Re: [OPSEC] Rtgdir last call review of draft-ietf-opsec-v6-24
"Acee Lindem (acee)" <acee@cisco.com> Thu, 01 April 2021 18:30 UTC
Return-Path: <acee@cisco.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31C9D3A1E4C; Thu, 1 Apr 2021 11:30:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.618
X-Spam-Level:
X-Spam-Status: No, score=-9.618 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=BnX5JPyL; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=O2qx6kZw
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iW7GxdeggLgc; Thu, 1 Apr 2021 11:30:26 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9409F3A1E3E; Thu, 1 Apr 2021 11:30:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5564; q=dns/txt; s=iport; t=1617301810; x=1618511410; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=ke0W6q8Md3cqyzqgYRsILpgSD/2Txcj3rSam6Bc56XU=; b=BnX5JPyLsexcLAYuR0v+dok4AwSRct6K3w4/fhvmHhaf7NrKrAm5VyDC szx3I/5BGWDWnZwMTW669YmA6tQShRtEMs9pdOGkIw6+fMm0230/Fm2vx tTej33F8PeYG3hoefGARiJp1mT/JdTplWayOMlbZM8lWL1tJZDjCxDxc8 I=;
IronPort-PHdr: A9a23:kjeEfh12omCvBAfKsmDPW1BlVkAck7zpIg4Y7IYmgLtSc6Oluo7vJ1Hb+e4FpFTIRo7crflDjrmev6PhXDkG5pCM+DAHfYdXXhAIwcMRg0Q7AcGDBEG6SZyibyEzEMlYElMw+Xa9PBteGd31YBvZpXjhpTIXEw/0YAxyIOm9E4XOjsOxgua1/ZCbYwhBiDenJ71oKxDjpgTKvc5Qioxnec4M
IronPort-HdrOrdr: A9a23:wnydh63dshbleBWoZItf+AqjBaN2eYIsi2QD101hICF9Wvez0+izgfUW0gL1gj4NWHcm3euNIrWEXGm0z/9IyKErF/OHUBP9sGWlaLtj44zr3iH6F0TFmNJ1/ZxLN5JzANiYNzdHpO7x6gWgDpIEyN6I7KiniY7lvghQZCtBApsQiDtRIACdD0FwWU1nKPMCZdqhz+BAoCetfmlSS8y9CGUMUeSrnay0qLvNZxkaCxk7rDSUhTSz57LgVzSe1BESUzRAqI1SslTtuQr/+6mlrrWH2gbRvlWjrqh+tfnA7p94BMKKgtUIMTmEsGaVTaloRrHqhkFPnMiB81Av+eO8xisIH8M20H/Je3HwnB2F4Xid7B8Ly1vPjWCVmmHip8uRfkN5N+NkiZhCehXUr2oM1esMqp5j5G6Su5pJAR6opk2UjLKkO2AI5yiJiEEvnuIJg3tUXZF2Us4tkaUk4EhXHJ0cdRiKjrwPLeh0AMnQoNZQfF+KBkqpxlVH/d22Unw/WiqBW0gJ0/blqgR+oXYR9Tp9+OUv2lM7sL4tQZhN4OrJdo5ykqtVc8MQZaVhQM8cXMqeEAX2MFfxGVPXBW6iOLAMOnrLpZKyyq4y/vuWdJsBy4Z3sIjdUWlfqXU5dyvVeImz9awO1iqIbHS2XDzrxM0bzYN+oKfASL3iNjDGb1wyjc26obE6DtfAU/i+fLJaasWTalfGKMJs5UnTSpNSIX4RXIk+odAgQW+DpcrNN8nkrerefPHPJKf8EDotV2/la0FzBQTbFYFl1ASGS3X4iB/eVzfGYUrk5699F6Dc4qwSxeE2R9VxmzlQrW78ytCAKDVEvKBzVlB5OqnbnqSyonTz+W7J6m5uKwdMF0o92sS6b1p64Ssxd2/ke7cKvNuSPUpI2mGcGxN5R8TKVAhFp1p2/qqzJ4eKxT8rDs+mNm7ytQpUmFu6C7Mn3oGT78bsfZ01Srw8XrZqKAnNHxtp3RpxpHxbcw8CTE/HHjbogaGo5aZkXt33Rp1ZukOGMMRUoXXQuQGgvskpXGIcRCPre9WQmxwSSz1dgUBR/6cTjKGboyumLXIyjY0DQQBxQVXSJIgDLQyeIK1Ih7jgeWhLPBa3rA3fryt2R03H2AE5gHf7ISidZPfRa2Atykxw4+LN61N7dmKUYkRqTGt12LcNSVjuizJUzfKBYLa13i+3bFYPq9ttbg3tUH81Ph5kwcyx2VquvAu6UV8ixpkoI4XmfeseWrnOx3KgL5CJn6kaH/lSuI1oLszqr/Vja5PsRyaINj/iT+sm1wuJz0xVSxVcuT0ql+jl1wbi63X91HkjAeDKKFAjXL0DJcqAhlKUCMqgwdF8jdgvu/G3PXi0YtmaybvPZzorEGKfnUemC+Upo4tTp6Q8qf96GITaSyLB0DVC0A8lJMn50EMYT6IT2sGMBqZ/O8gTcTle5FwniZCGK1YqqBX/BqsmZk425kWrd++h8v7Ns/4iE0eBrAz/NR2W9DBc5e7MW2+G2aQBA6w9LGxKYCEHmTpf1fLHc5eVBBShdulF8lb/KHO7fbNHQKWOGLkbrH9Bkpu1tv7SczC91BHbvDN9LK4L7n2uRtmqBhmQXeFP6N63ND238+KXyd/2iC2yTzS1a04V39IYMUMRa9lOkTkkgsk81DOoRqn+v0IilB9f7Fhc5ynQ85nj5H2eG0dMdRDdiNFRWzJYN3CTl8TL8eSCzh3GkXN48IiGEF0VZ81EHtgbU5P+IChvI9UBpbLAxdtavg1TJBM1S3MmgD/z3+l6za601fXbVerlE2rpMzs6iEh4L58xmDcqp2FGe9W/6pz4Yhx/LJ98P8cC
