IETF Logo Mail Archive

Re: [OPSEC] Genart last call review of draft-ietf-opsec-v6-21

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Mon, 08 February 2021 22:18 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 072B73A0E05; Mon, 8 Feb 2021 14:18:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.62
X-Spam-Level:
X-Spam-Status: No, score=-9.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=mif62Ulx; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=w+Kr+IX9
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r2-Grav_uySJ; Mon, 8 Feb 2021 14:18:12 -0800 (PST)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF1C63A0BDB; Mon, 8 Feb 2021 14:18:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4024; q=dns/txt; s=iport; t=1612822692; x=1614032292; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=UYoHQDa8bgVWGMp6zfwqNmrbH4pmu6MceiFyR2v1nKg=; b=mif62UlxkbGQ15j2Ab68WQlCWL4wuYcjn1HKBp9NYGw52bsM8jWFTXtQ 8Dg0AkFy5epiejSGpybxkDtpFrSNwCOGbvjRdkZiIY+915P4QjpzgXKj6 XsC8Uy5ySdzO5py6Cj7yof3CO3sLMOgS9+q5NJoaDcLtjBQs0nNFvI5Gi o=;
X-IPAS-Result: A0DoAQADtyFgmIMNJK1iHAEBAQEBAQcBARIBAQQEAQFAgU+BU1GBVzYxhEGDSAOOEAOKH459gUKBEQNUCwEBAQ0BAS0CBAEBhEsCF4FrAiU4EwIDAQEBAwIDAQEBAQUBAQECAQYEFAEBAQEBAQEBhjYNhXEBAQEEIxEMAQE3AQsEAgEIDgMDAQIDAiYCAgIfERUICAIEAQ0FgyaCVgMuAaQ3AooldoEygwUBAQaFBg0LghIJgQ4qgneCcVBHgQyFOCYbgUE/gREnDBCCVj6CG4IJGheDAjSCLIMuBHUuLxlrD5Bcg0ykcFsKgnqWWgSCMYJ0Ax+jIpQyjiyOcoRYAgQCBAUCDgEBBoFtIYFZcBVlAYI+UBcCDY4hGoNXill0DSoCBgEJAQEDCXyKOmIBAQ
IronPort-PHdr: 9a23:LtfFKBKMwM2ND0frS9mcpTVXNCE6p7X5OBIU4ZM7irVIN76u5InmIFeGvKk/g1rAXIGd4PVB2KLasKHlDGoH55vJ8HUPa4dFWBJNj8IK1xchD8iIBQyeTrbqYiU2Ed4EWApj+He2YkdQEcf6IVbVpy764TsbAB6qMw1zK6z8EZLTiMLi0ee09tXTbgxEiSD7b6l1KUC9rB7asY8dho4xJw==3D
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.81,163,1610409600"; d="scan'208";a="660245647"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 08 Feb 2021 22:18:10 +0000
Received: from XCH-ALN-005.cisco.com (xch-aln-005.cisco.com [173.36.7.15]) by alln-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id 118MI1vv024986 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 8 Feb 2021 22:18:10 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-ALN-005.cisco.com (173.36.7.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 8 Feb 2021 16:18:07 -0600
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 8 Feb 2021 17:18:06 -0500
