTlfpM/LBScvJQcCSe06f4gdBOh66nnqV0N06SC3KPYImmpgmNDF3o2VYCML1a1NKVvboCv8xNIsNXSyaUg/zDHs9/keUZtXXs2ZFDk2eKh7rrbspnvE4lC7z7QkqQO2NY+nAiul2k0fVv65yXopkPozUf+g6qLrTYuNzUeZJBgwEFjSOh6cWVoApA1uUzQxzqskpzw+a6gmGNlEUT50sw+p5YJe3qSm5p0e7xbg1li2+sg/NCjAk6zCUZbNxOouL3IoFcyfhVNNr8P5anIodRfAkVykq6PuGayAZEaPQigwtJTzKwP8Bq/+nc1kw/Vq0TNHXamaYq+AimblOxLZoTe749JMQFYzT+Nuxfyd388it6FHjsk0DnNkr4s64mSlExqn+3iafCuskzI3mMcACOL7AQvFrnDmMQ/79RqAu9HrA8XsdJqXwZZHxMd0ZW0OqbyXRT86ripmsZgBDsu2x57kbXdeRc9AF3d0D3ixZjt2KKMoqELvpXKisGUgRTnvin8glOf46/CbXyCV//MgGqsc4YjcuisuTZ11/wXymQ0h0nysgkafkobT8gGp3W0JxSf02tQ4xXjh63RzsP6Yriwzd4ZfxlwGaXI7x/XlsfkfQN5rfY3ClHOoffD+2bt4zm7XgEvs7a+uuRsTQA9KJYHdPj6/82+YZPEp/BufIoZFj/8PpkasE48Qj8ynrCDvVaT71kX2ndW2pAMrGqt6esXVsdOt+6MC/p/c3AJeUIlxz8CmnD/mYzm1ijThwAP02w8jA0JuR15atCNJ0+mv1tHetDk2ibn3ehjCnEGAouj6jAMCgRFuNGmqmZ2VtL2VFZfEF3A9alX+5l1sq3inq5RkX5q0jpHmFioxKCkRrO46aMshs5SBP4ezgwyv0WGlcqax2PTCS64L47uHyEMrYYV17/Hj1tKrLXBcC0UfVIkrGylzrhEDC7+CYBH91QnGbgVeDoPBmI5zJ71EnWDF8JZdygk4HyJmqDRvoHE9eTj9iC6NlWdI6T38S3ePTglLsAdgMsvYazyIAjx9MdU1qFQQjB/jhOJsMGHL1UHJd9Of6hET9poyuVge4NHnH8mxqKU+H6aP1dYfetBNpIlSWCNXWdr5nh1JUtD4q8IRATbgg9nDR3UgAKffLvEVffvPs/7nXYCbcpUAp68B8bH9rE1q3uqJZO8VuLKDzwFhCE1nE8aIlzKJyCwG155L1ei4QanHcbZoVxhZUdsry0FYwy8og0KDS1ozFUXJqZpgUC3L+R10voobSpOSpqdAgDLfHbMh0KfQiixLkOBESk6Oh+0ALSEk0rl3hUdV5Q1OBPuggbQE4ztJn13+wf8BBIgYHqjYYtNzO8XdKD8ZRtKm2HER7rfVxP2YVqIoWbWQvUnZYFC6Dt5LpMio3W9G3uUaVYugdfAO40MfcLp6uXEgceYtLy99MTfRRzS2H9dp/zCuG5ePdrZIjpPkTpA4CSP63ip0o21ygUTHD/9B4kpeN0
Content-Type: multipart/alternative; boundary="_000_BY5PR11MB4196B7E79B2B16D8A21B89FDB5DA9BY5PR11MB4196namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4196.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e5508101-12c5-412b-210f-08db0868a6eb
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Feb 2023 17:36:17.2636 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dBbd2JWPGm2TY8cBG/H4S0zzWVNbOAROofcaPvVJpOvQcUFA4vBeVQoAHPfLcBQ/rJXlkzpJwU2SI5p7urntpw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA2PR11MB5148
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.135.122, xfe-aln-002.cisco.com
X-Outbound-Node: alln-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/hPDvJhNSii9XyNDPrOnHS1Gd9Ok>
Subject: Re: [OPSAWG] AD review of draft-ietf-opsawg-tlstm-update-10
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Feb 2023 17:36:28 -0000

Hi Kenneth,

Apologies for the delay in progressing this. -11 is fine.

Just closing off a couple of questions inline below.