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CvCQAaEGZg/5FdJa1aHQEBAQEJARIBBQUBQIFQgVNRB3daNjECCIQ4g0gDhTmIUQOKK48LgUKBEQNUCwEBAQ0BASgKAgQBAYRQAheBZAIlOBMCAwEBDAEBBQEBAQIBBgRxhWENhkQBAQEBAyMRDAEBNwELBAIBCBEDAQIDAiYCAgIfERQBCAgCBAENBYJxAYJVAy8BDqBBAoofd4EygwQBAQaFHA0LghMJgQ8qgnaCcRI+SIZLJhyCC4ESJxyCWT6CHjcLAoEpARIBIYMWNYIrgU83gSgEUiNdGQgsDQoEAgEXBgsZBQELD5BTg1mLdJluWwqDCYhPgRCNXQSFMQMfg0uBPok5lieVEIElikCDFo83IIRIAgQCBAUCDgEBBoFrI2lwcBVlAYI+CUcXAg2OH4NwhRSFRXMCCysCBgEJAQEDCXyMPQExXQEB
X-IronPort-AV: E=Sophos;i="5.81,296,1610409600"; d="scan'208";a="855461401"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 01 Apr 2021 18:30:08 +0000
Received: from mail.cisco.com (xbe-aln-003.cisco.com [173.36.7.18]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 131IU6BT021011 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Thu, 1 Apr 2021 18:30:09 GMT
Received: from xfe-aln-005.cisco.com (173.37.135.125) by xbe-aln-003.cisco.com (173.36.7.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Thu, 1 Apr 2021 13:30:06 -0500
Received: from xfe-aln-001.cisco.com (173.37.135.121) by xfe-aln-005.cisco.com (173.37.135.125) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Thu, 1 Apr 2021 13:30:06 -0500
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (173.37.151.57) by xfe-aln-001.cisco.com (173.37.135.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3 via Frontend Transport; Thu, 1 Apr 2021 13:30:06 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f0VJ1ZTFRWMSzq6B6bw+ThFpPPnn8WWh+EhkcVxRePxtgJ/5ekJmkjmpmBSa35jm1ZAqOd856vUiYqw1AWlCADkfa7bYkNyPmz+r2s0unkDYv+6xmBCbxzMCxobtD68Juehf2ob6YG9kSdMd7C7rGuBO83chOexXotROQlxDhDr6b1QRwZPRb1NDGUfmXKXVLL9hE4pHvtqZU97bcF9lEINeePzGJC+KorLiyMxLjUXyAMmcWxZEn0gJBHfm/eysacUjLMo6CTKNrIDPs0J6p2Im9Rtmxk3gTwuFmXigIZwhs2lTzECiBkJixTxt+6pfBCGdaahP/rOzo5zv17Umvg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ke0W6q8Md3cqyzqgYRsILpgSD/2Txcj3rSam6Bc56XU=; b=BWRgD94lEy059lMzPi15CUMy7ZfgtJoDI6wm18ERkQlt+VKwgtgFT7pLkIV6wwVHn4dqGHJJFvfotSSm2prJpMt0K1Y64j7JM+22oS9pLBaQ3t9VrZrdeJVjgEK18wdlKIBXhnf3IgQPlKeTdct0MwGUuExd5G/Dy9PuGnUWg0B/NTW9lwCixBCTLGUNaNqdp/PglMb4232Wok76ZLHt81goIbcbzzddhTktLMZ/j+SLwM5KGR5v4NqGEu+Y3QpSBuFiH7kZG55vtM9Mekr/MiSp+eJyUqJSeE6rsGCOilDXnWceG6B1i47MvDvyN3CRR9UTkFR70lh8Q9FsV1S2pA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ke0W6q8Md3cqyzqgYRsILpgSD/2Txcj3rSam6Bc56XU=; b=O2qx6kZw27G+FUyvASCqZl3psmFgjbb/G9kSSANGxRgKo3hkVsbLYzptk4if4fTOvRfo7Dtl75TwY173TKEvMkDN0E/NA5B0igfCAE7pUffzL7NV0olTmCvV2ugfPNbmvnDLj3PmV8O4isaPZCHr+iPoJOdaYbkYNknGrAcF/SM=
Received: from BYAPR11MB2887.namprd11.prod.outlook.com (2603:10b6:a03:89::27) by SJ0PR11MB5086.namprd11.prod.outlook.com (2603:10b6:a03:2d1::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3977.25; Thu, 1 Apr 2021 18:30:05 +0000
