Re: [OSPF] Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
Huaimo Chen <huaimo.chen@huawei.com> Thu, 05 January 2017 16:02 UTC
Return-Path: <huaimo.chen@huawei.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 892411296DA; Thu, 5 Jan 2017 08:02:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.321
X-Spam-Level:
X-Spam-Status: No, score=-7.321 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T7n4H6cHjTXq; Thu, 5 Jan 2017 08:02:00 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68E6612958C; Thu, 5 Jan 2017 08:01:59 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml702-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CYH47285; Thu, 05 Jan 2017 16:01:57 +0000 (GMT)
Received: from DFWEML703-CAH.china.huawei.com (10.193.5.177) by lhreml702-cah.china.huawei.com (10.201.5.99) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 5 Jan 2017 16:01:56 +0000
Received: from DFWEML501-MBB.china.huawei.com ([10.193.5.179]) by DFWEML703-CAH.china.huawei.com ([10.193.5.177]) with mapi id 14.03.0301.000; Thu, 5 Jan 2017 08:01:53 -0800
From: Huaimo Chen <huaimo.chen@huawei.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
Thread-Topic: Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
Thread-Index: AQHSZ15+22jPcqbBEkKL5b8ixlmjHKEqAEoA
Date: Thu, 05 Jan 2017 16:01:52 +0000
Message-ID: <5316A0AB3C851246A7CA5758973207D44F798FF5@dfweml501-mbb>
References: <148362581683.20611.16224230586723841663.idtracker@ietfa.amsl.com>
In-Reply-To: <148362581683.20611.16224230586723841663.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.212.245.168]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A0B0205.586E6DF5.018A, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 9ea0802c09b8b13e64380890a9359ea2
Archived-At: <https://mailarchive.ietf.org/arch/msg/ospf/a2qYOMk6isOyQKjF-mwqZVn5A8Y>
Cc: "ospf@ietf.org" <ospf@ietf.org>, "ospf-chairs@ietf.org" <ospf-chairs@ietf.org>, "draft-ietf-ospf-ttz@ietf.org" <draft-ietf-ospf-ttz@ietf.org>
Subject: Re: [OSPF] Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2017 16:02:02 -0000
Hi Stephen,
Thank you very much for your time to review the document and your valuable comments.
Your comments are addressed inline below with prefix [HC].
Best Regards,
Huaimo
-----Original Message-----
From: Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie]
Sent: Thursday, January 05, 2017 9:17 AM
To: The IESG
Cc: draft-ietf-ospf-ttz@ietf.org; padma.ietf@gmail.com; ospf-chairs@ietf.org; padma.ietf@gmail.com; ospf@ietf.org
Subject: Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
Stephen Farrell has entered the following ballot position for
draft-ietf-ospf-ttz-05: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-ospf-ttz/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
- section 13: I don't agree that there are no new
security considerations, and in fact you seem to raise
one so I'd suggest dropping the "nothing to see here"
pseudo-boilerplate;-)
[HC]: We will change the text accordingly.
- section 13: If a router inside a TTZ is borked, then
mechanisms that detect borked routers won't work as
well from outside the TTZ I guess (e.g. they might
identify the wrong router as the borked one). And
contrary-wise, hiding topology may help in that it may
make it harder for an attacker to find a desirable
target. Did anyone think about this? (This is not a
discuss only because I'm not familiar enough with ospf
but I bet a beer that hiding topology will create more
new security issues that are not described here;-)
[HC]: When a router in a TTZ is borked, mechanisms that
detect borked routers might not detect the borked router
inside the TTZ from outside the TTZ since the topology
of the TTZ is hidden from outside. If the mechanisms
are put to detect borked routers inside the TTZ, then they
might identify the wrong router as the borked one.
In general, hiding topology makes it harder to be attacked.
- 8.1: Did I miss where "Z flag" was described?
[HC]: Z flag is described in section 6.2.
- nit: six authors again, plus 2 contributors plus 4
"other authors." I really don't get why it's not
possible to reduce to 5 in cases like this.
[HC]: We will fix this nit.
- [OSPF] Stephen Farrell's No Objection on draft-ie… Stephen Farrell
- Re: [OSPF] Stephen Farrell's No Objection on draf… Spencer Dawkins at IETF
- Re: [OSPF] Stephen Farrell's No Objection on draf… Huaimo Chen
- Re: [OSPF] Stephen Farrell's No Objection on draf… Huaimo Chen