[OPSEC] RtgDir review: draft-ietf-opsec-urpf-improvements03.txt
"Bocci, Matthew (Nokia - GB)" <matthew.bocci@nokia.com> Wed, 21 August 2019 13:30 UTC
Return-Path: <matthew.bocci@nokia.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F00A5120A7D; Wed, 21 Aug 2019 06:30:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9wdi0RTr_Ve7; Wed, 21 Aug 2019 06:30:09 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on070d.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1e::70d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1203120A63; Wed, 21 Aug 2019 06:30:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FSMR7lbo0FhQOsbhsdSUWH7N8/eIyQeGpnutLk2QwiQWzZWrBhDrgDF3rLZHX3AsK66XnoJM98Or0o3bqpYez4XrcKJruPE0r48rutVlsyJKvOTPleSiQLJz/57a8Xu7BJUoIF1tHAhCdF4AxCjlgcDeVIiqEnPAzfbbyY5jL4ou9KfgkAXlp66A3kvLsMLo93jNjU38jzNFgDjAVWNJbARdzXPLDm6QtCAreQIvEOg1zPhsTQjfFSa3Rr1RpAiIzxxGV41IF3wrtZnLlG+++NC9UgTpo6z1fNvVonvM2fj3L6VX0XD2TDeWuJZig0QjUesY3KvZIKhTt2M4Ir5tkw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bUvOJINsKwWIzGKewbGV8msYMbPx3EdLxnaHd6aEd/Q=; b=dlXwUqo40q0P0smJK3X78CqA2XOy/rWBBwbO1IxvcKpMFoI+GKQ80hXY+x0loggCx6HdVT2SiBBU0zL6NP/KrOd8COoSeQAX4wviAGqX6xo7D9CG+TwR/fXUYonSCUU3UlAmhHuBdR296E48B6i+Rcsi+9j2tYH7Vo8TiZ8RdilfkOgELzFz6BpWKA5+FHqHLUVD8qOm1x1dbL89gm5GXaGtsoWKgbOJKG1DSlPGmmg+CACKdI9AQo5Ehl00Q52OMO2buKyEhD9StADFXMVOtCLj4Hm5MBc3l8RCWZVEkoruKL+9a+Y7DFz1dpUIaF8FE9kvEHdZfPKpjC7X8E/fEA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bUvOJINsKwWIzGKewbGV8msYMbPx3EdLxnaHd6aEd/Q=; b=RmJMfzfmKU7m+bVP4UMDgBFZ7QNvalPQB/thvPLz/ZCBor5wZRdYT/kZf38NyBj/STNCi6YLLhH0sOXU+kewKtiLLW2hn/6NVn4f2pMoxcwfQq8TRwYKY/b0mkEqnBlgCx5h+gokrOlcf4PdRcirMvg+Qg3cDtYCKXmhnHcfwtI=
Received: from DB7PR07MB4106.eurprd07.prod.outlook.com (52.134.103.159) by DB7PR07MB5093.eurprd07.prod.outlook.com (20.177.194.210) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2199.12; Wed, 21 Aug 2019 13:30:06 +0000
Received: from DB7PR07MB4106.eurprd07.prod.outlook.com ([fe80::3151:b68c:7099:3583]) by DB7PR07MB4106.eurprd07.prod.outlook.com ([fe80::3151:b68c:7099:3583%6]) with mapi id 15.20.2199.011; Wed, 21 Aug 2019 13:30:06 +0000
From: "Bocci, Matthew (Nokia - GB)" <matthew.bocci@nokia.com>
To: "rtg-ads@ietf.org" <rtg-ads@ietf.org>
CC: "rtg-dir@ietf.org" <rtg-dir@ietf.org>, "opsec@ietf.org" <opsec@ietf.org>, "draft-ietf-opsec-urpf-improvements@ietf.org" <draft-ietf-opsec-urpf-improvements@ietf.org>
Thread-Topic: RtgDir review: draft-ietf-opsec-urpf-improvements03.txt
Thread-Index: AQHVWCSLk+WxzCivaUqM/Uc+Pc7zTg==
Date: Wed, 21 Aug 2019 13:30:05 +0000
Message-ID: <695D6B79-C68C-47FB-9950-CE50233E9BDC@nokia.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1c.0.190812
authentication-results: spf=none (sender IP is ) smtp.mailfrom=matthew.bocci@nokia.com;
x-originating-ip: [81.108.178.133]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0d64aa5c-6153-47ef-17ee-08d7263bae0c
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600148)(711020)(4605104)(1401327)(4618075)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7167020)(7193020); SRVR:DB7PR07MB5093;
x-ms-traffictypediagnostic: DB7PR07MB5093:
x-microsoft-antispam-prvs: <DB7PR07MB50939FB19FFFB967E93C0A0BEBAA0@DB7PR07MB5093.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0136C1DDA4
