Re: [OPSEC] I-D Action: draft-ietf-opsec-v6-20.txt

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Tue, 15 October 2019 06:12 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55E5812004E for <opsec@ietfa.amsl.com>; Mon, 14 Oct 2019 23:12:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=fHwDLFAm; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=QtXLgiHK
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6o8aX4Cw-_QB for <opsec@ietfa.amsl.com>; Mon, 14 Oct 2019 23:12:34 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CE9512002E for <opsec@ietf.org>; Mon, 14 Oct 2019 23:12:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8002; q=dns/txt; s=iport; t=1571119954; x=1572329554; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=78c7RkoMy7t2D+uu0vPEtvnccRhLkbebCgXg/3xP1N0=; b=fHwDLFAmlaKweyYuL+PSL7HTeVtHTRns+0q43AzcSEG0DuMbuoTy0kvT udSXWQKSaSJLjKUOvElSv+C50stoI4XOJAqXP7Oq+Q1EdS3NXk8Hqiwmt 2whtWzb/6BOs2rf3hUBayO7JwJ5pzPVjpuGdyl0hnKwl8yqBMQqjmlK8L 4=;
IronPort-PHdr: =?us-ascii?q?9a23=3AJNGnPBR0+9rxEveXwm//dsFnlNpsv++ubAcI9p?= =?us-ascii?q?oqja5Pea2//pPkeVbS/uhpkESXBdfA8/wRje3QvuigQmEG7Zub+FE6OJ1XH1?= =?us-ascii?q?5g640NmhA4RsuMCEn1NvnvOiEkDcJJV1JN9HCgOk8TE8H7NBXf?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AGAAC2YqVd/51dJa1mGQEBAQEBAQE?= =?us-ascii?q?BAQEBAQEBAQEBEQEBAQEBAQEBAQEBgWcEAQEBAQELAYFKUAVsVyAECyqEJYN?= =?us-ascii?q?HA4RYhXKCXIlqjhSBLhSBEANUCQEBAQwBARgGDwIBAYRAAheCSyQ0CQ4CAwk?= =?us-ascii?q?BAQQBAQECAQUEbYUtDIVLAQEBAQIBAQEQEREMAQEsCwEEBwQCAQYCDgMEAQE?= =?us-ascii?q?BAgIRFQICAh8GCxUICAIEAQ0FIoMAAYJGAw4gAQIMkmuQYgKBOIhhdYEygn0?= =?us-ascii?q?BAQWBSEFAgjwNC4IXCYEMKAGFEoZ7GIFAP4ERJx+CTD6CGkcBAQIBARaBAkU?= =?us-ascii?q?XKIJPMoIsj3CdF0EKgiKHCIkzVoQIG4I6L0OGXIQshz+DTY4uiCOCD48HAgQ?= =?us-ascii?q?CBAUCDgEBBYFSOYFYcBUaISoBgg0BATIJRxAUgU+Dc4UUhT90AYEoj0cBAQ?=
X-IronPort-AV: E=Sophos;i="5.67,298,1566864000"; d="scan'208";a="650012961"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 15 Oct 2019 06:12:32 +0000
Received: from XCH-ALN-016.cisco.com (xch-aln-016.cisco.com [173.36.7.26]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id x9F6CWRB007335 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 15 Oct 2019 06:12:32 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-ALN-016.cisco.com (173.36.7.26) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 15 Oct 2019 01:12:31 -0500
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 15 Oct 2019 01:12:31 -0500
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 15 Oct 2019 01:12:31 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ESxBGEOVS9ysjInKaYQT033LGuJ9bjak/ruxC1kTDzWOmIaPtvR1BpoxVaP2rHI1N6MTDYYzEAG+AkbjbYp2mrdD6Klyy5PpXzHBpbx/LrKwfvRT4IdfHgqWvZTxK3rJwylu/Ymb66nhVY4Idj50J7Aqpze8tsnDw1yo29J+DpZy16zt7TmPyRC7QM9Cl+kv/GACQ0NCLaPMcEJskN9oGDkYCm+QCDs7pG86fCDQZV6Q6x/ez8/vTybHU+Cv38SJ45El1hMCn/9lPHJSl64mLjKA2VxMZMrB2G5X7R6baM7bDaXNafNEDtxkcPc1JcfxDIhobXnayuP5lePRLGSBUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=78c7RkoMy7t2D+uu0vPEtvnccRhLkbebCgXg/3xP1N0=; b=FXP6LiPsEFGs4ztdblS2QxxRjrsxxW6QFyeHyj3Gu7RaPr78GWjdKeI7ZIktLr2fj0IUyKwF7grmNXWwBpLJAd3IXiARYxVhgHpsd509UTMwphF5qT/e4X5xYiP5PL8AJnSXKUlY3x/qAfLmZAQUB4aZ62v2tVHv35tlX6SHOWnVum7hEZYaTwUYM6FRmv8KXdTtM6G2BUI2EdXbjfBHIq4ybdZS1YcoySbxc2w0QKOq5bdN/3Mkrm5ohci4dKWXijS8xGrrT7f6XjMN0RdgmJXvvvyrEYhXf2nqVhINabLPQRWqGziq0koySrz9vsPdj61jEoQ7i28wVKpvWQUZwQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=78c7RkoMy7t2D+uu0vPEtvnccRhLkbebCgXg/3xP1N0=; b=QtXLgiHK70DrLO4BUxWWuPrSm4SgAb7NKA53bd3Mntw5kb5K/JSnG14p4xBwyT9iJfBGZPOtu/dM2SiKUevW7PoQ4JVE3qElPPtAA0zehSC4KGi5aoI7VTicaEho5gIwKVqepwEFWnt2wYlMdfGsgH8vkRKYIyzkerGalcQ+osA=
