Re: [OPSEC] Iotdir early review of draft-ietf-opsec-v6-21

Gyan Mishra <hayabusagsm@gmail.com> Sun, 24 November 2019 07:12 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F05BA1200B4; Sat, 23 Nov 2019 23:12:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0n95ztoBp7SR; Sat, 23 Nov 2019 23:12:08 -0800 (PST)
Received: from mail-io1-xd2f.google.com (mail-io1-xd2f.google.com [IPv6:2607:f8b0:4864:20::d2f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AC9C120025; Sat, 23 Nov 2019 23:12:08 -0800 (PST)
Received: by mail-io1-xd2f.google.com with SMTP id u24so10927541iob.5; Sat, 23 Nov 2019 23:12:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=p4V+A0hdiF5KxObRiMXYlMd1nBAkTXFsUHAS2E7Mvb8=; b=EKIgf5x2vtkmtgrI46xoxjmXxSle0O1pMrIDnmQc0q5uo7GvPRyIsMLfrR9zoKI9U+ iImxoqhhHhrkQAVDIo9QegRldUm/oV3GT+KVZqADxZ5jRU4saLHAJF84Wk6BfoHLJw4p /SvuN9YNHBZiuo/bDAlLMhBIv/WFgEqB37tvLzGD9fwEsVOEhaP5b0j1Ebl4NYF35aOy EANI88cD2Kd8WOAil9nUyH8hK1F8DruhOpJj7uYPQ4qf8pZjMGMVRz5KM2qG2KIk4E+f YjV0Y5QTLEGbXLGFdXjnZ/CzCuPHqa47bzMRy/gImDoxADVoljUv4L+iqb0OPoB6adsR ZNZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=p4V+A0hdiF5KxObRiMXYlMd1nBAkTXFsUHAS2E7Mvb8=; b=jFJXyZNhlGP6hvSpDxYUT4ceGzuSTpbT3h2wA78lyBs6WhleobM23/V5s0rCmmhtSD /EcvBGxq3DtJ+EDrvHWzXlArzUrIrJXdv+Xu95cAgsA7e1rtuFD6Vk5qXVQaWy0OlAoA qiI3cacI31HZbpwBt/5kTAPRPCKqhVvhwaLa7M0VBOCsI71qj4hOg9zuVRHK2sec/2nn 9fu9CyOCe1P0AAplPkPk2uSYshedKgIA/dwI84s12VlUN8TP5YuTkbpYl7n5bVXQ0J7C oVx+MS+3hDWX8WWGAuI9p/i0f6ILzfVIkpiIGJ7j3ODYCc5Mp8Hf89/YF8VQZUThE2or IrZQ==
X-Gm-Message-State: APjAAAVa4ef2+/hRgFkBBaL70l3NeVfm/2dLTK0eo5nC9nfy8PUsuh8F drn8Jtx20R6WKWPPd0XnIItq8AXPUIxzrKqC05I1aF7Y
X-Google-Smtp-Source: APXvYqya3ZbeZywk1SYifAiWheqCdgRWSvED0PQtAzuULqg8mnrQakspsr3tlaaWUaDjA5RFYoocBm1tNZv5yiZZ1oM=
X-Received: by 2002:a02:13c2:: with SMTP id 185mr14404373jaz.0.1574579527302; Sat, 23 Nov 2019 23:12:07 -0800 (PST)
MIME-Version: 1.0
References: <95B1A8FE-A74F-47C3-AC91-66A10B727D32@gmail.com> <D847F62D-D706-4BC9-B9D5-043FFB0D9BD0@fugue.com>
In-Reply-To: <D847F62D-D706-4BC9-B9D5-043FFB0D9BD0@fugue.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Sun, 24 Nov 2019 02:11:56 -0500
Message-ID: <CABNhwV3m1Zei_jAcHNBgwNhUghA7PoN40UqQnV=swK5iZ6zNZQ@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
Cc: draft-ietf-opsec-v6.all@ietf.org, iot-dir@ietf.org, opsec@ietf.org
Content-Type: multipart/alternative; boundary="0000000000006545a70598125d46"
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/C4QdG0Fu5D90d4mpuQuKPK3TLDM>
Subject: Re: [OPSEC] Iotdir early review of draft-ietf-opsec-v6-21
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Nov 2019 07:12:11 -0000

Agreed. We will update the draft to reflect.

This is exactly what I have been looking for in an enterprise setting and I
see it’s authored by ISC.

Thank you for enlightening me.

Gyan

On Wed, Nov 20, 2019 at 4:53 AM Ted Lemon <mellon@fugue.com> wrote:

> On Nov 19, 2019, at 8:12 PM, Gyan Mishra <hayabusagsm@gmail.com> wrote:
>
> See RFC 6853.
>
> https://tools.ietf.org/html/rfc6853#section-6.1
>
> With DHCPV6 all servers are active and that is why there is not any state
> sharing since the pool has to be different and there a a preference option
> as to which server is preferred.  This does go deeper into host
> configuration which is out of scope for this document so will leave out.
>
>
> Right.  What I’m suggesting is that you explicitly recommend using DHCPv6
> servers that support RFC 8156 rather than the less effective solution
> proposed in RFC 6853.  This recommendation will not be actionable for all
> network operators, but it should work well in enterprise settings.
>
> --

Gyan S. Mishra

IT Network Engineering & Technology

Verizon Communications Inc. (VZ)

13101 Columbia Pike FDC1 3rd Floor

Silver Spring, MD 20904

United States

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

www.linkedin.com/in/networking-technologies-consultant