[OPSEC] Opsdir telechat review of draft-ietf-opsec-v6-26
Tim Chown via Datatracker <noreply@ietf.org> Thu, 22 April 2021 10:53 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: opsec@ietf.org
Delivered-To: opsec@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A7FC13A1073; Thu, 22 Apr 2021 03:53:40 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Tim Chown via Datatracker <noreply@ietf.org>
To: ops-dir@ietf.org
Cc: draft-ietf-opsec-v6.all@ietf.org, last-call@ietf.org, opsec@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.28.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <161908882063.14230.2228639706548726690@ietfa.amsl.com>
Reply-To: Tim Chown <tim.chown@jisc.ac.uk>
Date: Thu, 22 Apr 2021 03:53:40 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/JeMgyApAj9W_9lwCZZWjbQqZSB8>
Subject: [OPSEC] Opsdir telechat review of draft-ietf-opsec-v6-26
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Apr 2021 10:53:41 -0000
Reviewer: Tim Chown Review result: Ready Hi, I have reviewed this document (draft-ietf-opsec-v6-26) as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. This draft analyses operational security issues related to the deployment of IPv6, and describes appropriate mechanisms and practices to mitigate potential threats. I have previously reviewed this draft three times in as many years, the most recent being my OPS DIR review of the previous -25 version. General comments: The nature of this beast remains the same as the -25 version, and my general comments from that version all still apply. The draft has a lot of good advice, provided by authors with significant expertise in the IPv6 security field. It could be better structured and could give some summary points for readers not prepared to read 50 pages, but in my view ia) it is far better to publish this document than hold it up much longer and b) certainly no harm can be done by publishing it as is; there is nothing wrong and no bad advice. Perhaps someone else can write a blog-style summary of the key points and link to the full RFC once published. So, overall, given the history and the time the authors have spent to date, I would support publication. It’s good enough. Specific comments: Having re-read the draft and the diffs to -25, I counted that10 of the 39 specific comments I made about the -25 version of the draft have been addressed, the rest remain open. No direct response was provided to the -25 review, so it’s not possible to understand what some comments were addressed and the others not. There is nothing wrong in the text as such, but some significant improvements that could be made., but I understand why the authors would rather get the document shipped. Nits: All nits reported in my previous review are addressed. One new nit was introduced in 2.3.2.4: "unless specific use cases such as the presence of devices Homenet devices emitting router advertisements preclude this" Something's not right there. — Tim
- [OPSEC] Opsdir telechat review of draft-ietf-opse… Tim Chown via Datatracker