Re: [OPSEC] Secdir last call review of draft-ietf-opsec-v6-21

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Tue, 03 December 2019 11:19 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF7AF1200E6; Tue, 3 Dec 2019 03:19:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=lDf2/mpX; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=sLOLe2ty
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l3s7hYvoU9eO; Tue, 3 Dec 2019 03:19:56 -0800 (PST)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D1401200D7; Tue, 3 Dec 2019 03:19:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1216; q=dns/txt; s=iport; t=1575371996; x=1576581596; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=nwydH8ThBkg6WYpHiwR8vSl7dKaiTqKg1uta9/kadaw=; b=lDf2/mpX1/N+2lzMG7xA+4Ak8vJbFuNizgltS5+dzu8Ox9xCHDB1EKgO zuYSQ3Rjlx/PEv7RfBK0RN4VLM3z49NRn0rJiMEeD97K4UKUHdlOgclms /7x2ZYDcifKzXrj9OCqoqHwVyEhRDQgs5X7IR7ANLcVZeghG1BHMhHORZ s=;
IronPort-PHdr: =?us-ascii?q?9a23=3Axc3/GBcUCtuCCruqnm4P4YR7lGMj4e+mNxMJ6p?= =?us-ascii?q?chl7NFe7ii+JKnJkHE+PFxlwGRD57D5adCjOzb++D7VGoM7IzJkUhKcYcEFn?= =?us-ascii?q?pnwd4TgxRmBceEDUPhK/u/YjIrGs9BWXdu/mqwNg5eH8OtL1A=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DWAQAhROZd/5xdJa1mGwEBAQEBAQE?= =?us-ascii?q?FAQEBEQEBAwMBAQGBfoFLUAWBRCAECyqEK4NGA4p2mmOCUgNUCQEBAQwBAS0?= =?us-ascii?q?CAQGEQAIXgXYkOBMCAw0BAQQBAQECAQUEbYU3DIVTAgEDEhERDAEBNwEPAgE?= =?us-ascii?q?IGgImAgICMBUQAgQOBSKDAIJHAy4BpWwCgTiIYHWBMoJ+AQEFhQgYghcJgQ4?= =?us-ascii?q?ojBYagUE/gREnIIJMPoRggnkygiyQHp4oCoIukUKEFxuCQYwsizaoYwIEAgQ?= =?us-ascii?q?FAg4BAQWBaSKBWHAVZQGCQVARFIxmg3OKU3SBKJAkAQE?=
X-IronPort-AV: E=Sophos;i="5.69,272,1571702400"; d="scan'208";a="385954369"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 03 Dec 2019 11:19:55 +0000
Received: from XCH-ALN-015.cisco.com (xch-aln-015.cisco.com [173.36.7.25]) by rcdn-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id xB3BJt8P030460 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 3 Dec 2019 11:19:55 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-ALN-015.cisco.com (173.36.7.25) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 3 Dec 2019 05:19:54 -0600
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 3 Dec 2019 06:19:53 -0500
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 3 Dec 2019 05:19:53 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UKujt7h9f9/2KqLPtFG3Zyj/K5EhDJXLsvGduG6JVd2B1ccb9wDzfYDTqrfW8DP80zPVfXVKEfVVh7cki4xlp3rd4OjEwkE/FzuCkeLduSxOar6YEvnaogyoOYeH09H/XNM3C/06CnKouN3sz7vpZnsbtMxRge6vETEPdaYLmB4sAr/cE8TkStA2yC7prvzdYHnOTqCsz0JZpxIYJG/PMmL6d+CXjQHtH4VA4DVaTfPZJXOI+I19P+hnB+NsCpvbZbGU5E8cpPM+PGxEO5rtVjxrWQSBO1PpUjDEOfE837ro7N4RxLdJa0utHcGgeEsAbEtQlfQWiBtdBI4qx36X7g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nwydH8ThBkg6WYpHiwR8vSl7dKaiTqKg1uta9/kadaw=; b=EFW7Uh8nboidoAvW9uIlML8+IUVXxHhM+JY8EhNr6f7L0THT47X+5IKkq/BD65tYTTYEJZn7UlHy2djpAf9RIW9ONVS++HHsz0/KD8kTFyH7s0Mnqk2uwILua4vHMs9jX/V85f32trxuws82d8Oyj5vc8uo5BJA9oawAwtTrCDEMy1VAxBPPXW/yFdRCmvcq1P+cgmntrYj/BAbctJkZXj4y1RuWU2meX354/2vBiLbs4mu7+HaTBsaQDL5A5ypiWWe4/NsBYAeUpCLBVebTL1pKSIojPLNN7jhOpMilfmEF3b1jMb3bRnjYU7NMCmMidzcd4LrPPplNlWmFmd25eQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nwydH8ThBkg6WYpHiwR8vSl7dKaiTqKg1uta9/kadaw=; b=sLOLe2tyd/P4zCaauge4wUqG89IzysGpYzW2tX+wfKvJiWxV2uJe1BjvUzkh6DVkSsSQL9B+0anvGmhYgXm19sBcFrXHiGPWw5Ok8sruglHMpO6vPgD17wzv3klypuNEt7e1kNzysJrmHUQhV3aUhh9mWOj8ry4+sX+LEzcYOAM=
Received: from DM5PR11MB1753.namprd11.prod.outlook.com (10.175.88.141) by DM5PR11MB1994.namprd11.prod.outlook.com (10.168.105.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.18; Tue, 3 Dec 2019 11:19:52 +0000
Received: from DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::6c99:679c:82cd:b955]) by DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::6c99:679c:82cd:b955%12]) with mapi id 15.20.2495.014; Tue, 3 Dec 2019 11:19:52 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Linda Dunbar <linda.dunbar@futurewei.com>
