IETF Logo Mail Archive

Re: [OPSEC] WGLC for draft-ietf-opsec-v6

Ron Bonica <rbonica@juniper.net> Mon, 17 April 2017 20:11 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BBB2129458 for <opsec@ietfa.amsl.com>; Mon, 17 Apr 2017 13:11:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7ygSm3Ju6ZOB for <opsec@ietfa.amsl.com>; Mon, 17 Apr 2017 13:11:12 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0135.outbound.protection.outlook.com [104.47.37.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B25E6129454 for <opsec@ietf.org>; Mon, 17 Apr 2017 13:11:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=e5GrCXNtCGJZi/1jQyMgJcvRM5FdITaUf3ohFekd8ks=; b=hu7StuPofcu1sgrCKsLYqTXC6B34P/QRVLZb8rgvUV8P45QKb91B9M584uzXEL+XOJJrOjLLkiiKYEbb6UXGNpKhkiHwoK302X3MqJ0jDNQEsodRNMFBO4CjqsM7g0nPPSU7LE8mabvQMNgNi1jgY40u0DX7WqbBz0t5CWfc1Fk=
Received: from BLUPR0501MB2051.namprd05.prod.outlook.com (10.164.23.21) by BLUPR0501MB2049.namprd05.prod.outlook.com (10.164.23.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1047.6; Mon, 17 Apr 2017 20:11:11 +0000
Received: from BLUPR0501MB2051.namprd05.prod.outlook.com ([10.164.23.21]) by BLUPR0501MB2051.namprd05.prod.outlook.com ([10.164.23.21]) with mapi id 15.01.1047.006; Mon, 17 Apr 2017 20:11:11 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Gunter Van De Velde <guntervandeveldecc@icloud.com>, "opsec@ietf.org" <opsec@ietf.org>
Thread-Topic: [OPSEC] WGLC for draft-ietf-opsec-v6
Thread-Index: AQHSs1/wtwa3CP4FW0+mXO4vHe5YGKHKAuGQgAACK6A=
Date: Mon, 17 Apr 2017 20:11:11 +0000
Message-ID: <BLUPR0501MB205147EC906A1307873E0645AE060@BLUPR0501MB2051.namprd05.prod.outlook.com>
References: <55cb757e-ee2d-4818-9fc2-67d559006f34@me.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: icloud.com; dkim=none (message not signed) header.d=none;icloud.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.241.13]
x-microsoft-exchange-diagnostics: 1; BLUPR0501MB2049; 7:ZekIuxMi6CbwFQTbgDUzfF6Kt68v3V+j6bEG3zAQhaue22425ofx8uC8dL7NQF1K1W3mzFEDhUPKsiqCfHEHcja6IOjat6ZCUstI51W/NlNTmwZKTmWyiI3LSrvK/bvITj4srsfCt79S8hyFx2msvOCg/CmTi2eo8Yv+kXubrSFoY/s8cR0+HgwrEVMQuchY4fW3v5N1YjaA9K9wo5JRJ7FSHfaYWFTEWEeRNoQlJZSIRcuq0zlcb+kqqnHuw6GlyTB5AuV3o9LZ00eH76ZBzvnZABh5F5AhmSPX+S+8nDopkIyUay9lH8NQ7dvRkJsFsLnWnKJ77Hk65e1EZVdcuw==
x-ms-office365-filtering-correlation-id: 8f4cacdf-84eb-4d06-e121-08d485cde473
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081); SRVR:BLUPR0501MB2049;
x-microsoft-antispam-prvs: <BLUPR0501MB2049B7D8F63AFF56C849C61AAE060@BLUPR0501MB2049.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(84792000423722)(788757137089)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(5005006)(8121501046)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(6072148); SRVR:BLUPR0501MB2049; BCL:0; PCL:0; RULEID:; SRVR:BLUPR0501MB2049;
x-forefront-prvs: 02801ACE41
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39400400002)(39850400002)(39410400002)(39860400002)(39450400003)(39840400002)(377454003)(77096006)(6306002)(9686003)(8936002)(5660300001)(54896002)(236005)(6246003)(74316002)(2900100001)(81166006)(99286003)(6436002)(8676002)(3660700001)(790700001)(3280700002)(86362001)(19609705001)(606005)(3846002)(8666007)(6116002)(102836003)(53936002)(7736002)(7906003)(7696004)(76176999)(55016002)(2501003)(53546009)(66066001)(230783001)(25786009)(38730400002)(33656002)(6506006)(2906002)(50986999)(54356999)(101416001)(229853002)(189998001)(39060400002)(122556002); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR0501MB2049; H:BLUPR0501MB2051.namprd05.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BLUPR0501MB205147EC906A1307873E0645AE060BLUPR0501MB2051_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2017 20:11:11.3046 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR0501MB2049
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/IAmER2_Y0af-DGM3x3LRE8TRFD8>
Subject: Re: [OPSEC] WGLC for draft-ietf-opsec-v6
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Apr 2017 20:11:15 -0000

Also, the contents of 2.2.3 are covered by the following text from rfc 2460bis:

         "If the first fragment does not include all headers through an
         Upper-Layer header, then that fragment should be discarded and
         an ICMP Parameter Problem, Code 3, message should be sent to
         the source of the fragment, with the Pointer field set to zero."

Maybe you can drop Section 2.2.3 and replace it with a pointer to RFC2460bis?

                                   Ron



From: Ron Bonica
Sent: Monday, April 17, 2017 4:03 PM
To: 'Gunter Van De Velde' <guntervandeveldecc@icloud.com>; opsec@ietf.org
Subject: RE: [OPSEC] WGLC for draft-ietf-opsec-v6

Hi Gunter,


I support publication of this draft, but see a small problem in Section 2.2.2. In Section 2.2.2, the authors reference "ietf-6man-hbh-header-handling". This draft has been allowed to die on the vine, but artifacts can be seen in the following text from RFC2460bis.



" NOTE: While [RFC2460<https://tools.ietf.org/html/rfc2460>] required that all nodes must examine and

   process the Hop-by-Hop Options header, it is now expected that nodes

   along a packet's delivery path only examine and process the Hop-by-

   Hop Options header if explicitly configured to do so."

You might want to update the draft with this change to 2460 in mind.

                                                            Ron


From: OPSEC [mailto:opsec-bounces@ietf.org] On Behalf Of Gunter Van De Velde
Sent: Wednesday, April 12, 2017 3:39 AM
To: opsec@ietf.org<mailto:opsec@ietf.org>
Subject: [OPSEC] WGLC for draft-ietf-opsec-v6

This is to open a two week WGLC for https://tools.ietf.org/html/draft-ietf-opsec-v6.
If you have not read it, please do so now. You may send nits to the author, but substantive discussion should go to the list.

I will close the call on 26 April 2017

G/

Sent from iCloud

v2.23.0 | Report a Bug | By Email