Received: from MN2PR11MB4144.namprd11.prod.outlook.com (20.179.150.210) by MN2PR11MB3678.namprd11.prod.outlook.com (20.178.254.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2347.18; Tue, 15 Oct 2019 06:12:30 +0000
Received: from MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::e4f8:d335:c018:c62a]) by MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::e4f8:d335:c018:c62a%7]) with mapi id 15.20.2347.021; Tue, 15 Oct 2019 06:12:30 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Gyan Mishra <hayabusagsm@gmail.com>, Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>
CC: "opsec@ietf.org" <opsec@ietf.org>
Thread-Topic: [OPSEC] I-D Action: draft-ietf-opsec-v6-20.txt
Thread-Index: AQHVgM9rjNu0gahqL0CwhI/yzqaHUKdWwKcAgAQID4CAAAsegIAAix+A
Date: Tue, 15 Oct 2019 06:12:29 +0000
Message-ID: <ACE9142D-22EB-4A65-9B50-6BE750D295C4@cisco.com>
References: <157086559138.1393.1472645196672102960@ietfa.amsl.com> <AD406E0A-4CAF-44FE-A583-3A6E4E4A0FD4@cisco.com> <BN7PR05MB56997470CC6BB671C949202CAE900@BN7PR05MB5699.namprd05.prod.outlook.com> <C215E3D8-F896-442E-B5A3-DF112B0ED869@gmail.com>
In-Reply-To: <C215E3D8-F896-442E-B5A3-DF112B0ED869@gmail.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1d.0.190908
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com;
x-originating-ip: [2001:420:c0c1:36:155a:bee:c9e2:bff1]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c961dac1-ac06-4ae3-48d3-08d75136a90b
x-ms-traffictypediagnostic: MN2PR11MB3678:
x-ms-exchange-purlcount: 9
x-microsoft-antispam-prvs: <MN2PR11MB36782A28C4F3682D93ACBB9AA9930@MN2PR11MB3678.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 01917B1794
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(366004)(136003)(346002)(376002)(396003)(199004)(189003)(13464003)(71200400001)(71190400001)(66556008)(66446008)(46003)(476003)(2906002)(6486002)(99286004)(53546011)(446003)(966005)(76176011)(66574012)(6306002)(6436002)(6506007)(6512007)(4326008)(76116006)(91956017)(66476007)(486006)(66946007)(64756008)(14454004)(6116002)(2616005)(11346002)(478600001)(256004)(4001150100001)(33656002)(305945005)(14444005)(58126008)(36756003)(316002)(110136005)(229853002)(5660300002)(186003)(81166006)(81156014)(8676002)(8936002)(7736002)(6246003)(86362001)(25786009)(102836004); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3678; H:MN2PR11MB4144.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: HiACVD216Qz53WAm1EHObP/3Q2GrGTxPPWuaZm8yZDFT0o2cfwgJ/3cJ14wHtIEx1JOC447o9XjTu+2TkiS62bHnrChDD5aZ4fgDROJIZwTCVwI1WKgOBGzWMxdRMELdpcfWdRuA4ujFINZvSqh/Mqca/igTw8qMv/hyO5QY+4Q5kvO+lDNK4oY8T74uLhWCK0pmyf9mF0VzWaDI/dUceq4b6GfzECGfkE2dwHhNrfJV7s/iqxsSZzQCF80ZKRQUCDdO24GmaRdKXMMGe4FaQFUJJ6G2N2ZYSYekwylN5j0h32NLuO0Ssm8PQ23ocYvZnvw0AjhxM2/ALG9iMeWiT+IgExi6bM183uUUDq+6ekQA3G4nyiA8EIcEnjwMp2NJYK2+Jyk5n2w/nBXY6GSAc8jMF4uB+Uhfn+QaSOgzUtgzlmTC2/Iw5+3qa2P4j9fwGfomXFwaEqoyEMiugXQ+LQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <EFC77FC5D826314ABE18F770002CD2CF@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: c961dac1-ac06-4ae3-48d3-08d75136a90b
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Oct 2019 06:12:29.9598 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: l4r5BlF0Ogg30j1/RPMPRrqpy2n+sLMPs7df2B495RICFkXhzqK/YNcSMG6qcDmBCBNPivIaGqOO33/qDcjndQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3678
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.26, xch-aln-016.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/WnM-JqIBDV3-UAdF-XGXoGOAbeM>
Subject: Re: [OPSEC] I-D Action: draft-ietf-opsec-v6-20.txt
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Oct 2019 06:12:37 -0000

