Re: [OPSEC] WGLC: draft-ietf-opsec-ipv6-eh-filtering

Ron Bonica <rbonica@juniper.net> Fri, 18 October 2019 15:49 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CF2512004C for <opsec@ietfa.amsl.com>; Fri, 18 Oct 2019 08:49:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rPmNCQxcCDlW for <opsec@ietfa.amsl.com>; Fri, 18 Oct 2019 08:49:12 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C954B12006B for <opsec@ietf.org>; Fri, 18 Oct 2019 08:49:12 -0700 (PDT)
Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x9IFkUvd011342; Fri, 18 Oct 2019 08:49:10 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=JH5QG0izqcGuTy1P4WL4HkpcHnPqxPb2iv92w3fnBSs=; b=cMCtoVfmIcaJGgZAyTZNviYwe1m91LUowRrLS4pQcSRWEzeI7FXRGkwZTRl6JVw/RVdJ uSRVWmUz2VEv3rurRuD9Sg0amYZYVPLih40zGmM3qjcWsA+YywMoKt5BcaR0Sa2/uaEk KucUoDn/gvgbdRIXNmJfo89wUavGeiE50EQ/hfgV5V/whsrGt91+ms68D2OphFVDiG/v dCz9RIlGQBJ6L0UmlNpKnlMaZDRYFEr/oT8vKCnUP31oVdmUgDz5uRl4XiOUUn9eaKWg ABobM3pKkp/bV6HWhm0GUsFYojgzjbBEoeYcKoo9Pdmgj5gu7tKrF6XIErv019hVQpbk 5A==
Received: from nam05-co1-obe.outbound.protection.outlook.com (mail-co1nam05lp2050.outbound.protection.outlook.com [104.47.48.50]) by mx0b-00273201.pphosted.com with ESMTP id 2vqamh8h3w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 18 Oct 2019 08:49:10 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jfPnFfhUUTyVPYgOR4tExqmqs6BnWDYNEHYIILxouEWHtjn5HvJJOYp/MDNSGtFBFSoiQv0+Q66FcuZuj/nBqG2plfFyGMvOtsT+T+y6IcM5RPWFXGAzNMTALQ03x9rjhbEWR42u8iRsnG7IMmuZ0qx0cfUwmdL2rjZ3ZRFky28Zuv72DkxtZZBVD5lZ5r4aCyn2SdUUJoK5iVnBAOF9sphZsbITq5vyoQDkxrMBGDHW3FZ4ErTQMayCSednBiwZvY5BHS82zW/B1MtpekQS4o+44f3Yibexrww0uJNyhxGtKWnxGsTwlReV31Hwue64fkmK3j4iQABm52+y4ItfXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JH5QG0izqcGuTy1P4WL4HkpcHnPqxPb2iv92w3fnBSs=; b=WrjygZNPR+9HMMrJDAkCSCrGi4ffFOvOP4EfdU+mY/m+7N8Jiq61n9+2F0cpMMIHsCOqA0/b8y3mJc9sd74pFF2GEy93Ajp1H2t/Zmoo0yiXOM8BfTXhE5xgAna3NPLOwd2tZQ/p6iCLTFQT+peLaETvePQCdXr3QzjxNqCtB9MwbZdUZXp4h9zzuMfKTua7YyBOnv+Ez1FoeXkimprvw2dyPjJlRLkB2WFk61Qz45e53D7ObV/pRVD87AkpbTSWoRZF8HCw1wGQlyi6zECknujP/HdVmrGr35eUX28Gatx84sF7AqPE45cIF1DF+QoIqhUzIt2YMY71lrZTkthbpw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
Received: from SN6PR05MB5710.namprd05.prod.outlook.com (20.178.7.89) by SN6PR05MB5840.namprd05.prod.outlook.com (20.177.255.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2367.14; Fri, 18 Oct 2019 15:49:08 +0000
Received: from SN6PR05MB5710.namprd05.prod.outlook.com ([fe80::8dbe:b15c:b2ba:5ab4]) by SN6PR05MB5710.namprd05.prod.outlook.com ([fe80::8dbe:b15c:b2ba:5ab4%7]) with mapi id 15.20.2367.016; Fri, 18 Oct 2019 15:49:08 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Bob Hinden <bob.hinden@gmail.com>, "C. M. Heard" <heard@pobox.com>
CC: OPSEC <opsec@ietf.org>
Thread-Topic: [OPSEC] WGLC: draft-ietf-opsec-ipv6-eh-filtering
Thread-Index: AQHVhcR7BTUYPZznMkKLF87MBaBWyqdgg4sAgAAH+EA=
Content-Class:
Date: Fri, 18 Oct 2019 15:49:07 +0000
Message-ID: <SN6PR05MB5710AD0469434BA7791EF816AE6C0@SN6PR05MB5710.namprd05.prod.outlook.com>
References: <CACL_3VGnhQNHXY+fB+BdFG+MqH3Hv+0iwoHOEWn-KkHOcS9iOg@mail.gmail.com> <2731CA86-139F-4004-B9DB-0F43729403E7@gmail.com>
In-Reply-To: <2731CA86-139F-4004-B9DB-0F43729403E7@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbonica@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-10-18T15:49:05.9899644Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=c9087c80-5daa-4923-806d-2d34b1a75853; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic
dlp-product: dlpe-windows
dlp-version: 11.2.0.14
dlp-reaction: no-action
x-originating-ip: [66.129.241.11]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 44bdd2fe-8d35-401b-62d9-08d753e2b62a
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: SN6PR05MB5840:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <SN6PR05MB58402E9B335909E6E87357A7AE6C0@SN6PR05MB5840.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 01949FE337
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(396003)(39860400002)(366004)(136003)(346002)(189003)(199004)(13464003)(14454004)(66066001)(8676002)(966005)(86362001)(81166006)(81156014)(7696005)(8936002)(316002)(76176011)(6436002)(486006)(102836004)(6246003)(25786009)(26005)(6306002)(55016002)(9686003)(6116002)(33656002)(3846002)(52536014)(11346002)(446003)(76116006)(66476007)(66556008)(64756008)(66446008)(229853002)(186003)(66946007)(6506007)(53546011)(478600001)(5660300002)(4326008)(476003)(7736002)(110136005)(14444005)(256004)(305945005)(2906002)(99286004)(74316002)(71190400001)(71200400001); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR05MB5840; H:SN6PR05MB5710.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: BRiI7kvkPOeIEgrhIJpBkI5hqtQ32gdlOwhE+xLFKne/fEFlnTV7c21cWPvR606ZimdDiYb/eUQ4HieGmlLrLsrZjqyMS1Pj/ietpEKw6tZ8sNzu+OGGiXvNepC0FF60oIagNNpcd3eQluZ3Jtm5JjcJtHH6o+zOXDJlEu+ta8zBcel+vhtMi1SIQyD9mzNXatAA8yPMPosIcOZFWrPhV1BinkV2//nUnSzZLQQudYtgyBiIUy/irNEDjeAXMzCOUETmMz5fTtrwtjwbmcbkNFOColIdbM/JiQqTW7sgEm1YMzw8C+M55naBoXrlU8wbZjD9LHJ7Wf2pPXkN3xvobbQ41LqxlWQYwAEXbiggB6pCOlg8JNcayIhs4TneZ40kOHefWF3CNrLHg4FC0zIeIWpCp0/tucM9ChT2/C6FnBbTkuGZXtJsKJrUUEhgc9uFh2ZSb97Hd/qxABUzz77j8w==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 44bdd2fe-8d35-401b-62d9-08d753e2b62a
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Oct 2019 15:49:07.8620 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: IvjWOQmoNUlZopBsatrO65Phb+DufELH4c07T3uceIqIgJmk8XhPLmUbMi2Uc4/7AFBGBWjxBEIEQcNpry/Qpw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR05MB5840
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-10-18_04:2019-10-18,2019-10-18 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 lowpriorityscore=0 clxscore=1011 phishscore=0 mlxlogscore=999 impostorscore=0 suspectscore=0 adultscore=0 bulkscore=0 spamscore=0 mlxscore=0 priorityscore=1501 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1908290000 definitions=main-1910180142
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/50egA64vDpX-ZDA_syx9DQXSKDM>
Subject: Re: [OPSEC] WGLC: draft-ietf-opsec-ipv6-eh-filtering
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Oct 2019 15:49:16 -0000