From: Kenneth Vaughn <kvaughn@trevilon.com>
Sent: 23 December 2022 15:13
To: Rob Wilton (rwilton) <rwilton@cisco.com>
Cc: draft-ietf-opsawg-tlstm-update.all@ietf.org; opsawg@ietf.org
Subject: Re: AD review of draft-ietf-opsawg-tlstm-update-10

Rob,

Thank you for your detailed comments. Please see my detailed responses inline below.

In general, I accepted the comments and reflected the changes in -11; the only two exceptions are that I did not add any requirements regarding the usage of hash algorithms based on prior WG discussions and I am unclear what issue you had with the editor's address field.

Regards,
Ken Vaughn

Trevilon LLC
1060 S Hwy 107
Del Rio, TN 37727
+1-571-331-5670 cell
kvaughn@trevilon.com<mailto:kvaughn@trevilon.com>
www.trevilon.com<http://www.trevilon.com>


On Dec 19, 2022, at 11:09 AM, Rob Wilton (rwilton) <rwilton@cisco.com<mailto:rwilton@cisco.com>> wrote:

(1) p 4, sec 2.3.  TLS Version

TLSTMv1.3 MUST only be used with
  (D)TLS version 1.2 and later.

It wasn't clear to me exactly what is meant by TLSTMv1.3, and this is the only use of this term.  Could you be more specific here please?
I removed the "v1.3", which was erroneous text from a previous draft.


(2) p 6, sec 4.  MIB Module Definition

          Redistribution and use in source and binary forms, with or
          without modification, is permitted pursuant to, and subject
          to the license terms contained in, the Revised BSD License
          set forth in Section 4.c of the IETF Trust's Legal Provisions
          Relating to IETF Documents
          (http://trustee.ietf.org/license-info)."

Please add the RFC 2119 boilerplate text to this MIB.  E.g.,

    The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
    NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
    'MAY', and 'OPTIONAL' in this document are to be interpreted as
    described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
    they appear in all capitals, as shown here.
Done


(3) p 9, sec 4.  MIB Module Definition

         An SnmpTLSFingerprint value is composed of a 1-octet hashing
         algorithm ...

This description somewhat mixes the definition of what the field is, along with some historical context.  Hence, I suggest that it might be helpful to split the description between what the field is now vs how is was derived.
Change made


It also wasn't clear to me whether there is a restriction that only versions of (D)TLS greater than 1.3 may use an algorithm value greater than 8, and whether that restriction must be stated here.
The WG expressed that the hash algorithm used by the fingerprint did not have to track the (D)TLS usage and the selection is manufacturer specific. Thus, it would seem as if we should remain silent on this issue.

[Rob Wilton (rwilton)]
Okay, makes sense.



Nit level comments:

(4) p 8, sec 4.  MIB Module Definition

Typo, potenitally -> potentially
Corrected


(5) p 15, sec 4.  MIB Module Definition

          certificate, then additional rows MUST be searched looking

Extra line break in the description above?
Corrected


(6) p 27, sec 5.  Security Considerations

  SNMP versions prior to SNMPv3 did not include adequate security.
  Even if the network itself is secure (for example, by using IPsec),
  even then, there is no control as to who on the secure network is
  allowed to access and GET/SET (read/change/create/delete) the objects
  in this MIB module.

Suggest eliding the "even then" since the sentence starts with "Even ..."
Corrected by deleting the "even then"


(7) p 31, sec 8.2.  Informative References

  Kenneth Vaughn (editor)
  Trevilon LLC
  1060 Highway 107 South
  Del Rio, TN 37727
  United States of America
  Phone: +1 571 331 5670
  Email: kvaughn@trevilon.com<mailto:kvaughn@trevilon.com>
Unclear what the comment is

[Rob Wilton (rwilton)]
Sorry, an unfortunately artifact from my comment script, you can ignore it.

Regards,
Rob



Grammar nits from an automated tool:
Grammar Warnings:
Section: 3.2, draft text:
This document does not specify an application profile, hence all of the compliance requirements in [RFC8446] apply.
Warning:  Consider using all the.
Suggested change:  "all the"
Corrected



Section: 6, draft text:
IANA is asked to create a new registry called the SNMP-TLSTM HashAlgorithm Registry in the Structure of Management Information (SMI) Numbers (MIB Module Registrations) Group and to update the proposed URL reference in the above MIB ( listed as "https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml" under SnmpTLSFingerprint), if needed, to accurately reflect its location.
Warning:  Don't put a space after the opening parenthesis.
Suggested change:  "("
Corrected



Regards,
Rob

v2.23.0 | Report a Bug | By Email