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Mon, 8 Feb 2021 17:18:05 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iPAsV3gjY0nf3EQnLU0oDYR0GsuVsENnEYP/dfBw8IXZmT6zrw18Oc7Ynfj3VaxaGNtxJZ61QR2FTL26QK50vgK+zNBVaWvkOO1ZXeDyuGLVIMQfm89BQsIOSZIrPv5VTFjH1LFkgVVwYV0UVMKlmKY6troVPH5PjQJL70qQHwbT0eMwpYAa294N7g8FiGdfyhjAo3spZIm/nNPQHk4HwywOlrkdDjI6/HK6yXJcqaqvGZdV0Ok8ltGZsVE8CMR0raloEzFUPmcCTL6AG49isFwj5WT/skwEH6pErQww7lPRb7wqv3qiTOpLv/AtiOuWCIMRNLN6GVrTw/ZJ+1mgLQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UYoHQDa8bgVWGMp6zfwqNmrbH4pmu6MceiFyR2v1nKg=; b=judqvajYWtGwg5AmS/kaGhQPZhtbXuM3IOJPM8jKLipqh57qCBqGP6k4f94JB0XWHUq734zcRgrTiDT+RN+5uqfs0T6XsTKrFOW6iaKx/7Km8jLN8pYpmcej4UBF9ecltr1+UmeQPxPR5JZV94wzcqaJGH7EXY+V8+W67Bcrj/wUiMrVcRZu5dT9U+8Bq4+rs5WyaaHS+ErrRSyZoqqLAb3MDeUcCYVqixuzQ8/zOBip+WlaCY/kzt3dmL3zSPNBPADyqpzKuQyhePcnQGpX+3CmbEOwCp2mU9TO/Zznq7/60gAYCRliTNxA9nh1oitTe8jIgIsFH4+Ukf8jIw8iRQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UYoHQDa8bgVWGMp6zfwqNmrbH4pmu6MceiFyR2v1nKg=; b=w+Kr+IX9FS72RrDd3dJMimnCTpdzEcA9wl+JKhcP2Yp7sh3XN0SkZ3khChO0EEN42vIyCAM8+lhektjzHC1GACVVEk2JUOTdMEHyQtp+SsS01e+CEQ0z/kulL3FhlaCMHNaQbL0Bci7AqvZfDS3Qt8oQZmLFaTraIPYyQNgxi14=
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by PH0PR11MB4886.namprd11.prod.outlook.com (2603:10b6:510:33::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3825.17; Mon, 8 Feb 2021 22:18:04 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::7d4c:6b05:89aa:85b]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::7d4c:6b05:89aa:85b%3]) with mapi id 15.20.3825.030; Mon, 8 Feb 2021 22:18:04 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Erik Kline <ek.ietf@gmail.com>, "gen-art@ietf.org" <gen-art@ietf.org>
CC: "opsec@ietf.org" <opsec@ietf.org>, "draft-ietf-opsec-v6.all@ietf.org" <draft-ietf-opsec-v6.all@ietf.org>
Thread-Topic: Genart last call review of draft-ietf-opsec-v6-21
Thread-Index: AQHW/mhEd1C1v0Pzv0CZXQp1ySBgVQ==
Date: Mon, 08 Feb 2021 22:18:04 +0000
Message-ID: <10CDC72E-FC16-4597-80DC-41E68F465976@cisco.com>
References: <157533625154.2030.12019281441540986899@ietfa.amsl.com> <6DCCAA2E-E71E-4214-9C27-178A5E937983@cisco.com>
In-Reply-To: <6DCCAA2E-E71E-4214-9C27-178A5E937983@cisco.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.45.21011103
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2a02:578:8557:600:8d5:3536:9b20:bd78]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 412d9f87-e2d1-4cda-9cef-08d8cc7f67da
x-ms-traffictypediagnostic: PH0PR11MB4886:
x-microsoft-antispam-prvs: <PH0PR11MB48869A7CE09FADA36685DB2AA98F9@PH0PR11MB4886.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: YFfsmOyVkcKZZBAO/dWuaZAM7VnIidc1SrTTT4jFZDQWyUC9lFm5GelNUT5x2tzVsAT39oLJbFOAgX8GDpc34GGkMSUL8V3X/I8eaeJ4ddY0f32H30KbBAv0Rt/i/RhGot9yXIgCwAnYQAjedlQIuHTi8GTYkocnxTqVBId4M10dW8AdUDK0aNKWZyo7J0xeGbkzdjszw5qCuIJS5UzNBH/452ENvv/MxdwvjVQuWw673cETwbPJrLZKpL+rarovZ8d+jeyB5rBIh2S2or91dRiu2Ot6jBliWg6ixGHzi4Z7bpymeZPR1nejE0fU5XVnHJxNvI036gvtiLUhfwUUbRHZvhTj7orK+tfxKKpzk6d7B/4TWHoj/KbGhIuhCJn87AHlwn4rmSryzgF8w51yUfa6tWA2JjO7Ghb5ubEz29VA4/d7En3dtXdtuGeAAcJ5qE4krffXmyaEgzMQOaXZL6OdcssZtSmB1sG4vuxAFj0wBQNu8ikWdrwFXTUU+iPXzZRUCpsqtbaaIbAM1F1NSy9/IdtFWO+cs//mBmeofxpdJgVOJX0PEW6BYf1caPeLXsmLgjlXEWpPs8wVeoF+6g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(136003)(39860400002)(376002)(346002)(396003)(36756003)(6512007)(186003)(91956017)(2616005)(478600001)(86362001)(8936002)(54906003)(5660300002)(4326008)(316002)(6506007)(66476007)(66446008)(64756008)(66556008)(76116006)(53546011)(66946007)(110136005)(83380400001)(33656002)(8676002)(2906002)(71200400001)(6486002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: DdXcg/up9WLiRnIBUeTNVIcL5jmbCSBjRpre+7HN14zfoiS3C2J89Xia+b5OUnqOOJjOr6z6OJWMwT3k/wr498OoA5+F7wuZM5WSXcyLzMmEB2wa1gRx9TiFQnF/8uBk5w2c6WJm16EKPVQGvvjyR41uckvkwuFxP2epNl9rhswBhsnCTUsHpu2ktgySTjrRcBDXzdWa1C7EcGOLSaw07kbUsbr9xBtJetq83KbkZDzR29V5KhfWqajiGMiX3JwNbR4LpOPj5EnucKCO/Blm+sqNIOREdS1T8qihv61IFSQW/9OknJDbK16rEOqtS83mD4cHjVrRxMIKY9UCKyEj3lhWK/amAdkf/blWaw4wszbCGWlGbe22ZQCURTpdZVZQiHggaT2uUW+KS3wr39gGUUGu5vI8I5vqJQ5jeLoMBXNAsUlpB+wUhV3QLPIEe+QaGdnigZlAwzqUmsw9rse1pJVuqTi2XOU5bpP5E2Fh6Xvqa+bTxUgDGEZ91vAMYKKkt6f2MTdTYx7inaEDggD9HS9X8kiqkhqgWhklme1OQQ5RtW50mfz6luydtU85vzcDr8JitP9y44ncFhyjooVNfCMBmbenBGgJ3JrH6Lhh68+xGKxADIi+f0UlH3PRP66RsjDsyzs7PnEsA5PkovammXuFX0bmB6f0Ot9rIekfLt2L9sAp1xSVTvNqEWMu0bSMfL/VeRKSutGrhyWxK68rVmBv09OvHdKG5Sci5jKu6XqBKEa94HTkjhcHofwuKtgx613kPVhI8YLzkVC0wBRx8WsIF1HO4GRgoqoVmqZ11HgEqCU8ssV1c80un0qZrLIU3jeSevoZ5NyYoXe0xG+m8nXGv8yeilpi/6XXH3dIKIMrOHjSRrwjxz275Gv4Jy8H1H2a9vwcUA0/cgXkyjZzq+xskXyA1IUOTf9rHHn41aP7wO9T1tDSkG51TpSEs7w/Kse+e18nWbJLSnymI74XFp0ZnKDTskN/BeI9KzMqehyRV72RWJpNYAts3q3mBo+B9kYxpzVBoFj+0LFPGPB/aXB86S3lJ9ZvM3X3Vobx6ep1UoQUkKXxYnn9s7LUN/dOUKV9xM5S5keYSZHIkZlrW9P3ccJPguKlGnyGwHbu/3dvBTP2w4hfRdt5s6WBfsTd1SEgeXrxK2HuLAq/H9CPtu7if5XY9keXDVaInCjFL0kC52v1JYyV/5FJ8mJ+fs61TZqVCzh0bYCsBcwDJwK41SSFW3cJIpJQMQyMTg0MIQyzLLBBqPit4ylGwExk6wTMkXmdKogj1QSuBK3BRGjNF4Lpgv27h3PBu9B56sQGJh0BcDogT2DllzBycaerXps5ls7aUj+MQs8nEwgZ4BWVzXGn7yabCWMRubOuz+V+NwbZ9f2GZDzut6bK1Fw7Rz0H
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <4B43E062EFA55A45A6BFDB4CECD0404E@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 412d9f87-e2d1-4cda-9cef-08d8cc7f67da
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Feb 2021 22:18:04.6864 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 7VU+P2TJ+GKk5YbbPeIwOVJFDkA4teqk4VFIujTUodKk80Wc+pr7Rbo/rneV9OEnU6RrSeMUtSoNLVX7k7OiDQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4886
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.15, xch-aln-005.cisco.com
X-Outbound-Node: alln-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/LA4vBE2dGW4AI_FtmdMrXveBEYE>
Subject: Re: [OPSEC] Genart last call review of draft-ietf-opsec-v6-21
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Feb 2021 22:18:14 -0000

