Re: [secdir] Secdir early review of draft-ietf-anima-autonomic-control-plane-13

Toerless Eckert <tte@cs.fau.de> Tue, 07 August 2018 23:19 UTC

Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3154F131118; Tue, 7 Aug 2018 16:19:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MDJu9Q0rS2mD; Tue, 7 Aug 2018 16:19:02 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B8C21310DD; Tue, 7 Aug 2018 16:19:01 -0700 (PDT)
Received: from faui48e.informatik.uni-erlangen.de (faui48e.informatik.uni-erlangen.de [131.188.34.51]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 0D95758C507; Wed, 8 Aug 2018 01:18:56 +0200 (CEST)
Received: by faui48e.informatik.uni-erlangen.de (Postfix, from userid 10463) id 8A37F4E0C64; Wed, 8 Aug 2018 01:18:56 +0200 (CEST)
Date: Wed, 8 Aug 2018 01:18:56 +0200
From: Toerless Eckert <tte@cs.fau.de>
To: Liang Xia <frank.xialiang@huawei.com>
Cc: secdir@ietf.org, anima@ietf.org, ietf@ietf.org, draft-ietf-anima-autonomic-control-plane.all@ietf.org
Message-ID: <20180807231856.mtngivnzifh5uj2j@faui48e.informatik.uni-erlangen.de>
References: <151944288538.13853.12008661353663855742@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <151944288538.13853.12008661353663855742@ietfa.amsl.com>
User-Agent: NeoMutt/20170113 (1.7.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/CkycH0tqsYNGIJlM3Cs4L-vLFhU>
Subject: Re: [secdir] Secdir early review of draft-ietf-anima-autonomic-control-plane-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Aug 2018 23:19:04 -0000

Liang: Just posted draft version -17 does include the fix from
your review i missed to put into -16.

Thanks!
    Toerless

On Fri, Feb 23, 2018 at 07:28:05PM -0800, Liang Xia wrote:
> Reviewer: Liang Xia
> Review result: Has Issues
> 
> In general, this document is well-written and considers security issues
> carefully throughout the whole architecture.
> 
> nits:
> Abstract: /or not misconfigured/or misconfigured/
> 
> the fifth paragraph of section 6.1: the last ")" is redundant, therefore can be
> deleted
> 
> some section titles don't comply the rule of starting from a capital letter
> 
> section 6.5
> /("IP security", see [RFC4301] and "Internet Key Exchange protocol version 2",
> see [RFC7296]/("IP security", see [RFC4301] and "Internet Key Exchange protocol
> version 2", see [RFC7296])/
> 
> suggestion:
> all the Figures (e.g., Figure 1,2...) should have a title for explanation
> 
> section 2, please update the last paragraph to reference RFC8174 to indicate
> that lowercase versions of the keywords are not normative
> 
> Section 11 (Security Considerations) Since section 9.2 has described the
> self-protection properties of ACP well, it may be useful in this section to
> mention them as a whole.

-- 
---
tte@cs.fau.de