Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbridge-bfd-05.txt
Donald Eastlake <d3e3e3@gmail.com> Tue, 12 June 2012 01:46 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: rtg-dir@ietfa.amsl.com
Delivered-To: rtg-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D0DF21F84DF for <rtg-dir@ietfa.amsl.com>; Mon, 11 Jun 2012 18:46:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Level:
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lD7hPQXXUsG1 for <rtg-dir@ietfa.amsl.com>; Mon, 11 Jun 2012 18:46:04 -0700 (PDT)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 6B7A421F84D8 for <rtg-dir@ietf.org>; Mon, 11 Jun 2012 18:46:04 -0700 (PDT)
Received: by yhq56 with SMTP id 56so3612505yhq.31 for <rtg-dir@ietf.org>; Mon, 11 Jun 2012 18:46:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=SpxSC7a/kJnBaol5N2MRygVpQ3YO5mALVxlFAZI9XDE=; b=FFzUTEjOLlQ40JskiveKs3akDPMk8m78kioGbDeaOUlJiAMUtoVk+EDAJ7+HMARGfi iH/63VxqZ7uGqhAuPoW9gnaMuYd1QkvZTMShRgEz70bnq5Ap72ucORsAbxIRuiVAYSvc Yu7vpO2+qckljCKTnKhBQQItZqJLbsu/qxD4q1+qeAYGQspBxQke8mIBsfprBKmw7V1q UV//B5YCOTDJLCTf7tBc9LgaqTs/QVbdGtqGf03VTlgehwHnW3HOM0hkvVReMomXzfFQ ybU48f1DXdOD9ZjS2fS7Yoam+AkzvJf4ISvogki0eyG0TIuwNaaAuTSejd9yZztInPth xYUA==
Received: by 10.50.194.200 with SMTP id hy8mr7353421igc.58.1339465563797; Mon, 11 Jun 2012 18:46:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.16.227 with HTTP; Mon, 11 Jun 2012 18:45:43 -0700 (PDT)
In-Reply-To: <C0AC8FAB6849AB4FADACCC70A949E2F123BC311A31@EUSAACMS0701.eamcs.ericsson.se>
References: <6DB11511-5B76-49B3-824B-193824728011@juniper.net> <CAF4+nEHDK=4r_sy1cXM+v=J5ZAuPU3PmghySKC0nqKJ9PDE9kA@mail.gmail.com> <EBAB16DD-DFCF-4D43-B14F-531B857BB8F2@juniper.net> <C0AC8FAB6849AB4FADACCC70A949E2F123BC311A31@EUSAACMS0701.eamcs.ericsson.se>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Mon, 11 Jun 2012 21:45:43 -0400
Message-ID: <CAF4+nEHhzg5fw=o8oyGQ9kPUh0fdSdp9enjmF+B=G=x_M2vaFA@mail.gmail.com>
To: Eric Gray <eric.gray@ericsson.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: Vishwas Manral <vishwas.ietf@gmail.com>, "rtg-dir@ietf.org" <rtg-dir@ietf.org>, "John G. Scudder" <jgs@juniper.net>, "draft-ietf-trill-rbridge-bfd.all@tools.ietf.org" <draft-ietf-trill-rbridge-bfd.all@tools.ietf.org>, "rtg-ads@tools.ietf.org" <rtg-ads@tools.ietf.org>
Subject: Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbridge-bfd-05.txt
X-BeenThere: rtg-dir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Routing Area Directorate <rtg-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtg-dir>
List-Post: <mailto:rtg-dir@ietf.org>
List-Help: <mailto:rtg-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jun 2012 01:46:05 -0000
Hi Eri, Thanks for your comments. I agree that at least a reference to RFC 5881 should be added and probably some additional material on security considerations. I think you misunderstood my response to John Scudder where perhaps I did not express myself clearly enough. I was just trying to say that, as far as I can tell, the Security Directorate would not be concerned that the material currently in the Security Considerations is in that Section. I did not mean my comment to apply to any possible omission from the Security Considerations section. Thanks, Donald ============================= Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e3e3@gmail.com On Mon, Jun 11, 2012 at 9:15 PM, Eric Gray <eric.gray@ericsson.com> wrote: > Donald, > > I may regret weighing in on this, but I strongly agree with > John's comment on the Security Considerations section below. > > The Security Considerations section needs an introduction > that - at the very least - explains why the section only > addresses authentication. In fact, the section only talks > about what authentication is to be used, without providing > and indication of why. > > I personally doubt that the Security Directorate feels - > as you say - that this is not significant. The section > should describe the security concerns associated with the > protocol and/or encapsulations associated with this draft > - either directly, or by reference. > > At the moment the section does not do this, even by giving > a pointer to someplace else where some analysis has already > been done. > > And this is not difficult to fix. Minimally, the authors > can point to Security Considerations in RFC 5881 (which, > in turn, points to RFC 5880). > > RFC 5880, provides a very good analysis, IMO, and it makes > sense for this analysis to be re-used by reference in this > draft. > > -- > Eric > > -----Original Message----- > From: rtg-dir-bounces@ietf.org [mailto:rtg-dir-bounces@ietf.org] On Behalf Of John G. Scudder > Sent: Monday, June 11, 2012 5:03 PM > To: Donald Eastlake > Cc: Vishwas Manral; rtg-dir@ietf.org; draft-ietf-trill-rbridge-bfd.all@tools.ietf.org; rtg-ads@tools.ietf.org > Subject: Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbridge-bfd-05.txt > > Hi Donald, > > Comments below only where I had something to say other than "OK". You can take that as read otherwise. > > On Jun 11, 2012, at 4:48 PM, Donald Eastlake wrote: > ... >>> Minor Issues: > ... >>> 4. In two places text like the following appears: >>> >>> Is the M-bit in the TRILL Header non-zero? If so, discard the >>> frame. TRILL support of multi-destination BFD Echo is beyond the >>> scope of this document. >>> >>> If multi-destination doesn't make sense in the context of TRILL, it >>> is fine to exclude it by enforcing that the M-bit be zero. However, >>> I normally parse "beyond the scope of this document" to mean >>> something like "we may do it in the future but haven't worked it out >>> yet". By forcing the M-bit to be zero, you're placing >>> multi-destination *in* scope, inasmuch as you are actively >>> forbidding it from being supported. >>> >>> Presumably the sentence about "beyond the scope" was meant to >>> justify this decision. Perhaps the comment about "scope" should be >>> dropped and a different justifying sentence used. (Or the sentence >>> omitted altogether.) >> >> Multi-destination makes sense for TRILL. It is just not yet >> standardized, as far as I know, for BFD. Perhaps the "beyond the >> scope" verbage should be removed and a note added somewhere such as >> "(Multi-destination BFD is a work in progress [...].)" > > By requiring the M-bit to be zero you effectively preclude the later introduction of multi-destination, do you not? > >>> 5. Presumably the Security Area reviewer may raise this, but the >>> Security Considerations section seems to be misused. My >>> understanding (confirmed by referring to RFC 3552 Section 5) is that >>> the Security Considerations section is intended to be an analysis of >>> issues that arise from the operation of the protocol defined in the >>> rest of the document, including but not limited to the security >>> features of that protocol. >>> >>> This document's Security Considerations section instead specifies >>> how authentication is to be done, though it doesn't provide an >>> analysis of it or of any broader issues. I presume the section >>> should be retitled (e.g., to "Authentication") and a proper Security >>> Considerations section added. >>> >>> (This would probably be a "major issue" if I were the Security Area >>> reviewer, but I'm not.) >> >> As far as I can tell (and I'm a member of the Security Directorate), >> the Security Area considers this a non-issue. However, I've got no >> problem with moving this material to a new "Default Authentication" >> section or the like. > > OK. > > (As an aside, if the Security Directorate considers this a non-issue, maybe it's time to revise RFC 3552? I say this as an occasional author of Security Considerations sections and not with regard to your draft.) > > --John
- [RTG-DIR] RtgDir review: draft-ietf-trill-rbridge… John G. Scudder
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… Donald Eastlake
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… John G. Scudder
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… Eric Gray
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… Donald Eastlake
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… John G. Scudder
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… John G. Scudder
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… Donald Eastlake