CC: "secdir@ietf.org" <secdir@ietf.org>, "opsec@ietf.org" <opsec@ietf.org>, "draft-ietf-opsec-v6.all@ietf.org" <draft-ietf-opsec-v6.all@ietf.org>
Thread-Topic: Secdir last call review of draft-ietf-opsec-v6-21
Thread-Index: AQHVqT0QyzpJyAWuykm/lQI034gl4qeoysqA
Date: Tue, 3 Dec 2019 11:19:52 +0000
Message-ID: <71D1F5A4-C67D-4B1B-84DA-CEC269FA024A@cisco.com>
References: <157531076719.24879.6243454588694388546@ietfa.amsl.com>
In-Reply-To: <157531076719.24879.6243454588694388546@ietfa.amsl.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1f.0.191110
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com;
x-originating-ip: [2001:420:c0c1:36:65a6:1ca9:4607:70e9]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3158de7e-ff74-48bc-3955-08d777e2b7e3
x-ms-traffictypediagnostic: DM5PR11MB1994:
x-microsoft-antispam-prvs: <DM5PR11MB1994263DEB4987D6AB33D88EA9420@DM5PR11MB1994.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 02408926C4
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(346002)(396003)(366004)(39860400002)(136003)(189003)(199004)(6512007)(99286004)(2616005)(446003)(71190400001)(71200400001)(4744005)(91956017)(478600001)(11346002)(6916009)(76116006)(66446008)(66476007)(6486002)(229853002)(25786009)(46003)(86362001)(64756008)(36756003)(256004)(66556008)(66946007)(186003)(14444005)(33656002)(305945005)(81166006)(316002)(58126008)(2906002)(54906003)(81156014)(76176011)(14454004)(5660300002)(6506007)(6116002)(6246003)(6436002)(4326008)(7736002)(8676002)(8936002)(102836004); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR11MB1994; H:DM5PR11MB1753.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: HECLfXSU5WY5fH1O+GHkCmwdTM47eO9+N2oF78IVbfkZUGBIyUUTNoHJY8aHXDtgZXBUyAWTqaCXEoPwxMvPxsWTd875FB9Hzyvjnaa2oCut4xSK2XIlSrfHW/8T+B3jPgmgXeuYcSpgnhAUUlMMPGz2pLmYAv1bTt3SyZ8syxgVEjNa5k0bLfdyRek5XvJKKO7zSZEm2nBYs2NfHum63CPDKiEXQF25TUEFcoW5iX1cgOXbTrCMh7FkoP25dhweILEUCENvoD4keQrjtCgWC42Y5zISFRdWVPk0Z1vlkQ/zONZTbvYSogQuaYfIHC3gJGs5RVOOB+P4mX/UpNHAOGyG7RXQ562wJcC90G/KpJoMj0Pupun9+zOUYRd/i9qI2LZoJs9tmkiPfLeet3qFcpr0zaF08GaSy8I6ro9jrFfqpMXf6YsFSZ3yhITXeYQc
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <514D61D7B6782C4A85292A77F6A94E7B@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 3158de7e-ff74-48bc-3955-08d777e2b7e3
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Dec 2019 11:19:52.6850 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: DfF6iV/OmXLKPE4B/rG5K6q9KtYSDrkLmb7mJoU1ukQoMnKOLMwg7NpXjPjet26MjiNd4g5yv9lA/6nkcxALTQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1994
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.25, xch-aln-015.cisco.com
X-Outbound-Node: rcdn-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/8tBGOUGoGsh7xqi5wWMtuw1Vm58>
Subject: Re: [OPSEC] Secdir last call review of draft-ietf-opsec-v6-21
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Dec 2019 11:19:58 -0000

Thank you very much Linda: this was a long document to read and review ;-)

-éric

On 02/12/2019, 19:19, "Linda Dunbar via Datatracker" <noreply@ietf.org> wrote:

    Reviewer: Linda Dunbar
    Review result: Ready
    
    I have reviewed this document as part of the security directorate's
    ongoing effort to review all IETF documents being processed by the
    IESG.  These comments were written primarily for the benefit of the
    security area directors.  Document editors and WG chairs should treat
    these comments just like any other last call comments.
    
    This document is really good, it summarizes  the IPv6 security issues from
    multiple RFCs. I think IETF should do more of this kind of summary documents
    that collect high lights from multiple RFCs, to make it easier for network
    operators.
    
    Linda Dunbar