Re: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6)

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Wed, 17 July 2019 08:25 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 204E81201E9 for <opsec@ietfa.amsl.com>; Wed, 17 Jul 2019 01:25:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=fUWZO2VS; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=ny7f2tfa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9a70P_P-tykq for <opsec@ietfa.amsl.com>; Wed, 17 Jul 2019 01:25:02 -0700 (PDT)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B802C12009C for <opsec@ietf.org>; Wed, 17 Jul 2019 01:25:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2702; q=dns/txt; s=iport; t=1563351902; x=1564561502; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=M+hActl6ni2rPLeHRZfmkG2s1aoKG2+LEVRKIyvJNXQ=; b=fUWZO2VSASBPaG+rsasYokpiItyJ/y62jCscTbQtg+Gxg7ZeseoQ4BUS NywQO+H6ficpDUmWRgYNl6TZXbLTlnGjdPX+s9lnCKfMzV27l69zcYHfC ajY7bzcRBTNxoo13DFW265RMr+H3OGgnps2JXZv+RTBrvNkAPMzfCmSsi M=;
IronPort-PHdr: 9a23:7mf6bxL+jv4AlJ6D+dmcpTVXNCE6p7X5OBIU4ZM7irVIN76u5InmIFeBvad2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUgMdz8AfngguGsmAXEDlPfjhbCESF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0B/AADX2i5d/5hdJa1mHgEGBwaBUwkLAYFDUANtVSAECyqEHINHA45PTIFql3WBLhSBEANUCQEBAQwBARgLCgIBAYRAGYItIzQJDgEDAQEEAQECAQVthTwMhUsCAQMBARAREQwBAQcfBgwRAQgODAImAgQlCxUSBAESIoMAAYFqAx0BAgyhZwKBOIhgcYEygnkBAQWBMgEDAgKBDYJJGIITCYEMKAGLXheBQD+BEScME4IeLj6CYQEBA4EmIS6CdDKCJo54m28JAoIZhliNNBuYCo01h0iQCAIEAgQFAg4BAQWBUDiBWHAVOyoBgkEJgjg3gzozhCY7hT9ygSmNDQEB
X-IronPort-AV: E=Sophos;i="5.64,273,1559520000"; d="scan'208";a="596450472"
Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 17 Jul 2019 08:25:01 +0000
Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by rcdn-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id x6H8P1lL025937 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 17 Jul 2019 08:25:01 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 17 Jul 2019 03:25:01 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 17 Jul 2019 03:25:00 -0500
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 17 Jul 2019 03:25:00 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=L80VyrKWxJ4t9Zx4blydkui6IeVIxHuE7lfBBuvnHA8y2graxmIaXjgTVeirAcnP21BOhW+r4mWYd9VV6243UiEK2FmPlhEsWPL5a6xpm1TZY2oNo1Qg4dlkJ+ry9yhaeLUsdIPS8Ecq64HR3MD1sCjOrKMrSeFgFtMLC8sr1jy6aKR0nBStNpSVuugluOMJdkKXekViHyVSWlmeZDWqCE5OAn2YJmac9Or33ha9C5pdvqoyUNOX7C6i6VKzGdIHcb11k0Gr8aMKl5G4rHxjnm320EYGMsNJQT+tFjypEdm5GVk7HDQKMR9JW8TA0G5AbPZiRQhXSUWRjbyi0V87Xw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M+hActl6ni2rPLeHRZfmkG2s1aoKG2+LEVRKIyvJNXQ=; b=hMyVNA5JMn2g8h3k7NPt+JXAzA6LhWRGQ33Tto29+KjzXi/by5R9ibEfEmR25ByRgJSMqFef/oIXWB5cIrAe2dt1VDZWkcP7FS8BSSkvCnICpMfOjPJ12Yf/3i4v5hfnw46raq2u1URnhgDgSW6kCNKpwgkQEJPbuPxBC2lWhowkO7TxTkgRCHWqx9YScFSrB2nLTxxITzeSW/ZlhH0YGRGy7zLSFKrWs7AggEfxzEefo0Pq8SQ5uvCYpxt95c/9f33hnNHbJ9pEtq0CiXgbHJkdMVRmirN3a2WQSQafUdyf5nToqpPSsmSIosAGaskKrI0TtMtT2TMga7GK7hiDDA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=cisco.com;dmarc=pass action=none header.from=cisco.com;dkim=pass header.d=cisco.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M+hActl6ni2rPLeHRZfmkG2s1aoKG2+LEVRKIyvJNXQ=; b=ny7f2tfaESkjmPw2dPzk//UVe7/vuBIp5nJze/SiD7VrNjnzNb7iW+Z9eRbXyyxCahZq6DFT5jbDp6pxCQubxh72vjrR7OcpnSIZkUHk8QlnuHaQ+ExG+6DeVj1XbegUKuiigXvL2GC/Q1xHJN7hHncBMc3Wi/NW+pjzVW18eP8=
Received: from MN2PR11MB4144.namprd11.prod.outlook.com (20.179.150.210) by MN2PR11MB4032.namprd11.prod.outlook.com (20.179.149.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.14; Wed, 17 Jul 2019 08:24:57 +0000
Received: from MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::cc02:dc35:1f73:653c]) by MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::cc02:dc35:1f73:653c%7]) with mapi id 15.20.2073.012; Wed, 17 Jul 2019 08:24:57 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Enno Rey <erey@ernw.de>, "opsec@ietf.org" <opsec@ietf.org>
Thread-Topic: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6)
Thread-Index: AQHVPHkeVK6pRmxoXk+54ruAULfKog==
Date: Wed, 17 Jul 2019 08:24:57 +0000
Message-ID: <851C8B13-6636-4336-82CB-2F2FC92C3FAE@cisco.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1a.0.190609
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com;
x-originating-ip: [2001:420:c0c1:36:d03a:3618:ce9a:ce53]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 36ba9bb2-05bb-43b2-0ef3-08d70a9040c6
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MN2PR11MB4032;
x-ms-traffictypediagnostic: MN2PR11MB4032:
x-ms-exchange-purlcount: 5
x-microsoft-antispam-prvs: <MN2PR11MB40327DAED9096A1E534FC537A9C90@MN2PR11MB4032.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01018CB5B3
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(136003)(376002)(39860400002)(366004)(346002)(199004)(189003)(51914003)(6246003)(6512007)(6306002)(5660300002)(33656002)(53936002)(14454004)(229853002)(2501003)(15974865002)(6506007)(478600001)(966005)(58126008)(46003)(66946007)(64756008)(66556008)(66476007)(66446008)(102836004)(81156014)(2616005)(476003)(71190400001)(6116002)(81166006)(71200400001)(486006)(91956017)(186003)(8936002)(256004)(14444005)(2906002)(8676002)(76116006)(15650500001)(7736002)(68736007)(86362001)(99286004)(36756003)(316002)(110136005)(305945005)(25786009)(6436002)(6486002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4032; H:MN2PR11MB4144.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Rb+35NPGR6FtANuwyZVRulnMnFPrvIJM2HxOLaLuYDQYJ3NJluJ9ooP+VIzVj/+Lzb7+EF59pCMgqAWh7Ztw8DKUF3hbJAiuj/70So8g8NCoZm4G54CluCA5YchSxoI+WLHLV89T7+8Yje+ZsoPA4Dn/tu8gX/3P107z6+vvl0HjOuokeJhZelfvR0JVIPJlTenpt26kgwi6dnrcZigUsbBbCLqYUJohmtb7al+eZX1FRMEsnLRGmgD/jxlFHEjA4aEwljFTGHhw0s/1lN9BDa4jacmkXSekpLOiRFmZM9Ovwf0Fn17yXrbMCNRYgcmQGVjtLvEM1pmjbQcNTxohYBdQJhsI7NhlTgGn1YDfDpzgDuDbyg6LVl3aUGN6ePwvnw4UsDOOAk3mXIwWEdJbfEIU8GUjBf/kcUGXc0QCXGs=
Content-Type: text/plain; charset="utf-8"
Content-ID: <5E709C0989D0E045AA23D8A5141B091F@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 36ba9bb2-05bb-43b2-0ef3-08d70a9040c6
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jul 2019 08:24:57.3395 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: evyncke@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4032
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.13, xch-rcd-003.cisco.com
X-Outbound-Node: rcdn-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/n-DokEystLzCzqZ8BtJr61-AaBk>
Subject: Re: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6)
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2019 08:25:05 -0000

