[secdir] sec-dir review of draft-ietf-i2nsf-problem-and-use-cases-12
Derek Atkins <derek@ihtfp.com> Wed, 26 April 2017 05:16 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C78D120046; Tue, 25 Apr 2017 22:16:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.99
X-Spam-Level:
X-Spam-Status: No, score=-1.99 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IzfVO4ZAgDKK; Tue, 25 Apr 2017 22:16:35 -0700 (PDT)
Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:470:e448:1::3a11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 265BC127071; Tue, 25 Apr 2017 22:16:35 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id C648BE2038; Wed, 26 Apr 2017 01:16:33 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 32758-02; Wed, 26 Apr 2017 01:16:31 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [12.104.140.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id D325BE2035; Wed, 26 Apr 2017 01:16:30 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1493183791; bh=jXJNgQEoiv/522aFS9JcgrmVL5n4iLVxZlr5XlhVS5s=; h=From:To:Cc:Subject:Date; b=EyLl2sBsPLS4Ngi+phgxhivljtOVZ1Qc9xc7Fq0j8x7cReUcSsdbiIXuqW4S9Ob+B akB6RaQ0NTxpBkx3OMEDnouQgU5rSPqknYnm4+vUU5VKGxnnkdCwoaTHZukJLqMoiR 2HTOVeWTHE33ScYGnokDVeJtzo6b+u//+XHgghuI=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.14.8/Submit) id v3PHYV20015181; Tue, 25 Apr 2017 13:34:31 -0400
From: Derek Atkins <derek@ihtfp.com>
To: iesg@ietf.org, secdir@ietf.org
Cc: i2nsf-chairs@ietf.org, pauljeong@skku.edu, rkkumar@juniper.net, Christian.jacquenet@orange.com, myo@varmour.com, diego.r.lopez@telefonica.com, shares@ndzh.com
Date: Tue, 25 Apr 2017 13:34:25 -0400
Message-ID: <sjmpog04cim.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/0fXZHbQFseyh_NImuVFT18IQ3Js>
Subject: [secdir] sec-dir review of draft-ietf-i2nsf-problem-and-use-cases-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2017 05:16:36 -0000
Hi,
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written with the intent of improving
security requirements and considerations in IETF drafts. Comments
not addressed in last call may be included in AD reviews during the
IESG review. Document editors and WG chairs should treat these
comments just like any other last call comments.
Summary:
Ready to publish with small edits.
Details:
This document doesn't specify any protocols.
There appears to be a missing word in the end of the Security
Considerations section which says:
It is important to proper AAA [RFC2904] to authorize access to the
network and access to the I2NSF management stream.
I'm not sure if this is missing "proper AAA [something] [RFC2904] to
authorize" or if there is a different phrasing. I'm not sure what is
trying to be said about AAA, but this sentence is clearly missing an
article (as "proper AAA" by itself is not a noun").
-derek
--
Derek Atkins 617-623-3745
derek@ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
- [secdir] sec-dir review of draft-ietf-i2nsf-probl… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-i2nsf-p… Susan Hares