Re: [radext] Stephen Farrell's Discuss on draft-ietf-radext-ip-port-radius-ext-11: (with DISCUSS and COMMENT)
<mohamed.boucadair@orange.com> Wed, 05 October 2016 11:25 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CD14129685; Wed, 5 Oct 2016 04:25:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.596
X-Spam-Level:
X-Spam-Status: No, score=-5.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-2.996, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hyZ6Oefy8aAb; Wed, 5 Oct 2016 04:25:50 -0700 (PDT)
Received: from relais-inet.orange.com (relais-nor35.orange.com [80.12.70.35]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D6DE127A90; Wed, 5 Oct 2016 04:25:50 -0700 (PDT)
Received: from opfednr00.francetelecom.fr (unknown [xx.xx.xx.64]) by opfednr20.francetelecom.fr (ESMTP service) with ESMTP id 057D5411C9; Wed, 5 Oct 2016 13:25:48 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.43]) by opfednr00.francetelecom.fr (ESMTP service) with ESMTP id BC1161A006D; Wed, 5 Oct 2016 13:25:47 +0200 (CEST)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM5F.corporate.adroot.infra.ftgroup ([fe80::e172:f13e:8be6:71cc%18]) with mapi id 14.03.0319.002; Wed, 5 Oct 2016 13:25:46 +0200
From: mohamed.boucadair@orange.com
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, The IESG <iesg@ietf.org>
Thread-Topic: Stephen Farrell's Discuss on draft-ietf-radext-ip-port-radius-ext-11: (with DISCUSS and COMMENT)
Thread-Index: AQHSDtsyHAbKMeVj7k+ngymyWawxIaCZvAeA
Date: Wed, 05 Oct 2016 11:25:45 +0000
Message-ID: <3a8a57ec-72b8-460d-8de7-479a2b97e1af@OPEXCLILM5F.corporate.adroot.infra.ftgroup>
References: <147389377247.29884.8510043117785245776.idtracker@ietfa.amsl.com>
In-Reply-To: <147389377247.29884.8510043117785245776.idtracker@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.1]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/KqyXkPCQpML351up0_99Nf9l3ME>
Cc: "draft-ietf-radext-ip-port-radius-ext@ietf.org" <draft-ietf-radext-ip-port-radius-ext@ietf.org>, MORAND Lionel IMT/OLN <lionel.morand@orange.com>, "radext-chairs@ietf.org" <radext-chairs@ietf.org>, "radext@ietf.org" <radext@ietf.org>
Subject: Re: [radext] Stephen Farrell's Discuss on draft-ietf-radext-ip-port-radius-ext-11: (with DISCUSS and COMMENT)
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Oct 2016 11:25:52 -0000
Dear Stephen, Please see inline. Cheers, Med > -----Message d'origine----- > De : Stephen Farrell [mailto:stephen.farrell@cs.tcd.ie] > Envoyé : jeudi 15 septembre 2016 00:56 > À : The IESG > Cc : draft-ietf-radext-ip-port-radius-ext@ietf.org; radext@ietf.org; > radext-chairs@ietf.org; MORAND Lionel IMT/OLN; radext@ietf.org > Objet : Stephen Farrell's Discuss on draft-ietf-radext-ip-port-radius-ext- > 11: (with DISCUSS and COMMENT) > > Stephen Farrell has entered the following ballot position for > draft-ietf-radext-ip-port-radius-ext-11: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-radext-ip-port-radius-ext/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > > Sorry for not spotting this in other documents, but do we > understand the privacy characteristics of this ICMP > identifier? It may well be that the resolution of this > discuss requires some other document to exist (in which > case I'll get out of the way of this one) but I think we > ought be quite cautious in how we introduce new functions > for identifiers that may be personally identifying, so I'd > like to chat about this a bit. Did the WG discuss the > privacy issues associated with this identifier? > [Med] As a side effect of processing other comments, we don't have any more such identifier in the new revision of the draft. The point raised in this DISCUSS is not valid anymore. > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > > - write-up: Yeah, major yuks to leaving design decisions > to IANA. While the folks there are quite capable, they > are not able to make IETF consensus decisions. If the WG > aren't sure, ask IANA personnel (or someone) and then > verify that that outcome garners rough consensus back in > the WG or using other IETF processes. So Alissa's discuss > point#4 is entirely, completely and fully correct and > a showstopper really. > > - I also agree with the issue called out in Joel's comment > about mission creep and how this overlaps with PCP. Did > the WG consider whether or not it is a good idea for the > IETF to define multiple ways in which some of these > features can be added? If so, what is the justification > for there being more than one? (Is that somewhere in the > WG list archive? If not, it ought be.) It may well be that > having a RADIUS mechanism for this is also a good plan, > but I think that ought be justified. > [Med] Will skip those as those are discussed in other threads. > - 4.1.4: using port 80 as an example is very 1990's. Would > it not be better to be more up to date? That's not just a > facetious point - web cameras being left open to the > Internet are a major swamp for botnet gestation. Better to > use a more desirable example really. > > - The secdir review [1] also noted a bunch of issues that > as far as I can see received no response so far, but that > do deserve a response. (Apologies if I missed a response.) > > [1] https://www.ietf.org/mail-archive/web/secdir/current/msg06736.html > [Med] A reply is available now at: https://www.ietf.org/mail-archive/web/secdir/current/msg06846.html
- [radext] Stephen Farrell's Discuss on draft-ietf-… Stephen Farrell
- Re: [radext] Stephen Farrell's Discuss on draft-i… mohamed.boucadair