Gyan,

Thank you very much for being 'victimteered' as the document shepherd [1] __

Thank you Jen and Ron for your support

Regards

-éric and the authors -kk -merike -enno

[1] see https://datatracker.ietf.org/doc/draft-ietf-opsec-v6/edit/shepherdwriteup/ (you need to create a free account on datatracker if not yet done), the mailing list archive should also be a source of information https://mailarchive.ietf.org/arch/browse/opsec/?q=draft-ietf-opsec-v6


On 15/10/2019, 01:54, "Gyan Mishra" <hayabusagsm@gmail.com> wrote:

    Ron
    
    I read the document thoroughly in its entirety and do have valuable real world experience in this space so I am volunteering.
    
    Not sure what I am getting myself into.😀
    
    Gyan
    
    Sent from my iPhone
    
    > On Oct 14, 2019, at 7:14 PM, Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org> wrote:
    > 
    > Jen,
    > 
    > I am ready to request publication. But before we do that, we need a document shepherd.
    > 
    > Eric,
    > 
    > Was there anyone who was close to the draft, but not a co-author. We can victimteer that person.
    > 
    >                                                      Ron
    > 
    > 
    > 
    > Juniper Business Use Only
    > 
    > -----Original Message-----
    > From: Eric Vyncke (evyncke) <evyncke@cisco.com> 
    > Sent: Saturday, October 12, 2019 3:41 AM
    > To: opsec@ietf.org
    > Cc: Jen Linkova <furry13@gmail.com>om>; Ron Bonica <rbonica@juniper.net>
    > Subject: Re: [OPSEC] I-D Action: draft-ietf-opsec-v6-20.txt
    > 
    > As you will notice in https://urldefense.com/v3/__https://www.ietf.org/rfcdiff?url2=draft-ietf-opsec-v6-20__;!8WoA6RjC81c!R2vH-_v3NugiwIfTcXccEC89zGAXYR4rIB7oMxgV_5Tl11Z9jXZgMMuVCfC0QrYg$  this latest revision addresses a suggestion by Gyan Mishra issued during the Working Group Last Call. Other changes are mainly replacing the normative "MUST" and "SHOULD" as it is an informational document (so it is now "must" and "should") + removing an unused informational reference.
    > 
    > Jen and Ron, as the authors have addressed all comments received during the WGLC (actually by only one reviewer) and the extensive review by Jen, may I kindly request publication of this document?
    > 
    > Thank  you all
    > 
    > -éric -merike - kk -enno
    > 
    > 
    > On 12/10/2019, 09:34, "OPSEC on behalf of internet-drafts@ietf.org" <opsec-bounces@ietf.org on behalf of internet-drafts@ietf.org> wrote:
    > 
    > 
    >    A New Internet-Draft is available from the on-line Internet-Drafts directories.
    >    This draft is a work item of the Operational Security Capabilities for IP Network Infrastructure WG of the IETF.
    > 
    >            Title           : Operational Security Considerations for IPv6 Networks
    >            Authors         : Eric Vyncke
