Re: [OPSEC] Alvaro Retana's No Objection on draft-ietf-opsec-v6-25: (with COMMENT)
KK Chittimaneni <kk.chittimaneni@gmail.com> Tue, 11 May 2021 14:31 UTC
Return-Path: <kk.chittimaneni@gmail.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7CEA3A19CF; Tue, 11 May 2021 07:31:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BjynZkDyE31F; Tue, 11 May 2021 07:31:52 -0700 (PDT)
Received: from mail-lj1-x231.google.com (mail-lj1-x231.google.com [IPv6:2a00:1450:4864:20::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E450B3A19C7; Tue, 11 May 2021 07:31:51 -0700 (PDT)
Received: by mail-lj1-x231.google.com with SMTP id p20so1403340ljj.8; Tue, 11 May 2021 07:31:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8CsjILPcFrbws4cX8BEE/7uG6uo0b9S7efC8uwzpnCU=; b=nn0nfw6yMN/J7BEvUtXdJZRSiTQlH08hYQk8fmIPTzv32Etzl9QFDp0cTSeLtO14K0 dG9y3S2l/pO1mrV9gMx3MOP4dbQyxxI6IJeC61tLSrxlrCamGhySnhynURPsKC6Axr08 I6RT4w6baGIxAA8oa1Gfwcz6vookjSIGx5TQQxBSKrBAb5MeECAbEm3RYCKfS83Zy98z vIcW8+PrOt7jPZdXOl3d7Dc1jm0XnT+m10uHtCHoUngKSfaQ05nyVJqAxq5jIWWKtvzr vhKjXvmihwZJt9VGJ+u6j3Cm1y0ROBZo6Qa1/lCOX1WQWIU6ZNNLnGcfCqCkJ7VDra5A Yt0w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8CsjILPcFrbws4cX8BEE/7uG6uo0b9S7efC8uwzpnCU=; b=R/QG/XU/NUhsyuuKV/zvUhuRKwPzy50uGKqi8RDokMAdaK+uN4t6E+tRaVJMkX7Mg6 LUv0+ZxD0pJa9YWYOlwFBjPE+pDcz4UPXGBpa/3IyU07CsjbpnPhzrQ6G/TyRdB8jCOZ Y4Hf5aR6XZgFi6GbvhwXxp/5D77LaG4tITieBM5FiyFzy2YV4Ezfmp5tEvZyck3El6VI b664xnVZd258YQ6br1ajwdKmF8Ekx+fdXgBQ2JRhHRA3QDAwJgTLO8H45Q9smp9BuYE5 HhtcyOL7+SY2gMd+2p3iQkdCigLN6EFOzFjPF23mKm3RcYFHLEPt7+zLZddGybR8d8IU p0vA==
X-Gm-Message-State: AOAM532AAetuUEV8wGBZGAC5WYgGuzZZO16eAHj6AJG7up5h/QTHC26z DFeM5R9gcHovNTaL7XaMr+3tSTNCTskFyJiA37E=
X-Google-Smtp-Source: ABdhPJzfAGzrnUS86oPcVA0qP5mDsxF9rFP2a5YgKOojJlsyun4Th8D2a6seW7om1JLHjbnofdYkX5EbMQBw1RiMJ2Y=
X-Received: by 2002:a05:651c:210:: with SMTP id y16mr22590312ljn.279.1620743508793; Tue, 11 May 2021 07:31:48 -0700 (PDT)
MIME-Version: 1.0
References: <161765687327.663.16409961435864058863@ietfa.amsl.com> <20210410183626.GC91991@ernw.de> <CAMMESswa74XCW0EJ9uRDYnMzzbnSmt7yfQu9odd8F0eABM9rOA@mail.gmail.com>
In-Reply-To: <CAMMESswa74XCW0EJ9uRDYnMzzbnSmt7yfQu9odd8F0eABM9rOA@mail.gmail.com>
From: KK Chittimaneni <kk.chittimaneni@gmail.com>
Date: Tue, 11 May 2021 07:31:37 -0700
Message-ID: <CA+iP7bVXWNQhKfSbZ26srrOL+oPnGY3V9HRumoe=e+McxBM_HA@mail.gmail.com>
To: Alvaro Retana <aretana.ietf@gmail.com>
Cc: Enno Rey <erey@ernw.de>, opsec@ietf.org, Gyan Mishra <hayabusagsm@gmail.com>, draft-ietf-opsec-v6@ietf.org, The IESG <iesg@ietf.org>, opsec-chairs@ietf.org
Content-Type: multipart/alternative; boundary="0000000000001d1ce705c20ec165"
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/V4H3IaNZlxfV9PFNbfBUAM1D8O4>
Subject: Re: [OPSEC] Alvaro Retana's No Objection on draft-ietf-opsec-v6-25: (with COMMENT)
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 May 2021 14:31:58 -0000
