[secdir] Security directorate review of draft-ietf-opsawg-ipfix-fixes-09
Hilarie Orman <hilarie@purplestreak.com> Mon, 20 May 2024 04:48 UTC
Return-Path: <hilarie@purplestreak.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E162EC14F5F4; Sun, 19 May 2024 21:48:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ildFKvfhl1Az; Sun, 19 May 2024 21:48:49 -0700 (PDT)
Received: from out01.mta.xmission.com (out01.mta.xmission.com [166.70.13.231]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75389C14F5EA; Sun, 19 May 2024 21:48:49 -0700 (PDT)
Received: from mx02.mta.xmission.com ([166.70.13.212]:46362) by out01.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <hilarie@purplestreak.com>) id 1s8ux6-000vP1-6q; Sun, 19 May 2024 22:48:48 -0600
Received: from [166.70.232.207] (port=56902 helo=enoether.rhmr.com) by mx02.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <hilarie@purplestreak.com>) id 1s8ux5-00EU8D-FJ; Sun, 19 May 2024 22:48:47 -0600
Received: from enoether.rhmr.com (localhost [127.0.0.1]) by enoether.rhmr.com (8.15.2/8.15.2/Debian-22ubuntu3) with ESMTP id 44K4ml942446213; Sun, 19 May 2024 22:48:47 -0600
Received: (from alicew@localhost) by enoether.rhmr.com (8.15.2/8.15.2/Submit) id 44K4mkDc2446212; Sun, 19 May 2024 22:48:46 -0600
Date: Sun, 19 May 2024 22:48:46 -0600
Message-Id: <202405200448.44K4mkDc2446212@enoether.rhmr.com>
X-Authentication-Warning: enoether.rhmr.com: alicew set sender to hilarie using -f
From: Hilarie Orman <hilarie@purplestreak.com>
To: iesg@ietf.org, secdir@ietf.org
X-XM-SPF: eid=1s8ux5-00EU8D-FJ;;;mid=<202405200448.44K4mkDc2446212@enoether.rhmr.com>;;;hst=mx02.mta.xmission.com;;;ip=166.70.232.207;;;frm=hilarie@purplestreak.com;;;spf=softfail
X-SA-Exim-Connect-IP: 166.70.232.207
X-SA-Exim-Mail-From: hilarie@purplestreak.com
X-Spam-DCC: XMission; sa07 1397; Body=1 Fuz1=1 Fuz2=1
X-Spam-Combo: *****;iesg@ietf.org, secdir@ietf.org
X-Spam-Relay-Country:
X-Spam-Timing: total 388 ms - load_scoreonly_sql: 0.04 (0.0%), signal_user_changed: 10 (2.6%), b_tie_ro: 9 (2.2%), parse: 0.92 (0.2%), extract_message_metadata: 4.3 (1.1%), get_uri_detail_list: 1.03 (0.3%), tests_pri_-2000: 2.3 (0.6%), tests_pri_-1000: 2.4 (0.6%), tests_pri_-950: 1.35 (0.3%), tests_pri_-900: 1.07 (0.3%), tests_pri_-90: 51 (13.0%), check_bayes: 49 (12.7%), b_tokenize: 4.5 (1.2%), b_tok_get_all: 4.8 (1.2%), b_comp_prob: 1.72 (0.4%), b_tok_touch_all: 35 (9.0%), b_finish: 0.78 (0.2%), tests_pri_0: 303 (78.1%), check_dkim_signature: 0.45 (0.1%), check_dkim_adsp: 147 (38.0%), poll_dns_idle: 140 (36.1%), tests_pri_10: 2.3 (0.6%), tests_pri_500: 7 (1.7%), rewrite_mail: 0.00 (0.0%)
X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000)
X-SA-Exim-Scanned: Yes (on mx02.mta.xmission.com)
Message-ID-Hash: I3VP5KKPL7JIVQKXIUNVHTLAOP3YJSHV
X-Message-ID-Hash: I3VP5KKPL7JIVQKXIUNVHTLAOP3YJSHV
X-MailFrom: hilarie@purplestreak.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-opsawg-ipfix-fixes.all@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Reply-To: Hilarie Orman <hilarie@purplestreak.com>
Subject: [secdir] Security directorate review of draft-ietf-opsawg-ipfix-fixes-09
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/5rA93co6B63rGT9VkKK6Q4QAQa0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>
Security review of Simple Fixes to the IP Flow Information Export (IPFIX) IANA Registry draft-ietf-opsawg-ipfix-fixes-09 Do not be alarmed. I generated this review of this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. "When OPSAWG was considering [RFC9565] which updates [RFC7125], the WG realized that some parts of the IANA IP Flow Information Export (IPFIX) registry [IANA-IPFIX] were not up-to-date. This document intends to update the IANA registry and bring some consistency among the entries of the registry." This is a straightforward document that updates each information element, adding missing information or coreedting inconsistent information, as necessary. For example, to the list of protocols having a source port identifier in the transport header. No security issues are evident to me. Hilarie
- [secdir] Security directorate review of draft-iet… Hilarie Orman
- [secdir] Re: Security directorate review of draft… mohamed.boucadair