[OPSAWG] AD review of draft-ietf-opsawg-sdi-07
"Rob Wilton (rwilton)" <rwilton@cisco.com> Fri, 17 April 2020 19:27 UTC
Return-Path: <rwilton@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2ECC63A1142; Fri, 17 Apr 2020 12:27:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.599
X-Spam-Level:
X-Spam-Status: No, score=-9.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=cQGl/1C0; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=rY2G33cV
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5CbHLFJs_iJi; Fri, 17 Apr 2020 12:27:10 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65C853A113F; Fri, 17 Apr 2020 12:27:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7084; q=dns/txt; s=iport; t=1587151628; x=1588361228; h=from:to:cc:subject:date:message-id:mime-version; bh=BIvPGCVNu0UHf9dd1ZVuxS+DP7PSpY7RQQCc0f+VKTE=; b=cQGl/1C0QllFEZSHmdv2JRlxQuVCMrFcQgmdDfZYtDqTHsXM0MjePklu nw6Debgp9lAidnvqD7pAlDCTbXQEcHKMgfH2g2OJ2+vjuuMyHw94SYFVr yBVimy8/jOcWiCliJH/SLm4/y8cgY39PfqEanSahNUFeaht1ejJ+Ztfp6 U=;
IronPort-PHdr: 9a23:48heMh8A6EhqAP9uRHGN82YQeigqvan1NQcJ650hzqhDabmn44+8ZB7E/fs4iljPUM2b8P9Ch+fM+4HYEW0bqdfk0jgZdYBUERoMiMEYhQslVdSaCEnnK/jCZC0hF8MEX1hgrDm2
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DUEQDmAZpe/5JdJa1mHQEBOAUFAQIJAYFVgSMvUAVsWCAECyoKh1kDimKWI4RhglIDVAoBAQEMAQEtAgQBAYREAoIPJDgTAgMBAQsBAQUBAQECAQUEbYVWAQuFdBAGGxMBATcBEQGBACYBBA4NGoMFgX5NAy4BA6RgAoE5iGKCJ4MAAQEFhRQYgg4JgTgBgmKJVhqBQT+BEUOHQRqDQoItjlaIXppACoJEmACCVo01jDSPZpxlAgQCBAUCDgEBBYFpIiqBLXAVgyRQGA2VS4pVdIEpjH4BgQ8BAQ
X-IronPort-AV: E=Sophos;i="5.72,395,1580774400"; d="scan'208,217";a="491220941"
Received: from rcdn-core-10.cisco.com ([173.37.93.146]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 17 Apr 2020 19:27:07 +0000
Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by rcdn-core-10.cisco.com (8.15.2/8.15.2) with ESMTPS id 03HJR7sE010288 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 17 Apr 2020 19:27:07 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 17 Apr 2020 14:27:06 -0500
Received: from xhs-aln-003.cisco.com (173.37.135.120) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 17 Apr 2020 15:27:06 -0400
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Fri, 17 Apr 2020 14:27:06 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gcIuoj4lwx5Iobs9IwkTLjJ9KT086OsLYypLYgjvcEnPDFW9QazsJVgf78QiUD3MLs7lqXM3WC6BonmiAMiTM7SANqiG1+oeSRX9Zvy12hYMFrta27FGAuDCHLtgbq87ZhR/o9BsUV9JdsVawH+aElOGgV/ZICqJCzdOoZMHYjyPE5E6IzsLYz6V5UKzdZ7kUlFtkx7+zKVHKKBnkJxM4wwhwxFRFghO7K0Nq222fRNLC+Rrd9v0x/T4VMkBZBhDtPnTGxvjknYd2y8rW2IhWfqRmPfin1GvqHmGwmX0tKB65n3JZIYQvS9hHfw2Xf80qhVEYTT/faWbmU48frmS1Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5+eJlyUNb5aP/AS0sHrkIPayXtuHAe5/meAJEUYoQ8E=; b=PRzU+gDJQJuc0q/khhih5vZRkDlpbVa1n/QYec+GfakyNpfxTiE21K2ehw9eXrGAzmcXKVRwBovaux22cOcXP7tVDEOmtosZzGunR76T0CZltdCajPhGf3CqcXEaq56kXNTYz8nPkpX2frIKv7MEi1mfOUiJAO8PBbZEnQwMf8cvWduNYmqjsxFl/4hMBTf+L+rx5FChFvkbSEP4gF4OX8rvOQQCY8mXDiCXKdh9vE/oKeJaPsmhSgacSLhKxrFH7H+1BVo7dh+OJrSb7yWWqPZ65bXbtgNI9w/GB0n+gd7k9s87FXIj7aoR2P/i1Bq6RwKCsYtft+pOsEgIySkqIA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5+eJlyUNb5aP/AS0sHrkIPayXtuHAe5/meAJEUYoQ8E=; b=rY2G33cV3Qx69RnGufMqyf4C80dhNdCjrZqyBEf6YBf2mdwp3nfhYOVSQf5Cr3m4dC9ID+bNSo52nWlXPml6xGQsJ9tJ0MGOp7sqX+3g7Y5S+7bzg41dB2t0+l1A8Bd9XvJv8Pf1c5w4qox7ycmX3OwcbDNtSxlk8i4IXfpjK2U=
Received: from MN2PR11MB4366.namprd11.prod.outlook.com (2603:10b6:208:190::17) by MN2PR11MB4237.namprd11.prod.outlook.com (2603:10b6:208:195::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.19; Fri, 17 Apr 2020 19:27:05 +0000
Received: from MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::3:2164:a8e2:33b3]) by MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::3:2164:a8e2:33b3%5]) with mapi id 15.20.2900.028; Fri, 17 Apr 2020 19:27:05 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: "draft-ietf-opsawg-sdi.all@ietf.org" <draft-ietf-opsawg-sdi.all@ietf.org>
CC: "opsawg@ietf.org" <opsawg@ietf.org>
Thread-Topic: AD review of draft-ietf-opsawg-sdi-07
Thread-Index: AdYU6mTgDBH0Zc1WReK23fHrm2Dd0A==