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(39860400002)(376002)(346002)(366004)(136003)(396003)(199004)(189003)(4326008)(6916009)(55236004)(2351001)(71200400001)(71190400001)(54906003)(450100002)(486006)(316002)(478600001)(5640700003)(33656002)(36756003)(26005)(58126008)(102836004)(6486002)(2616005)(6436002)(25786009)(86362001)(66066001)(476003)(9326002)(14454004)(186003)(14444005)(256004)(8936002)(5660300002)(66476007)(66556008)(8676002)(54896002)(81166006)(81156014)(66946007)(76116006)(2906002)(6306002)(99286004)(2501003)(7736002)(66446008)(53936002)(3846002)(6116002)(64756008)(91956017)(6512007)(6506007); DIR:OUT; SFP:1102; SCL:1; SRVR:DB7PR07MB5093; H:DB7PR07MB4106.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: nokia.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 8EtK52wpSJsZDuIf81mcpJ9DTO1ZnQ7725lOWsS2yZhVaRAu76+2cmzxsfPXE9ChA5c3gEJ453cG0fZih9fgBjsIGUdE1wUNGDEF7Km8do+MSC9SuuSZE4pVjSB1E8RFurt4Uba8ajHu1/IRu+v9HN3yDmL53awda2cC51GybZsVFhZ28n7hmE8K+tO7/QHJLXX7Gzsajl16w7aafANeFvP65rpMkdtGcChPFAXGoJgYErA7DEoC0Jj+KwePsP5uffA5ryFx4gAPDbktQN+5KiglVhdPxGbHn0AQmQArCDLohKNXfEL9Y0qIf/6wch8aOH7PiKntv7WdWUdHWbyDy8wg0sSRivqOGFh7amNB0DEqNt+BQXTrlVVCVA5fBdY/WBrURAMe8wSqwc20V3faU5GVXMk8sIGEcaQ929AUpbY=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_695D6B79C68C47FB9950CE50233E9BDCnokiacom_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0d64aa5c-6153-47ef-17ee-08d7263bae0c
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Aug 2019 13:30:06.0399 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: TcQDsLCqbwgtVEg8QMe7nv+HZQwk+MMpHFva/DjT94ZxBFPiSyYdSDHXvx37n/7uULNUqP1DV/oxy3vYitXH6Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR07MB5093
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/Gq2Ata6kCuPv8R7qTnmiyLmYs0Q>
Subject: [OPSEC] RtgDir review: draft-ietf-opsec-urpf-improvements03.txt
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2019 13:30:17 -0000
Hello, I have been selected as the Routing Directorate reviewer for this draft. The Routing Directorate seeks to review all routing or routing-related drafts as they pass through IETF last call and IESG review, and sometimes on special request. The purpose of the review is to provide assistance to the Routing ADs. For more information about the Routing Directorate, please see http://trac.tools.ietf.org/area/rtg/trac/wiki/RtgDir Although these comments are primarily for the use of the Routing ADs, it would be helpful if you could consider them along with any other IETF Last Call comments that you receive, and strive to resolve them through discussion or by updating the draft. Document: draft-ietf-opsec-urpf-improvements03.txt Reviewer: Matthew Bocci Review Date: 21 August 2019 Intended Status: Informational Summary: I have some minor concerns about this document that I think should be resolved before publication. Comments: Generally, I found the draft quite readable, with a clear explanation of the problem statements and solutions as well as the trade-offs on the implementation. However, I have one minor comment and a nit. Major Issues: No major issues found. Minor Issues: Terminology: The document expands 'uRPF' as 'unicast reverse path filtering'. However, I believe that uRPF commonly means 'unicast reverse path forwarding' (see RFC3704 and most vendor documentation). "Ingress filtering" is the general concept and "reverse path forwarding" the specific algorithm. Did the authors intend to use a new term, and if so why? Nits: Section 2.5: "...separate from the global Routing Information Base (RIB) [Juniper][RFC4364]." VRFs are supported by most vendors so I think it is sufficient just to reference RFC4364.
- [OPSEC] RtgDir review: draft-ietf-opsec-urpf-impr… Bocci, Matthew (Nokia - GB)
- Re: [OPSEC] RtgDir review: draft-ietf-opsec-urpf-… Sriram, Kotikalapudi (Fed)