Re: [secdir] secdir review of draft-ietf-dime-rfc4006bis-07
Yuval Lifshitz <yuvalif@yahoo.com> Wed, 11 April 2018 05:29 UTC
Return-Path: <yuvalif@yahoo.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05BBB12D87A for <secdir@ietfa.amsl.com>; Tue, 10 Apr 2018 22:29:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.599
X-Spam-Level:
X-Spam-Status: No, score=-0.599 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6902CrjxkxNG for <secdir@ietfa.amsl.com>; Tue, 10 Apr 2018 22:29:29 -0700 (PDT)
Received: from sonic315-15.consmr.mail.bf2.yahoo.com (sonic315-15.consmr.mail.bf2.yahoo.com [74.6.134.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F172C1241FC for <secdir@ietf.org>; Tue, 10 Apr 2018 22:29:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1523424568; bh=ffKfFzSoRxqZn/RBOzhjFoN34z9e8Pu8EAjJQZXmlq0=; h=Date:From:To:In-Reply-To:References:Subject:From:Subject; b=o0Q1ttK8Y+hvyuW85JfvzJRetMbmqPwnQCKy9CEpV7KozHDJr/hnFXiB1JK+Dj2vkNXia4F7tmXEcLAID9XnD/27YoZSsXBfeKy15SrdEegrvfSCWzJdgyrg5H3EOULEYMDIgaU8xmVE690tRW/DE+9ihlY2fFTd323ojsK/vhVZQGrLrAVrO1mAvTu0dmWQ42rkNj8r2UCO+eq0PRZ+JrrXlpcGGTpTy2VlbAumNT8y5UDKFwl978NrkQC7+qqpMZQE8SuhQuvqEWc5Lla17BEYF118C2/GQpffG75FywVpWKIBL9mJvvLMD71rpkY6BL/DcMb1epVAsV/wjb2CrA==
X-YMail-OSG: xv_H8bcVM1nnFPjrgirLYYvBPQy_hMKw5rCfw.3RayfgvFlRTE3RmrnqarGEXxA 9aWzqjeQ5mvjHZShj2FNhNs03i8g1_CcGCngFzOhsYCfe3Lz5s9zvuMQ1GG4RH8kQsJZYzAcxZyZ GKD2dGX0UpvBcqrSDmt9i_beIpK2uZs2oaa88PqQp7AuHaDf6abFCbaPKSKs8UlSZlE.H3IUSMPh exycHA8WJ7qvyOq8q1OQt3v7anrXRl7BEHFg0z1V38.B7USF2CD6TlSoubwlUW9VuU5MaAJMenSS 4ogu7Ha4LRb.QK4KDHV6Birm0XwaBD08BIW.WtWxPbrcrfbdN5HjmV11EXpwLTcvA1QZV_9UkxT2 fZmZvxKm9aHBiRMQ0v_hFWiVWg37hS55OqffYfLtpBe1IMnvKlLAcN7FjVirtrprA809tUeQuWtw 5vQtOJZrWDtAeCHlcEmubxZaAOM27xdC37hGgjpHWuo9xgWl3Azc3GLS5pZQFkxyaaFUMZcBvg1s tZBv.BcbnqjsfMNxRXk.vNLM-
Received: from sonic.gate.mail.ne1.yahoo.com by sonic315.consmr.mail.bf2.yahoo.com with HTTP; Wed, 11 Apr 2018 05:29:28 +0000
Date: Wed, 11 Apr 2018 05:29:24 +0000
From: Yuval Lifshitz <yuvalif@yahoo.com>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-dime-rfc4006bis.all@ietf.org, David Mandelberg <david+work@mandelberg.org>
Message-ID: <1688903973.1637579.1523424564269@mail.yahoo.com>
In-Reply-To: <cc39fd8b-2d5f-fe13-c686-15d69a6c1d54@mandelberg.org>
References: <cc39fd8b-2d5f-fe13-c686-15d69a6c1d54@mandelberg.org>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_1637578_84829322.1523424564267"
X-Mailer: WebService/1.1.11745 YMailNorrin Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/0-YVr_xfqi4j0b8ORQhtZk7HSfQ>
Subject: Re: [secdir] secdir review of draft-ietf-dime-rfc4006bis-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2018 05:29:31 -0000
Hi David, * The term AVP is well known for anyone implementing a Diameter spec. It is also defined in the base spec (https://tools.ietf.org/html/rfc6733#section-1.2).* IMO, one second of inaccuracy is not considered overcharge or revenue leakage in time based service Yuval On Wednesday, April 11, 2018, 7:16:15 a.m. GMT+3, David Mandelberg <david+work@mandelberg.org> wrote: I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready with nits. (nit) The term AVP is used extensively, and I don't see a definition. Would its definition be obvious to anybody implementing this spec? I'm assuming it means attribute-value pair. (nit, section 5.1.1) "For time based services, the quota is continuously consumed at the regular rate of 60 seconds per minute." Are leap seconds a problem? -- Freelance cyber security consultant, software developer, and more https://david.mandelberg.org/
- [secdir] secdir review of draft-ietf-dime-rfc4006… David Mandelberg
- Re: [secdir] secdir review of draft-ietf-dime-rfc… Yuval Lifshitz
- Re: [secdir] secdir review of draft-ietf-dime-rfc… Ben Campbell