Let the discussion begin !

                 😉
                    Ron



Juniper Business Use Only

-----Original Message-----
From: Bob Hinden <bob.hinden@gmail.com> 
Sent: Friday, October 18, 2019 11:20 AM
To: C. M. Heard <heard@pobox.com>
Cc: Bob Hinden <bob.hinden@gmail.com>; Ron Bonica <rbonica@juniper.net>; OPSEC <opsec@ietf.org>
Subject: Re: [OPSEC] WGLC: draft-ietf-opsec-ipv6-eh-filtering

I agree with Mike.  Without a discussion of the issues raised and how to resolve them, I think it’s premature to start a w.g. last call.

I also note that the draft expired January 3, 2019, over eight months ago.

Bob


> On Oct 18, 2019, at 7:58 AM, C. M. Heard <heard@pobox.com> wrote:
> 
> The document (version -06, expired 2019-01-03) is unchanged since last year's IETF last call that started in November 2018. That version drew a lot of substantive comments that have not been addressed (see thread starting at https://mailarchive.ietf.org/arch/msg/ietf/KKyXXrvHa5r5mNcqlu_CbkktQmY). Isn't a WGLC without any discussion of these issues (not even to dismiss them) somewhat premature? Would it not be more appropriate to comb through the last call threads, extract the substantive comments, and make a considered decision what to do about each, possibly after submitting a new version without changes to un-expire the document?
> 
> As a reminder, one of the substantive objections raised was that the document recommends blanket discarding of unknown next header values, violating RFC 7045. Expect this to come up again as both a technical and process issue if it's not fixed (for the latter see Brian Carpenter's comments in https://mailarchive.ietf.org/arch/msg/ietf/c0DyXd_rLtMCrHQ3NmmRRGe7Z-A).
> 
> Mike Heard
> 
> On Thu, 17 October 2019 15:18 UTC Ron Bonica wrote:
> Folks,
> 
> This begins a WGLC on draft-ietf-opsec-ipv6-eh-filtering. Please post your comments by 10/31/2019.
> 
>                                                        Ron
> 
> 
> 
> Juniper Business Use Only
> 
> _______________________________________________
> OPSEC mailing list
> OPSEC@ietf.org
> https://www.ietf.org/mailman/listinfo/opsec