Hello Erik,

Revision -23 (soon to be published) should incorporate the remaining issues (most of the previous ones were fixed in the just released -22). See EV23>

Thank you again for your valuable review

-éric

-----Original Message-----
From: Eric Vyncke <evyncke@cisco.com>
Date: Saturday, 14 December 2019 at 22:22
To: Erik Kline <ek.ietf@gmail.com>, "gen-art@ietf.org" <gen-art@ietf.org>
Cc: "last-call@ietf.org" <last-call@ietf.org>, "opsec@ietf.org" <opsec@ietf.org>, "draft-ietf-opsec-v6.all@ietf.org" <draft-ietf-opsec-v6.all@ietf.org>
Subject: Re: Genart last call review of draft-ietf-opsec-v6-21
Resent-From: <alias-bounces@ietf.org>
Resent-To: Eric Vyncke <evyncke@cisco.com>, Kiran Kumar Chittimaneni <kk.chittimaneni@gmail.com>, Merike Kaeo <merike@doubleshotsecurity.com>, <erey@ernw.de>, Ron Bonica <rbonica@juniper.net>, <furry13@gmail.com>, Ignas Badonas <ibagdona@gmail.com>, <warren@kumari.net>, Gyan Mishra <hayabusagsm@gmail.com>, <hayabusagsm@gmail.com>
Resent-Date: Saturday, 14 December 2019 at 22:22

    Hello Erik

    Thank you again for the review. We have accepted all your nits except those below (see EV>). They will appear in revision -22

    Regards

    -éric (the other one)

    On 02/12/2019, 17:24, "Erik Kline via Datatracker" <noreply@ietf.org> wrote:

        - It's not clear if RFC 2119 text is needed for this document as it is now.

    EV> it does IMHO as we have some cut&paste of text from RFC having those words.


EV23> thinking twice, completely removed now

        - 2.1.5

            - Could perhaps more explicitly state that DHCPv6 is not mandatory
              to implement per IPv6 Node Requirements (RFC 8504).

    EV23> text added

- 2.2

    - One might quibble with the statement "the extension header chain
      must be be parsed completely".  It has to be parsed enough so that
      it can be completely traversed, but it need not necessarily be
      parsed in a way that a node has to "understand" the contents --
      this is how the extension headers are designed, after all.

EV23> text modified into " the extension header chain must be parsed completely (even if not processed)", I hope that it is clearer now

        - 2.4.2

            - With the mention of NTP I suddenly thought: should there be
              DNS-related text as well, or does that fall within this section too?

    EV> as we mention protocols used by the routers, I would say that DNS is not really required & relied upon by routers (albeit often use), I would assume that DNS is simply included in the '...'

        - 2.5.3

            - The CYMRU link doesn't seem to go to a useful page anymore.  :-/

    EV> indeed, it looks like CYMRU has become a commercial company :-( unable to find the previous document :-( removed all links

EV23> found back a CYMRU page that is now also used for bogons

v2.23.0 | Report a Bug | By Email