Jen, Ron,

As co-author of the document, the latest -17 revision dated 2019-07-05 addresses (at least from the authors point of view):
- the comments received during the WG meeting at IETF-104
- the OPSDIR review by Tim Chown dated 2018-07-02
- the WGLC ended in 2017-09-29

The state of the document in the datatracker is still "Revised I-D Needed - Issue raised by WGLC" since 2017-09-29 though. As I was co-chair at that point of time, I should have reset the state to a more suitable one... Would you mind resetting the state to a more suitable one?

Note: I have requested a slot to present this work at V6OPS https://datatracker.ietf.org/meeting/105/materials/agenda-105-v6ops-03

With all the reviews and the updates, may I kindly suggest, if the WG chairs and members agree, to request publication? Happy to talk to you in Montreal of course.

Thank you for considering this request,

-éric

On 06/07/2019, 18:43, "OPSEC on behalf of Enno Rey" <opsec-bounces@ietf.org on behalf of erey@ernw.de> wrote:

    Dear WG Chairs, All,
    
    we've considered & mostly incorporated the input from the mailing list (thanks for the latest reviews and comments!) and from the IETF104 session, and we'd hence like to ask for WGLC of the document.
    
    thanks
    
    Enno
    
    
    
    -- 
    Enno Rey
    
    ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de
    Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 
    
    Handelsregister Mannheim: HRB 337135
    Geschaeftsfuehrer: Florian Grunow, Michael Schaefer 
    
    =======================================================
    Blog: www.insinuator.net || Conference: www.troopers.de
    Twitter: @Enno_Insinuator
    =======================================================
    
    _______________________________________________
    OPSEC mailing list
    OPSEC@ietf.org
    https://www.ietf.org/mailman/listinfo/opsec