Re: [OPSEC] Alvaro Retana's No Objection on draft-ietf-opsec-v6-25: (with COMMENT)
Alvaro Retana <aretana.ietf@gmail.com> Mon, 19 April 2021 15:27 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id B389E3A35C3;
Mon, 19 Apr 2021 08:27:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.196
X-Spam-Level:
X-Spam-Status: No, score=-0.196 tagged_above=-999 required=5
tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001,
RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id xuMISLpyFwzl; Mon, 19 Apr 2021 08:27:37 -0700 (PDT)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com
[IPv6:2a00:1450:4864:20::52f])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 5BA5E3A35A5;
Mon, 19 Apr 2021 08:27:36 -0700 (PDT)
Received: by mail-ed1-x52f.google.com with SMTP id g17so40530512edm.6;
Mon, 19 Apr 2021 08:27:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=from:in-reply-to:references:mime-version:date:message-id:subject:to
:cc; bh=4gT2mcbluOjPZLZCGim3pz5yX+6WaQ1PfGI0rITXHEE=;
b=J1uDibrG5vIz9bYXgn2hdAMTIC+w4sr3lTcMBzlx7BRZhwsSlKmx4XjzVdDA0c42ve
jmG8v2iXos4foMC2bJIlVtFmXCnYfYnFk0E2m06jCpZD5f9ztHAfCiXAERSShz3nUtXF
OER9YzboURVv5S4oRur/fhbYVXhQV2wqHJjJrhgRzmulIf8/TJZ2zN4GHeAXYrVagIzZ
1QMNBj0iIXslJ7Bw/igTegYyTiSJYjnn82hAXXN18k1gOii9nmHx1tInpFAHygoEu8qE
t/VVHVVQUxO/ZfgOEsMyX1luoKsSBHTssNBez/1WHB+tLilMHbQ93w2TBH/L8NwG2Rjb
5EPw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:in-reply-to:references:mime-version:date
:message-id:subject:to:cc;
bh=4gT2mcbluOjPZLZCGim3pz5yX+6WaQ1PfGI0rITXHEE=;
b=A15cSmDdmmY2hDMmUX1Aj+yWPGyWjD9oApvsO+Ad6pIaDI8L8ab56vZxOikYzrV3QV
z18jEa+Iigf+8jsL/tkXDgAAEoVI8LguRaxfzcimN3UD6uVuFmpwUYY/pdkcgHPJ+6mo
VDsUmAE6LYaCo5+yrwSQFaA/PuACLcDesPHRGiWPmCfMuPx9sq2tnKnmuxXavtJN8NTM
sloHVREeXzsA2KMyaatdfNT5aawTHWbF5AXTdF8QMWF2W1rIPw6Vmxz9w4FhOD7mB8SV
CbreowsCPgCFavcq4BTG+GjXBEu9OnYnOjxWy294nr20u6iEYa262m2K3W6rnnR1y2hn
gQsg==
X-Gm-Message-State: AOAM531zE1Rymby9bH06rGW87Ktp8Mv8x7EXrLf4K/5rYLyXw/8DEzt2
UuDah3sXKG36WN7YP6JwAaAEG/nMkLCKarR82WI=
X-Google-Smtp-Source: ABdhPJzXmte7tmiFf+OFfOt4Z1q0ozUXMGTxP15+bGPNjV/EfRZHWia2wiqbrF0hBIe/CTlx0+P5RWaoo2Bd2ia2SvI=
X-Received: by 2002:a05:6402:274d:: with SMTP id
z13mr26786778edd.344.1618846053393;
Mon, 19 Apr 2021 08:27:33 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with
HTTPREST; Mon, 19 Apr 2021 08:27:32 -0700
From: Alvaro Retana <aretana.ietf@gmail.com>
In-Reply-To: <20210410183626.GC91991@ernw.de>
References: <161765687327.663.16409961435864058863@ietfa.amsl.com>
<20210410183626.GC91991@ernw.de>
MIME-Version: 1.0
Date: Mon, 19 Apr 2021 08:27:32 -0700
Message-ID: <CAMMESswa74XCW0EJ9uRDYnMzzbnSmt7yfQu9odd8F0eABM9rOA@mail.gmail.com>
To: Enno Rey <erey@ernw.de>
Cc: opsec@ietf.org, Gyan Mishra <hayabusagsm@gmail.com>,
draft-ietf-opsec-v6@ietf.org,
The IESG <iesg@ietf.org>, opsec-chairs@ietf.org
Content-Type: multipart/alternative; boundary="000000000000f569e305c054f714"
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/QxG-CT_ZQxomlvdAmI1QEn1X-_Q>
Subject: Re: [OPSEC] Alvaro Retana's No Objection on draft-ietf-opsec-v6-25:
(with COMMENT)
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>,
<mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>,
<mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Apr 2021 15:27:46 -0000
Enno: Hi! I looked at -26. I still find the applicability statement confusing, the the reasons I described in 1.a/1.b (below). There is a contradiction about whether the document applies to residential users (as mentioned in §1.1 and §5) or not (as mentioned in the Abstract). Also, why does the "applicability statement especially applies to Section 2.3 and Section 2.5.4” *only*? This is obviously a non-blocking comment, but I believe it is important since the applicability statement may influence who reads and follows the recommendations. Thanks! Alvaro. On April 10, 2021 at 2:36:26 PM, Enno Rey (erey@ernw.de) wrote: Hi Alvaro, thanks for the detailed evaluation and for the valuable feedback. I went thru your COMMENTS and performed some related adaptions of the draft. A new version has been uploaded. thank you again & have a great weekend Enno On Mon, Apr 05, 2021 at 02:07:53PM -0700, Alvaro Retana via Datatracker wrote: > Alvaro Retana has entered the following ballot position for > draft-ietf-opsec-v6-25: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-opsec-v6/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > > (1) The applicability statement in ??1.1 is confusing to me. > > a. The Abstract says that "this document are not applicable to residential > user cases", but that seems not to be true because this section says that the > contents do apply to "some knowledgeable-home-user-managed residential > network[s]", and ??5 is specific to residential users. > > b. "This applicability statement especially applies to Section 2.3 and Section > 2.5.4." Those two sections represent a small part of the document; what about > the rest? It makes sense to me for the applicability statement to cover most > of the document. > > c. "For example, an exception to the generic recommendations of this document > is when a residential or enterprise network is multi-homed." I'm not sure if > this sentence is an example of the previous one (above) or if "for example" is > out of place. > > (2) ??5 mentions "early 2020" -- I assume that the statement is still true now. > > (3) It caught my attention that there's only one Normative Reference (besides > rfc8200, of course). Why? What is special about the IPFIX registry? > > It seems that an argument could be made to the fact that to secure OSPFv3, for > example, an understanding of the protocol is necessary. This argument could be > extended to other protocols or mechanisms, including IPv6-specific technology: > ND, the addressing architecture, etc. Consider the classification of the > references in light of [1]. > > [1] > https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/ > > > -- Enno Rey Cell: +49 173 6745902 Twitter: @Enno_Insinuator
- [OPSEC] Alvaro Retana's No Objection on draft-iet… Alvaro Retana via Datatracker
- Re: [OPSEC] Alvaro Retana's No Objection on draft… Enno Rey
- Re: [OPSEC] Alvaro Retana's No Objection on draft… Alvaro Retana
- Re: [OPSEC] Alvaro Retana's No Objection on draft… KK Chittimaneni