    >                              Kiran K. Chittimaneni
    >                              Merike Kaeo
    >                              Enno Rey
    >        Filename        : draft-ietf-opsec-v6-20.txt
    >        Pages           : 52
    >        Date            : 2019-10-12
    > 
    >    Abstract:
    >       Knowledge and experience on how to operate IPv4 securely is
    >       available: whether it is the Internet or an enterprise internal
    >       network.  However, IPv6 presents some new security challenges.  RFC
    >       4942 describes the security issues in the protocol but network
    >       managers also need a more practical, operations-minded document to
    >       enumerate advantages and/or disadvantages of certain choices.
    > 
    >       This document analyzes the operational security issues in several
    >       places of a network (enterprises, service providers and residential
    >       users) and proposes technical and procedural mitigations techniques.
    >       Some very specific places of a network such as the Internet of Things
    >       are not discussed in this document.
    > 
    > 
    >    The IETF datatracker status page for this draft is:
    >    https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-opsec-v6/__;!8WoA6RjC81c!R2vH-_v3NugiwIfTcXccEC89zGAXYR4rIB7oMxgV_5Tl11Z9jXZgMMuVCVgtmnGd$ 
    > 
    >    There are also htmlized versions available at:
    >    https://urldefense.com/v3/__https://tools.ietf.org/html/draft-ietf-opsec-v6-20__;!8WoA6RjC81c!R2vH-_v3NugiwIfTcXccEC89zGAXYR4rIB7oMxgV_5Tl11Z9jXZgMMuVCQdAq-nG$ 
    >    https://urldefense.com/v3/__https://datatracker.ietf.org/doc/html/draft-ietf-opsec-v6-20__;!8WoA6RjC81c!R2vH-_v3NugiwIfTcXccEC89zGAXYR4rIB7oMxgV_5Tl11Z9jXZgMMuVCTaFWv3h$ 
    > 
    >    A diff from the previous version is available at:
    >    https://urldefense.com/v3/__https://www.ietf.org/rfcdiff?url2=draft-ietf-opsec-v6-20__;!8WoA6RjC81c!R2vH-_v3NugiwIfTcXccEC89zGAXYR4rIB7oMxgV_5Tl11Z9jXZgMMuVCfC0QrYg$ 
    > 
    > 
    >    Please note that it may take a couple of minutes from the time of submission
    >    until the htmlized version and diff are available at tools.ietf.org.
    > 
    >    Internet-Drafts are also available by anonymous FTP at:
    >    https://urldefense.com/v3/__ftp://ftp.ietf.org/internet-drafts/__;!8WoA6RjC81c!R2vH-_v3NugiwIfTcXccEC89zGAXYR4rIB7oMxgV_5Tl11Z9jXZgMMuVCXkuUebd$ 
    > 
    >    _______________________________________________
    >    OPSEC mailing list
    >    OPSEC@ietf.org
    >    https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/opsec__;!8WoA6RjC81c!R2vH-_v3NugiwIfTcXccEC89zGAXYR4rIB7oMxgV_5Tl11Z9jXZgMMuVCVjA-7t2$ 
    > 
    > _______________________________________________
    > OPSEC mailing list
    > OPSEC@ietf.org
    > https://www.ietf.org/mailman/listinfo/opsec