Re: [OSPF] Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
Huaimo Chen <huaimo.chen@huawei.com> Thu, 05 January 2017 16:06 UTC
Return-Path: <huaimo.chen@huawei.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3ABBC129551; Thu, 5 Jan 2017 08:06:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.32
X-Spam-Level:
X-Spam-Status: No, score=-7.32 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jz9aBWHOy2Qw; Thu, 5 Jan 2017 08:06:39 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BD241293F5; Thu, 5 Jan 2017 08:06:37 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml704-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CYH47761; Thu, 05 Jan 2017 16:06:35 +0000 (GMT)
Received: from DFWEML701-CAH.china.huawei.com (10.193.5.175) by lhreml704-cah.china.huawei.com (10.201.5.130) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 5 Jan 2017 16:06:34 +0000
Received: from DFWEML501-MBB.china.huawei.com ([10.193.5.179]) by dfweml701-cah.china.huawei.com ([10.193.5.175]) with mapi id 14.03.0301.000; Thu, 5 Jan 2017 08:06:26 -0800
From: Huaimo Chen <huaimo.chen@huawei.com>
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
Thread-Index: AQHSZ15+22jPcqbBEkKL5b8ixlmjHKEqeZ0A//+Sa9A=
Date: Thu, 05 Jan 2017 16:06:26 +0000
Message-ID: <5316A0AB3C851246A7CA5758973207D44F799023@dfweml501-mbb>
References: <148362581683.20611.16224230586723841663.idtracker@ietfa.amsl.com> <CAKKJt-e64BGU9oHv2MbhxppK5iOvMVgdZfiq-eC2Ch+O=Vd4uw@mail.gmail.com>
In-Reply-To: <CAKKJt-e64BGU9oHv2MbhxppK5iOvMVgdZfiq-eC2Ch+O=Vd4uw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.212.245.168]
Content-Type: multipart/alternative; boundary="_000_5316A0AB3C851246A7CA5758973207D44F799023dfweml501mbb_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A0B0202.586E6F0B.01C4, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 9ea0802c09b8b13e64380890a9359ea2
Archived-At: <https://mailarchive.ietf.org/arch/msg/ospf/x8covvAGWhMRL3846RKzGIWWCSM>
Cc: "ospf@ietf.org" <ospf@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-ospf-ttz@ietf.org" <draft-ietf-ospf-ttz@ietf.org>, "ospf-chairs@ietf.org" <ospf-chairs@ietf.org>
Subject: Re: [OSPF] Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2017 16:06:41 -0000
Hi Spencer,
Thanks much for your comments/suggestions.
We will consider them together.
Best Regards,
Huaimo
From: Spencer Dawkins at IETF [mailto:spencerdawkins.ietf@gmail.com]
Sent: Thursday, January 05, 2017 9:37 AM
To: Stephen Farrell
Cc: iesg@ietf.org; draft-ietf-ospf-ttz@ietf.org; ospf-chairs@ietf.org; ospf@ietf.org; padma.ietf@gmail.com
Subject: Re: Stephen Farrell's No Objection on draft-ietf-ospf-ttz-05: (with COMMENT)
Make Stephen happy, but ...
On Jan 5, 2017 08:17, "Stephen Farrell" <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>> wrote:
Stephen Farrell has entered the following ballot position for
draft-ietf-ospf-ttz-05: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-ospf-ttz/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
- section 13: I don't agree that there are no new
security considerations, and in fact you seem to raise
one so I'd suggest dropping the "nothing to see here"
pseudo-boilerplate;-)
- section 13: If a router inside a TTZ is borked, then
mechanisms that detect borked routers won't work as
well from outside the TTZ I guess (e.g. they might
identify the wrong router as the borked one). And
contrary-wise, hiding topology may help in that it may
make it harder for an attacker to find a desirable
target. Did anyone think about this? (This is not a
discuss only because I'm not familiar enough with ospf
but I bet a beer that hiding topology will create more
new security issues that are not described here;-)
I think the changes we discussed on my comments to make it clearer what TTZ looks like to anything outside the TTZ will help, at least a bit, for SEC types to understand security threats. Maybe it's worth remembering Stephen's comments when you're adding context early in the document?
Thanks,
Spencer
- 8.1: Did I miss where "Z flag" was described?
- nit: six authors again, plus 2 contributors plus 4
"other authors." I really don't get why it's not
possible to reduce to 5 in cases like this.
- [OSPF] Stephen Farrell's No Objection on draft-ie… Stephen Farrell
- Re: [OSPF] Stephen Farrell's No Objection on draf… Spencer Dawkins at IETF
- Re: [OSPF] Stephen Farrell's No Objection on draf… Huaimo Chen
- Re: [OSPF] Stephen Farrell's No Objection on draf… Huaimo Chen