Received: from BYAPR11MB2887.namprd11.prod.outlook.com ([fe80::f82f:ff98:d282:d5e5]) by BYAPR11MB2887.namprd11.prod.outlook.com ([fe80::f82f:ff98:d282:d5e5%5]) with mapi id 15.20.3977.033; Thu, 1 Apr 2021 18:30:04 +0000
From: "Acee Lindem (acee)" <acee@cisco.com>
To: "Eric Vyncke (evyncke)" <evyncke@cisco.com>, "rtg-dir@ietf.org" <rtg-dir@ietf.org>
CC: "draft-ietf-opsec-v6.all@ietf.org" <draft-ietf-opsec-v6.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "opsec@ietf.org" <opsec@ietf.org>
Thread-Topic: Rtgdir last call review of draft-ietf-opsec-v6-24
Thread-Index: AQHXJw9TAbVoG9icqUO344jB7wloRaqfuN6A
Date: Thu, 01 Apr 2021 18:30:04 +0000
Message-ID: <DF05A172-B2DE-4F8F-B78F-FB6DAA202C92@cisco.com>
References: <161650914469.13419.16565124530354757829@ietfa.amsl.com> <BEA27BD3-2B4B-4C62-8D7D-5AE9CC539991@cisco.com>
In-Reply-To: <BEA27BD3-2B4B-4C62-8D7D-5AE9CC539991@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.47.21031401
authentication-results: cisco.com; dkim=none (message not signed) header.d=none;cisco.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [136.56.133.70]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: df2e359d-1dfb-4959-cfe6-08d8f53c2b81
x-ms-traffictypediagnostic: SJ0PR11MB5086:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <SJ0PR11MB50862B7398AFADA4C334E832C27B9@SJ0PR11MB5086.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ab6izJVIwauHqWavsmnFQSThkc/22z7NaxcHZlHI74outEVwdrMMJKrHO0h3hvLKJoqEiwIDCufx7j2HSAHUvQRlMyP/C7V9t+OFbaHjZQFKdoIp6OdqIhlJVFjXSEj2iKO37/tVt62fuCkkngYD5Q7f9n9ayG76HdtQqyKLZWjUNtQBJLG7raknFeSKQyP5yAcmtzel5Zn7GtYfEZqqYKOK8Ao2cRBCQkGgw0KjSezhcFkPeGFiMH2GgmOYoJqOt1CAR6gGmKoitqQYRONO3Va0goadnGJJPZfU8I2n4WSSrhqNrhyJY0GtBwjLflsgRZluCGCPeuwweYk9wQOL0RPCcGnItf+oJuhe9l5KA2dzqCgshtPWEzIIvVjzDeKkT0YLbItRujnmicQYaikNtXWVp10LFOxS0nfrIHFI/4wAltWBMDA7aAqLwyN+2NUB5yOmUU7CVWT9rvbT7y23GImqBHAZPy9KizMpUuZ0kzaxzR4kO2Cj2dd/nT+0EJn1XrO750i0BAV3yWcIAgcqPp16hrXjKYjMZ0j/7lRDlmhpcQPqwdc9wNtm/smymNxZ1xqCLEJJ7Uk1M7ovi910XdvJK3SnzmvSb6lM1PlLkiGVqONXiAG8SVdKs0wb0twyrNr5yTPwBrSeoAPqOAelGjAIqjcVYCiXjQYLv2cdNYLnEkvnznFUICRd6cXQTmByf6+QvD/xktFe0bkNEv4XVXiyb+k2DK99N8nvDPHy/HfgpaODj9G8z5YTs003WI9QbtmTDVvs5zTW/H3O9NynhQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR11MB2887.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(346002)(376002)(366004)(136003)(39860400002)(2906002)(966005)(66946007)(76116006)(66556008)(64756008)(5660300002)(4326008)(2616005)(450100002)(66446008)(83380400001)(6512007)(66476007)(38100700001)(6486002)(186003)(33656002)(86362001)(8676002)(54906003)(316002)(110136005)(71200400001)(6506007)(53546011)(26005)(66574015)(36756003)(478600001)(8936002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: Rc5obe/Yn5cf5qjgKTXtK8w1QZpmGgMwK6jV2vPPsl5hULpF0vgh9zEY4wTvLBw/YZUOtqg65dyWgqmU39ZdRrWG4aU9f39/y9NxlQpKS/0DAl3QOuU3WkIBwxLjs3Y4SJ4HCxEBe8EwALTJhoCTKAW087gC9d0GOVI/hrvcwLk/AGn8om6uczHEhdehzEmg4tFQUbiuR7JKfjHdO6SxnTK2054OU/0HMUt/Eh8IKwdPCs4BBvBGJbOJyRJ+hAU1e1+zkmVzGZKdTn9olIKlSDPFCRWM25yUcDHqS7x7Y7ffZI170vMN7dVtU5JjLINaFxTldTjBHgfc7lbPRFvGFhCoe9M/X3+gc6OpsX6na5deOnPuEwrRWrl8Op0FGrJUYILUx6Wh2hI3R7vUpRo/eKemAtfm1fHwe2x9RepijZsmWGHMeMsppmoItcOZ6Nnufeqkd0m49aQiAxrdV/VFZzxkk05D5bSnDNte50wnMeeRWG9JyJVfzhMRxdrHDhCnxDp5+YLqODjje9HP8Gn/kyPtrPcq16d+kZyMbiC4eoGcqy1ADlvF87cG2mxyaK7tRdSYQTfoqOYSEFhIX9ndHM4cAtcV4c9xKZsOQgbsyxON5Mv+PaEWMlPtj+xjVjtbeNh+VEPjk8AtaYxGzMivJO2WALgT47raXZ4J+wS48rPa3D0eFuYr2UIK1oH/2C3x4wV+xavpd/PdXgGkJH3qdHmWdp8Ddm3c/EHtzU0EiJ5D7Szl1KPP/SvKNb5BefBQDkAwyGJ55f5BsnL96pdsDglLQ/FYTiE/BI4MKq3sxKHo8lH1EiHF4IaWFfqGcwOxufJHyC1UxwreJCh5DXhC3gaavmRrnynB0+7eLr8ghHwBbLj6fB7CF94elX1QuWL0t1er0TokmCDHG/3o5n+1PHREV/DpgDjpOvO3WXEI6TJaFitoA1mFICKn6YtUBsrvDeaGnTA+/Ns2jkGjA/8JGbLjAIl0kXvO6abIGTlMPei8DWnOK4wnjGjkk13o2uWJ6GjH7UbslouUIT8l9OsPGFgeZBpGYBJd1lgVgY2UCsrEIKTN3VOUShfqQt0iUwi/GqhPa8AfUcJQo7v2W9XMAhZ8amkSMe/14TujylQLyosoo+t+JLOyJjSBh3oAxXbsqu5ZS0FZKlVrgc4CkX5vNiesfCGH0gQ6lAMq9FadbpYmz43/zYleTe4ZrpenOp6nvZjZ9z+pCeS2CB6LhEKCzJrWiXbOGqum4gyPQsIDoz7FlgBX/w8+Q8VpgJbxFkCOVzkddnHDpO4X2ybr4qPWOO5tr8uAm3Y4ZypE1mUmswUv8wgVNQnpei9CVrU5VSUQqGhS3n6AemsJG50tVTfcpg==
Content-Type: text/plain; charset="utf-8"
Content-ID: <B28A6E65A1FB764D81776AFC350417CC@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR11MB2887.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: df2e359d-1dfb-4959-cfe6-08d8f53c2b81
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Apr 2021 18:30:04.8606 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ymmU0lV3i+hJnyU7fLT++jtNDZAttzRbqrDKrLHSeKfmnk7tLcvPDnMpwswHGl3h
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB5086
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.18, xbe-aln-003.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/_1IuippkVWDEkJXQLin7-oSiDkQ>
Subject: Re: [OPSEC] Rtgdir last call review of draft-ietf-opsec-v6-24
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2021 18:30:31 -0000
Hi Eric, Thanks much for incorporating my comments. On 4/1/21, 11:54 AM, "Eric Vyncke (evyncke)" <evyncke@cisco.com> wrote: Acee, Big thank you on your nits review! As a non-English speaker, I always welcome (and learn from) such a detailed review. The just posted -25 has all the nits fixed (per your other email) and we took action on your two suggestions below. BTW, we added a reference to RFC 8177 in section 2.5.3 'securing routing updates" as it seems more suitable. It applies there. However, I was thinking of it in the context of this statement in 2.4. "The control plane processor is then unable to process valid control packets and the router can lose OSPF or BGP adjacencies which can cause a severe network disruption." If one supports a the key-chain mechanisms for rollover in their OSPF and BGP implementations, there will be no disruption. Anyway, it was only a suggestion. Thanks, Acee Regards -éric PS: happy to have a April 1st I-D, which is NOT a joke ;-) -----Original Message----- From: Acee Lindem via Datatracker <noreply@ietf.org> Reply-To: "Acee Lindem (acee)" <acee@cisco.com> Date: Tuesday, 23 March 2021 at 15:19 To: "rtg-dir@ietf.org" <rtg-dir@ietf.org> Cc: "draft-ietf-opsec-v6.all@ietf.org" <draft-ietf-opsec-v6.