Re: [OPSEC] Fwd: ID Tracker State Update Notice: <draft-ietf-opsec-protect-control-plane-06.txt>
George Jones <fooologist@gmail.com> Tue, 04 January 2011 23:31 UTC
Return-Path: <fooologist@gmail.com>
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 563443A6D1D for <opsec@core3.amsl.com>; Tue, 4 Jan 2011 15:31:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JFugiDyjqEfb for <opsec@core3.amsl.com>; Tue, 4 Jan 2011 15:31:42 -0800 (PST)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com [209.85.212.44]) by core3.amsl.com (Postfix) with ESMTP id EC7273A6BD6 for <opsec@ietf.org>; Tue, 4 Jan 2011 15:31:41 -0800 (PST)
Received: by vws7 with SMTP id 7so6096365vws.31 for <opsec@ietf.org>; Tue, 04 Jan 2011 15:33:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=LC/4FozV9Mj+xHuveJppEchwl8am9cmDVckKmgT0RaY=; b=NVnaOeiAqUfnkjm0Nqey9wghQYi5b5Uo5aO7pKvkekUuyymsIMaSohXtVFRG4KDRc9 GTNyfBVT7lnxQp457QfuoK9MaiV0b4u/2kSFy/rQyo6tyaeorcpNHhzhxLmy4Y538eGK Ft3yyFdkYbX12O7BmpVdXnD8Z0qts1ng+sMhs=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=ebFXwu9RLyUHtvVwu/U7Hv3CiiPoaA48sppJHj63NOwUHh9m7aS0IZJNiO8yJvekcV UEYsUsJfLzLXIvW1mLXVLf7wrYS4ets7jhl9BjduGz+19cTiCXAKlF/cj1GeShXsmTcQ 5SevU7TacbHoT2oXTftlN54udh3tcpbvQ3JcI=
MIME-Version: 1.0
Received: by 10.220.181.6 with SMTP id bw6mr5260558vcb.11.1294184027854; Tue, 04 Jan 2011 15:33:47 -0800 (PST)
Received: by 10.220.98.85 with HTTP; Tue, 4 Jan 2011 15:33:47 -0800 (PST)
In-Reply-To: <20110104092257.2ff16390@t61p>
References: <20101223193418.26547.34582.idtracker@localhost> <64E1A73D-2221-4035-8E77-79A6515A0DC3@kumari.net> <20110104092257.2ff16390@t61p>
Date: Tue, 04 Jan 2011 18:33:47 -0500
Message-ID: <AANLkTinsOZrbJ2+5pSVnTxFXcw0QLuPR5Q5guN6ZWE8n@mail.gmail.com>
From: George Jones <fooologist@gmail.com>
To: John Kristoff <jtk@cymru.com>
Content-Type: multipart/alternative; boundary="90e6ba53a9ce4117ba04990db347"
Cc: "opsec@ietf.org mailing list" <opsec@ietf.org>, Warren Kumari <warren@kumari.net>
Subject: Re: [OPSEC] Fwd: ID Tracker State Update Notice: <draft-ietf-opsec-protect-control-plane-06.txt>
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Jan 2011 23:31:43 -0000
On Tue, Jan 4, 2011 at 10:22 AM, John Kristoff <jtk@cymru.com> wrote: > On Thu, 23 Dec 2010 15:22:22 -0500 > Warren Kumari <warren@kumari.net> wrote: > > > So, our active queue is beginning to look very sparse... I have a > > draft that I started writing a while ago that Chris Morrow and Danny > > McPherson have agreed to fix / update (poke...), does anyone have > > anything else that they are working on? > > I had started a port filtering draft. A second revision has been > started, but we haven't spent much time on it lately. I can endeavor > to get this work going again this week. > > <http://tools.ietf.org/html/draft-kristoff-opsec-port-filtering-00> > Looks like you were tackling the "what to filter and why" + gotchas. Noble. Useful. But if the device just can't do it, not sufficient. Again, what I had in mind was as series of docs that provide testable security features, possibly paired with a test methodology. Before diving into any serious work, though, it would be worth asking the question, would anybody care/be positively impacted if the docs were finished. Does anybody do this sort of testing? Would they? Would a list in the form of RFCs help ? ----George Jones
- [OPSEC] Fwd: ID Tracker State Update Notice: <dra… Warren Kumari
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Joel Jaeggli
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … George Jones
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … John Kristoff
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Smith, Donald
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … George Jones
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Joel Jaeggli
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Fernando Gont
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Christopher Morrow
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Jared Mauch
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Ronald Bonica
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Smith, Donald
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … George Jones
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … George Jones
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Smith, Donald
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Warren Kumari
- Re: [OPSEC] Fwd: ID Tracker State Update Notice: … Joel Jaeggli