Re: [OSPF] Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
Huaimo Chen <huaimo.chen@huawei.com> Thu, 05 January 2017 16:02 UTC
Return-Path: <huaimo.chen@huawei.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 892411296DA; Thu, 5 Jan 2017 08:02:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.321
X-Spam-Level:
X-Spam-Status: No, score=-7.321 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T7n4H6cHjTXq; Thu, 5 Jan 2017 08:02:00 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68E6612958C; Thu, 5 Jan 2017 08:01:59 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml702-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CYH47285; Thu, 05 Jan 2017 16:01:57 +0000 (GMT)
Received: from DFWEML703-CAH.china.huawei.com (10.193.5.177) by lhreml702-cah.china.huawei.com (10.201.5.99) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 5 Jan 2017 16:01:56 +0000
Received: from DFWEML501-MBB.china.huawei.com ([10.193.5.179]) by DFWEML703-CAH.china.huawei.com ([10.193.5.177]) with mapi id 14.03.0301.000; Thu, 5 Jan 2017 08:01:53 -0800
From: Huaimo Chen <huaimo.chen@huawei.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
Thread-Topic: Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
Thread-Index: AQHSZ15+22jPcqbBEkKL5b8ixlmjHKEqAEoA
Date: Thu, 05 Jan 2017 16:01:52 +0000
Message-ID: <5316A0AB3C851246A7CA5758973207D44F798FF5@dfweml501-mbb>
References: <148362581683.20611.16224230586723841663.idtracker@ietfa.amsl.com>
In-Reply-To: <148362581683.20611.16224230586723841663.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.212.245.168]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A0B0205.586E6DF5.018A, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 9ea0802c09b8b13e64380890a9359ea2
Archived-At: <https://mailarchive.ietf.org/arch/msg/ospf/a2qYOMk6isOyQKjF-mwqZVn5A8Y>
Cc: "ospf@ietf.org" <ospf@ietf.org>, "ospf-chairs@ietf.org" <ospf-chairs@ietf.org>, "draft-ietf-ospf-ttz@ietf.org" <draft-ietf-ospf-ttz@ietf.org>
Subject: Re: [OSPF] Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2017 16:02:02 -0000
Hi Stephen, Thank you very much for your time to review the document and your valuable comments. Your comments are addressed inline below with prefix [HC]. Best Regards, Huaimo -----Original Message----- From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie] Sent: Thursday, January 05, 2017 9:17 AM To: The IESG Cc: draft-ietf-ospf-ttz@ietf.org; padma.ietf@gmail.com; ospf-chairs@ietf.org; padma.ietf@gmail.com; ospf@ietf.org Subject: Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT) Stephen Farrell has entered the following ballot position for draft-ietf-ospf-ttz-05: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ospf-ttz/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- - section 13: I don't agree that there are no new security considerations, and in fact you seem to raise one so I'd suggest dropping the "nothing to see here" pseudo-boilerplate;-) [HC]: We will change the text accordingly. - section 13: If a router inside a TTZ is borked, then mechanisms that detect borked routers won't work as well from outside the TTZ I guess (e.g. they might identify the wrong router as the borked one). And contrary-wise, hiding topology may help in that it may make it harder for an attacker to find a desirable target. Did anyone think about this? (This is not a discuss only because I'm not familiar enough with ospf but I bet a beer that hiding topology will create more new security issues that are not described here;-) [HC]: When a router in a TTZ is borked, mechanisms that detect borked routers might not detect the borked router inside the TTZ from outside the TTZ since the topology of the TTZ is hidden from outside. If the mechanisms are put to detect borked routers inside the TTZ, then they might identify the wrong router as the borked one. In general, hiding topology makes it harder to be attacked. - 8.1: Did I miss where "Z flag" was described? [HC]: Z flag is described in section 6.2. - nit: six authors again, plus 2 contributors plus 4 "other authors." I really don't get why it's not possible to reduce to 5 in cases like this. [HC]: We will fix this nit.
- [OSPF] Stephen Farrell's No Objection on draft-ie… Stephen Farrell
- Re: [OSPF] Stephen Farrell's No Objection on draf… Spencer Dawkins at IETF
- Re: [OSPF] Stephen Farrell's No Objection on draf… Huaimo Chen
- Re: [OSPF] Stephen Farrell's No Objection on draf… Huaimo Chen