Re: [secdir] SECDIR review of draft-ietf-eman-energy-aware-mib-15
Stephen Kent <kent@bbn.com> Thu, 26 June 2014 16:58 UTC
Return-Path: <kent@bbn.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 15EC11B2C13 for <secdir@ietfa.amsl.com>; Thu, 26 Jun 2014 09:58:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.852
X-Spam-Level:
X-Spam-Status: No, score=-4.852 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b7lAoXkPpCZn for <secdir@ietfa.amsl.com>; Thu, 26 Jun 2014 09:58:26 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B66491B2EF6 for <secdir@ietf.org>; Thu, 26 Jun 2014 09:44:09 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:55436 helo=COMSEC.local) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1X0CmK-0006vf-K7; Thu, 26 Jun 2014 12:44:05 -0400
Message-ID: <53AC4DD0.8090100@bbn.com>
Date: Thu, 26 Jun 2014 12:44:00 -0400
From: Stephen Kent <kent@bbn.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: secdir <secdir@ietf.org>, bclaise@cisco.com, jparello@cisco.com, moulchan@cisco.com, n.brownlee@auckland.ac.nz, tnadeau@lucidvision.com, joel jaeggli <joelja@bogus.com>
References: <53A99DB2.5050707@bbn.com> <20140624204718.GB19710@elstar.local>
In-Reply-To: <20140624204718.GB19710@elstar.local>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/2tCZxQX1Nz3NPEvju6kTLSEcC94
Subject: Re: [secdir] SECDIR review of draft-ietf-eman-energy-aware-mib-15
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jun 2014 16:58:28 -0000
Juergen, I read the boilerplate you cited. The comment re IPsec is misleading, for the reasons I noted in my review. This is the first MIB I-D I've reviewed. I would have pointed out the problems with that text earlier had I reviewed a MIB earlier :-). With the publication of RFC 7258 as a BCP its seems appropriate to revisit the boilerplate when discussing confidentiality and use of encryption. Hence my suggestion that use of encryption be RECOMMENDED. Since the subject of this MIB is energy management, I think that my comments about the potential adverse impacts of security lapses for these MIBs are relevant. This is outside the generic context for which the boilerplate was developed. Finally, the boilerplate does not seem to use the same language as the text at the end of the SC, e.g., I don't see the word "consider" in the boilerplate. The mix of advice dealing with implementation vs. deployment still strikes me as confusing, as written. I think the boilerplate text is better in this respect, and should be used as a starting point for the last part of the SC in this I-D (tailored as needed). Steve
- [secdir] SECDIR review of draft-ietf-eman-energy-… Stephen Kent
- Re: [secdir] SECDIR review of draft-ietf-eman-ene… Juergen Schoenwaelder
- Re: [secdir] SECDIR review of draft-ietf-eman-ene… Stephen Kent
- Re: [secdir] SECDIR review of draft-ietf-eman-ene… Benoit Claise
- Re: [secdir] SECDIR review of draft-ietf-eman-ene… Benoit Claise