[secdir] SECDIR review of draft-ietf-6man-ipv6-address-generation-privacy-07

Donald Eastlake <d3e3e3@gmail.com> Sat, 01 August 2015 15:47 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F190C1A8972; Sat, 1 Aug 2015 08:47:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N0ycz4f9PcTv; Sat, 1 Aug 2015 08:47:31 -0700 (PDT)
Received: from mail-ob0-x235.google.com (mail-ob0-x235.google.com [IPv6:2607:f8b0:4003:c01::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A9D71A897B; Sat, 1 Aug 2015 08:47:31 -0700 (PDT)
Received: by obbop1 with SMTP id op1so73353180obb.2; Sat, 01 Aug 2015 08:47:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:cc:content-type; bh=O65XiwjIU6/4H3iwBlBdIBwAzykteJrmI356QtIFj7s=; b=L7tlL45EwZyf4NJjkjYFQD93z55XKjgi+cRZkGsy25QAajiMMwuOjMKb3lPxHPie1/ rvbWdcoSUulfGKTT+R0fzs5zLNdgaLzRa0HFBbfwZRjZeCW/QEoseCS5VJS0WLNvPps4 ekLj92mQpywebcs+p0tEWNBewElikKWxUHrIkA5lA5AtVenGJQbtjcAInV1J6w9Shz+o fsK+nw+LCKpnK7yd3P9CLL0QqgXkQOpGjRUCf0JVKG/57ZH3+EpKF8nXf0XQz/WQ5nFs VV9VY3BskijO03wfSPGDLZgVUr+fyiO6IMRSo8Cs5B5QMP52BscBW5rqjM1nUcYGmFPd rCnA==
X-Received: by 10.182.5.102 with SMTP id r6mr8871991obr.68.1438444051020; Sat, 01 Aug 2015 08:47:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.76.91.1 with HTTP; Sat, 1 Aug 2015 08:47:15 -0700 (PDT)
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Sat, 1 Aug 2015 11:47:15 -0400
Message-ID: <CAF4+nEEAwUrM-osyKzMpqMYeHmx1OPJ=+ZB+dFAJ=tT=vCxiTw@mail.gmail.com>
To: "iesg@ietf.org" <iesg@ietf.org>, draft-ietf-6man-ipv6-address-generation-privacy.all@tools.ietf.org
Content-Type: multipart/alternative; boundary=001a1134a940b0c214051c41daa3
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/3FOhDCfKPaChmQPvFbxJdjAKOYw>
Cc: "secdir@ietf.org" <secdir@ietf.org>
Subject: [secdir] SECDIR review of draft-ietf-6man-ipv6-address-generation-privacy-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Aug 2015 15:47:33 -0000

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  Document
editors and WG chairs should treat these comments just like any other last
call comments.

This draft is ready with nits. It provides a survey of the privacy and
security considerations of a variety of IPv6 address generation mechanisms.
As far as I can tell, it does a thorough job and is a useful document. I
have the following minor comments:

Section 1: Although references and lengthier names are given for all the
other categories of configuration method, the "Manual configuration" method
section is notable for the brevity of its entries and lack of any
references whatsoever. I don't have the faintest idea what "Wordy" is and a
couple of the others convey to me only a vague idea of what is being listed.

Section 2: What does "DHT" stand for? Given that it occurs exactly once in
this document, perhaps it should be spelled out.

Section 3.3: It might also be useful to mention that the group-addressed
bit in the upper 24-bits of a 48 bit MAC will be zero and the global/local
bit will probably be zero also. It would be good to add a reference to RFC
7042.

Section 4, Table 1: Given that there seems to be plenty of space, I would
recommend spelling out "CGA" in the Mechanism column. Also, I see no reason
for the "(s)" on the end of "Mechanism" in the column header.

Section 4.2: "low byte", which occurs here as well as in Section 1, could
use a couple of sentences of explanation.

Section 4.3: The first sentence reads very oddly. Suggest replacing "it"
with "such a mechanism".

Section 5.2: Maybe it is just me but it sounds quite odd to come across a
"This document recommends" exactly once here almost at the end of this
Informational document. It is certainly a reasonable recommendation but
there are a number of previous points in the document where some mechanisms
seems so much better, from the privacy and security point of view, than
others that a recommendation would be equally justified. So I suggest
changing "This document recommends that compliance testing suites be ..."
to "Such compliance testing suites should be ...". (I realize that means
about the same thing but somehow it bothers me a lot less.) Alternatively,
state in the introduction that recommendations are provided and review the
document and add appropriate recommendation language in favor of superior
mechanisms.

Thanks,
Donald
=============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 155 Beaver Street, Milford, MA 01757 USA
 d3e3e3@gmail.com