IETF Logo Mail Archive

Re: Secdir last call review of draft-ietf-rtgwg-net2cloud-problem-statement-36

Deb Cooley <debcooley1@gmail.com> Sat, 13 April 2024 13:30 UTC

Return-Path: <debcooley1@gmail.com>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F28B8C14F686; Sat, 13 Apr 2024 06:30:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.845
X-Spam-Level:
X-Spam-Status: No, score=-1.845 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rMe4bOW7i-2U; Sat, 13 Apr 2024 06:30:50 -0700 (PDT)
Received: from mail-il1-x134.google.com (mail-il1-x134.google.com [IPv6:2607:f8b0:4864:20::134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1233EC14F60E; Sat, 13 Apr 2024 06:30:50 -0700 (PDT)
Received: by mail-il1-x134.google.com with SMTP id e9e14a558f8ab-36a205e0f16so7095165ab.1; Sat, 13 Apr 2024 06:30:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1713015049; x=1713619849; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=lbnbhVupIYm+lspEF1FyQ9oGvz+WH47sCJ3QbuQGG4Q=; b=eTEy9CMElFvAJ1qcHmwUqzIlvX21xX+sF5Ma7Kdt1Qljp7m3WHW+Ac/1Ws9W+v7jbI hEWYRwuDk2bvA21QgAr8qhAMTFnKdTTu2Qpp57HoJYQ89jsvt7MUIG8NKzUKPChlnMEi j1yOscBAMhJTU9eaWvBwbUOmqTq9Dg4sDPv6SNpA5e6LG30HiEVZdpAvQS23u310aBfu f1xrzJtJjIRoEBLNqDrIz+caw+6vGYDS722SFkmByKt7jZna83YAFk9PqpYfXJFq2AyF N0j5NgEy8WwrQH2ySaWXtpnNjBGMZ+TivbGcMUo2SM7Kn/W8qbkpPtod/5/VFJRGXhIC sRLw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713015049; x=1713619849; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=lbnbhVupIYm+lspEF1FyQ9oGvz+WH47sCJ3QbuQGG4Q=; b=RQFQuWGoAhQHI9B5UZraILCFEMr0oK5HvonwTwCxKXEb3GT2aG7SSTCjRDisAISCXW CXEjQsmdrVz+178c2yjTdK81tLUxN3n3dTE0MnDVzRgEGuHGFZxZVlAU8L8UzHT9C5K5 75aTTHHNaAutO9J76QnndWZY3Iq6fe3SADnm+yiyFwSfsLsODUNQ8JnMdKgPXWCrTLKR Wwz0evVVk2aw9MFSRX1RvHErNYyh86dGx2yXO+QM7DJiVZCJuu/hJnhMXyBYCNq4L7pn 4oaul7s1aqxJEJNxg9FG2hiAWY5XmXZq/5Uoxlg9Qb7kS8Jiz2FAH5+bwVOFYtaiqtDl sldQ==
X-Forwarded-Encrypted: i=1; AJvYcCVMXLGDxiiqUfZG+UdorGB463dMbcj24t1EJQskxRhollHJj8b4Xe/4vNgzcULGIEeRUA1UBJ2UtrXElZERDHf7jdZ5b84ogqvJerXgE/bSWK5ANO8nljiF0Y0IhEPu702Shm6eGE8u78vtsEJVkVqgK7uzWk4JA0JD
X-Gm-Message-State: AOJu0YyN7pHBHzFTPOlHhu3khrCdir+7yWMFpeFQ3LE74kiogr1kZRWb 7FDIlgkwu0O2g9oDPp1H20eyOYX1fsCJVEPew6bJTUTF2JlcmoiyRmitqhqSiH371ZVdMfyOVJ1 ZOuIl6JeN53sUllSkBEpxvut5sn5u
X-Google-Smtp-Source: AGHT+IE6MEl3MabRm2+ufZY0m3P+hScX9KL+4wBaHfDgy0Uc662LAW5hbuxi7FK3wzpo027dq/iXRSHeSzU/ywd9zR8=
X-Received: by 2002:a92:c244:0:b0:368:bf64:24a4 with SMTP id k4-20020a92c244000000b00368bf6424a4mr7108413ilo.5.1713015049175; Sat, 13 Apr 2024 06:30:49 -0700 (PDT)
MIME-Version: 1.0
References: <170929516566.22050.4912794500698236384@ietfa.amsl.com> <CO1PR13MB49202C23241E301DB62DEE9085222@CO1PR13MB4920.namprd13.prod.outlook.com> <CAGgd1Of_3KuOpg4G9Pf0N4Qm-g+a0ymrVUV36Q0RY93gc-9Tfg@mail.gmail.com> <CAGgd1Oev+UPzLCpf+m+sKUt55KoDXX89gxfhdzqi057Avr51sA@mail.gmail.com> <PH0PR13MB4922280EFDD4CAAB0E2299D285062@PH0PR13MB4922.namprd13.prod.outlook.com> <CAGgd1OdDSS6VpEpikOKyxfm+w7f5r6=0Y=C_6eDj_pW7CCmz9g@mail.gmail.com> <PH0PR13MB4922BB9844C5D95E5001B14A85052@PH0PR13MB4922.namprd13.prod.outlook.com> <CAGgd1OdRaM=pLa4Bho=UkaH9tvjmo5RbPQK8kYGgkQVHdroZCA@mail.gmail.com> <CO1PR13MB49205D20604FA9898B09B00285042@CO1PR13MB4920.namprd13.prod.outlook.com>
In-Reply-To: <CO1PR13MB49205D20604FA9898B09B00285042@CO1PR13MB4920.namprd13.prod.outlook.com>
From: Deb Cooley <debcooley1@gmail.com>
Date: Sat, 13 Apr 2024 09:30:26 -0400
Message-ID: <CAGgd1OdmJ-LFW4nKJAFXyu5SzviBN7Wb7Ac_NR=m+cMJPriMiA@mail.gmail.com>
Subject: Re: Secdir last call review of draft-ietf-rtgwg-net2cloud-problem-statement-36
To: Linda Dunbar <linda.dunbar@futurewei.com>
Cc: "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org" <draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000804c440615fa6524"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/3sZDoTGH4pGQ7Y43pVayK0jNF30>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Apr 2024 13:30:54 -0000

That would be fine.