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "opsec@ietf.org" <opsec@ietf.org> Subject: Rtgdir last call review of draft-ietf-opsec-v6-24 Resent-From: <alias-bounces@ietf.org> Resent-To: Eric Vyncke <evyncke@cisco.com>, Kiran Kumar Chittimaneni <kk.chittimaneni@gmail.com>, Merike Kaeo <merike@doubleshotsecurity.com>, <erey@ernw.de>, <furry13@gmail.com>, Ron Bonica <rbonica@juniper.net>, <warren@kumari.net>, <rwilton@cisco.com>, Gyan Mishra <hayabusagsm@gmail.com>, <hayabusagsm@gmail.com> Resent-Date: Tuesday, 23 March 2021 at 15:19 Reviewer: Acee Lindem Review result: Has Nits Hello, I have been selected as the Routing Directorate reviewer for this draft. The Routing Directorate seeks to review all routing or routing-related drafts as they pass through IETF last call and IESG review, and sometimes on special request. The purpose of the review is to provide assistance to the Routing ADs. For more information about the Routing Directorate, please see http://trac.tools.ietf.org/area/rtg/trac/wiki/RtgDir Although these comments are primarily for the use of the Routing ADs, it would be helpful if you could consider them along with any other IETF Early Review/Last Call comments that you receive, and strive to resolve them through discussion or by updating the draft. Document: draft-ietf-opsec-v6-24.txt Reviewer: Acee Lindem Review Date: 03/23/2021 IETF LC End Date: Soon Intended Status: Informational Summary: The document contains a lot of useful recommendations and references for Operational Security in IPv6 networks. Since the document has "Informational" status, none of the text is normative. The document is basically ready for publication. I have some nits attached and a have couple suggested references for IPv6 control plane security. Major Issues: None Minor Issues: 1. Section 2.4 - Recommend implementation of key-chains and graceful key rollover as documented in section 2.2 of RFC 8177. This will avoid the disruptions during key rollover. 2. Section 2.4 - Recommend implementation of SPF rate-limiting as documented in RFC 8541. This is in the context of OSPFv3 protocol specific mechanisms and the recommended rate-limiting. Nits: Will send diffs in separate message.
- [OPSEC] Rtgdir last call review of draft-ietf-ops… Acee Lindem via Datatracker
- Re: [OPSEC] [RTG-DIR] Rtgdir last call review of … Acee Lindem (acee)
- Re: [OPSEC] Rtgdir last call review of draft-ietf… Eric Vyncke (evyncke)
- Re: [OPSEC] Rtgdir last call review of draft-ietf… Eric Vyncke (evyncke)
- Re: [OPSEC] Rtgdir last call review of draft-ietf… Acee Lindem (acee)