Hi Alvaro, Thank you very much for your detailed review. Together with my co-authors, we have uploaded revision -27, which should address all your comments. The diff is at: https://www.ietf.org/rfcdiff?url2=draft-ietf-opsec-v6-27 Regards, KK On Mon, Apr 19, 2021 at 8:27 AM Alvaro Retana <aretana.ietf@gmail.com> wrote: > Enno: > > Hi! > > I looked at -26. > > I still find the applicability statement confusing, the the reasons I > described in 1.a/1.b (below). There is a contradiction about whether the > document applies to residential users (as mentioned in §1.1 and §5) or not > (as mentioned in the Abstract). Also, why does the "applicability > statement especially applies to Section 2.3 and Section 2.5.4” *only*? > > This is obviously a non-blocking comment, but I believe it is important > since the applicability statement may influence who reads and follows the > recommendations. > > Thanks! > > Alvaro. > > On April 10, 2021 at 2:36:26 PM, Enno Rey (erey@ernw.de) wrote: > > Hi Alvaro, > > thanks for the detailed evaluation and for the valuable feedback. > > I went thru your COMMENTS and performed some related adaptions of the > draft. A new version has been uploaded. > > thank you again & have a great weekend > > Enno > > > > > On Mon, Apr 05, 2021 at 02:07:53PM -0700, Alvaro Retana via Datatracker > wrote: > > Alvaro Retana has entered the following ballot position for > > draft-ietf-opsec-v6-25: No Objection > > > > When responding, please keep the subject line intact and reply to all > > email addresses included in the To and CC lines. (Feel free to cut this > > introductory paragraph, however.) > > > > > > Please refer to > https://www.ietf.org/iesg/statement/discuss-criteria.html > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > The document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-opsec-v6/ > > > > > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > > > (1) The applicability statement in ??1.1 is confusing to me. > > > > a. The Abstract says that "this document are not applicable to > residential > > user cases", but that seems not to be true because this section says > that the > > contents do apply to "some knowledgeable-home-user-managed residential > > network[s]", and ??5 is specific to residential users. > > > > b. "This applicability statement especially applies to Section 2.3 and > Section > > 2.5.4." Those two sections represent a small part of the document; what > about > > the rest? It makes sense to me for the applicability statement to cover > most > > of the document. > > > > c. "For example, an exception to the generic recommendations of this > document > > is when a residential or enterprise network is multi-homed." I'm not > sure if > > this sentence is an example of the previous one (above) or if "for > example" is > > out of place. > > > > (2) ??5 mentions "early 2020" -- I assume that the statement is still > true now. > > > > (3) It caught my attention that there's only one Normative Reference > (besides > > rfc8200, of course). Why? What is special about the IPFIX registry? > > > > It seems that an argument could be made to the fact that to secure > OSPFv3, for > > example, an understanding of the protocol is necessary. This argument > could be > > extended to other protocols or mechanisms, including IPv6-specific > technology: > > ND, the addressing architecture, etc. Consider the classification of the > > references in light of [1]. > > > > [1] > > > https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/ > > > > > > > > -- > Enno Rey > > Cell: +49 173 6745902 > Twitter: @Enno_Insinuator > >
- [OPSEC] Alvaro Retana's No Objection on draft-iet… Alvaro Retana via Datatracker
- Re: [OPSEC] Alvaro Retana's No Objection on draft… Enno Rey
- Re: [OPSEC] Alvaro Retana's No Objection on draft… Alvaro Retana
- Re: [OPSEC] Alvaro Retana's No Objection on draft… KK Chittimaneni