Date: Fri, 17 Apr 2020 19:27:05 +0000
Message-ID: <MN2PR11MB4366241337ED934FDC49F024B5D90@MN2PR11MB4366.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rwilton@cisco.com;
x-originating-ip: [82.15.79.32]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4804fac4-4e0e-41ca-18f8-08d7e3055009
x-ms-traffictypediagnostic: MN2PR11MB4237:
x-microsoft-antispam-prvs: <MN2PR11MB42378BB05B37285774CA036AB5D90@MN2PR11MB4237.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0376ECF4DD
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4366.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(396003)(136003)(366004)(376002)(346002)(39860400002)(81156014)(8676002)(6506007)(186003)(86362001)(55016002)(9686003)(2906002)(9326002)(450100002)(8936002)(4326008)(76116006)(6916009)(478600001)(64756008)(66556008)(26005)(66476007)(7696005)(66446008)(66946007)(316002)(33656002)(5660300002)(71200400001)(52536014); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: t8XqGynaDTdAt3pYcS3Ee0GVH2+o/95QhFFQaza6DVEGK+7KL+cK9O7XKw7Epqz6FprU5XKX1Vtnn8fyROugjnwZT9sLZxmL02kIstU3S9ivVsyWVZeAfjEJgzrdGf0qSAuKS4IzoZioO1FCKkAE4ijyIhxy+PDc63cTNHJh5Fc+VuFsEtX+xsVXqMXCpiaUfNouNz9vusYH3W2zC2ga9hGweVL0OTFwWfjmkajpoFd39M+Z4ahNeuMVe0orD0RK4coEhWXjrPUUSIG9lxsfvYy+ZGOhsqovZRoVcKYwp+J3pG2LMWHYVGuiRyGDGVeth1tZrpTu6BtB/Hq3QNbJUpRxPDPJg2Z64mQEgtF1aUWZp/5Xb2RcbBGa021r/d4MvSxnH8eoQ8jhioK0Pjl2kRM9VcP1PIPUkWkIrDfPqC3A0VLqIvPb6s55+/PFuRqV
x-ms-exchange-antispam-messagedata: KyrP9ZDs9fahgIyo9PRPULFefyaP6agQqPXykOcbv5TMYXOOEd4FFDa5Vbg92ZUQBaeIeQ5fN+P5e97xI0jiagjS7+Opklwpuc3f4lsKW2RVHtyKja8IBI2MrjX0n8jOD7YuCPPSfDfZSHNE4dclFA==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MN2PR11MB4366241337ED934FDC49F024B5D90MN2PR11MB4366namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 4804fac4-4e0e-41ca-18f8-08d7e3055009
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2020 19:27:05.1380 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Rs1YBJbC4UBJh3/Xhrd4QZwGeDO/xh8RWQCl6QH8KAjPSYub2LTjQSSFtt56C5JD03PHJPw33Ci1tHgFZX1SgA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4237
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.13, xch-rcd-003.cisco.com
X-Outbound-Node: rcdn-core-10.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/m4an2MuquiQ9c8FqT5mUIujGsYw>
Subject: [OPSAWG] AD review of draft-ietf-opsawg-sdi-07
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Apr 2020 19:27:12 -0000
Hi, Thank you for this work. I found this document informative and both easy to read and understand. I have a one question on this document and a few nits listed below. My main question concerns this sentence in section 3.1: "[I-D.gutmann-scep] is one method which vendors may want to strongly consider." It looks like the IESG comments associated with I-D.gutmann-scep suggests that this is being documented for historical reasons and probably is no longer recommended practice. Hence, I was wondering whether it is appropriate to recommend or even reference it? Nits: Some inconsistency on how the device identifier is referred to. Sometimes it is "unique identifier" sometimes "unique device identifier", perhaps try and unify on a single term? Introduction: I prefer "and/or" to "and / or" that turns up twice. Section 2.1: "and Acme publishes it on their keyserver" => "and acme publishes the public key on their keyserver"? Section 3.1: "may will" => "may"? Section 3.2: "Note that the certificate publication server MUST only accept certificates or keys from the vendor's manufacturing facilities." => This text, or very similar appears in both section 3.2 and 3.1. Section 4.3, "contact" => "contacts", "It able," => "If able," "If this fails" => It could potentially be more clear as to what "it" refers to here, although the diagram below does make it clear. In diagram "give up go home" => "give up, go home" "keylenghts" => "key lengths" "isn't" => "is not"? Regards, Rob
- [OPSAWG] AD review of draft-ietf-opsawg-sdi-07 Rob Wilton (rwilton)
- Re: [OPSAWG] AD review of draft-ietf-opsawg-sdi-07 Michael Richardson
- Re: [OPSAWG] AD review of draft-ietf-opsawg-sdi-07 Warren Kumari