Deb

On Fri, Apr 12, 2024 at 10:09 AM Linda Dunbar <linda.dunbar@futurewei.com>
wrote:

> Deb,
>
>
>
> Thank you for catching the typo.
>
>
>
> Would the following sentence of Section 7 address your comment?
>
>
>
> *“A full security evaluation will be needed before [MULTI-SEG-SDWAN] and
> [SDWAN-EDGE-DISCOVERY] can be recommended as a solution to some problems
> described in this document.”*
>
>
>
> We are in the process of revising the SDWAN-EDGE-DISCOVERY draft based on
> the IETF119 discussion. Will update later this month.
>
> Linda
>
>
>
> *From:* Deb Cooley <debcooley1@gmail.com>
> *Sent:* Thursday, April 11, 2024 5:45 PM
> *To:* Linda Dunbar <linda.dunbar@futurewei.com>
> *Cc:* secdir@ietf.org;
> draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org; rtgwg@ietf.org
> *Subject:* Re: Secdir last call review of
> draft-ietf-rtgwg-net2cloud-problem-statement-36
>
>
>
> Remaining comment and one nit:
>
>
>
> Section 5.1, paragraph 3:  The draft referenced here is expired and the
> security of the methods would have to be reviewed.  (that is listed in
> Section 7)
>
>
> The expired draft has been replaced with another draft.  The security of
> the methods would have to be reviewed.  Please list that in Section 7.
>
>
>
> Section 7, second to last bullet:  typo:  There is a single quotation mark
> at the end of the paragraph.
>
>
>
> Deb
>
>
>
>
>
> On Thu, Apr 11, 2024 at 6:08 PM Linda Dunbar <linda.dunbar@futurewei.com>
> wrote:
>
> Deb,
>
>
>
> Thank you. The -38 has been uploaded.
>
>
> https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem-statement/
>
>
>
> Linda
>
>
>
> *From:* Deb Cooley <debcooley1@gmail.com>
> *Sent:* Thursday, April 11, 2024 5:53 AM
> *To:* Linda Dunbar <linda.dunbar@futurewei.com>
> *Cc:* secdir@ietf.org;
> draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org; rtgwg@ietf.org
> *Subject:* Re: Secdir last call review of
> draft-ietf-rtgwg-net2cloud-problem-statement-36
>
>
>
> perfect,  I'll take a look at -38 when it gets published.
>
>
>
> Deb
>
>
>
> On Wed, Apr 10, 2024 at 10:58 AM Linda Dunbar <linda.dunbar@futurewei.com>
> wrote:
>
> Deb,
>
>
>
> Thank you very much for the additional comments and the suggested wording.
>
> They are reflected in the revision -38.
>
>
>
> Linda
>
>
>
> -----Original Message-----
> From: Deb Cooley <debcooley1@gmail.com>
> Sent: Monday, March 18, 2024 8:24 AM
> To: Linda Dunbar <linda.dunbar@futurewei.com>
> Cc: secdir@ietf.org;
> draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org; rtgwg@ietf.org
> Subject: Re: Secdir last call review of
> draft-ietf-rtgwg-net2cloud-problem-statement-36
>
>
>
> Here is my review update for
>
> draft-ietf-rtgwg-net2cloud-problem-statement-37:
>
>
>
> I will update my review in the datatracker.
>
>
>
> original comments (in black), updates (in blue)
>
>
>
> 1.  Section 5.1, paragraph 2:  Certainly the principles and assumptions of
> RFC 4535* would apply to any group key management situation (note the word
> change from 'group encryption' to 'group key management').  The specific
> protocol addressed by that RFC isn't being used here (even though they
> mention ISAKMP). How about something like this:
>
>
>
> "The group key management protocol documented in [RFC4535] outlines the
> relevant security risks for any group key management system in Section 3
> (Security Considerations).  While this particular protocol isn't being
> suggested, the drawbacks and risks of group key management are still
> relevant."
>
>
>
> done.
>
> [Linda] Thank you for the suggestion. They are changed in -38.
>
>
>
> 2.  Section 5.1, paragraph 3:  The draft referenced here is expired and
> the security of the methods would have to be reviewed.  (that is listed in
> Section 7)
>
>
>
> The expired draft has been replaced with another draft.  The security of
> the methods would have to be reviewed.  Please list that in Section 7.
>
> [Linda] The referenced draft has been uploaded.
>
>
>
> 3.  Section 5.2:  The draft referenced in this section is (currently) an
> individual draft, and again the security of the methods would have to be
> reviewed. (I see that WG adoption has been requested, and the draft is
> listed in Section 7).
>
>
>
> This is just a note to the WG - no action required as long as the WG
> agrees.
>
> [Linda] the WG chair said they will start the WG adoption soon.
>
>
>
>

v2.23.0 | Report a Bug | By Email