IETF Logo Mail Archive

Re: [secdir] Secdir review of draft-ietf-ccamp-microwave-framework-05

Daniele Ceccarelli <daniele.ceccarelli@ericsson.com> Mon, 07 May 2018 09:46 UTC

Return-Path: <daniele.ceccarelli@ericsson.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FBD2124205 for <secdir@ietfa.amsl.com>; Mon, 7 May 2018 02:46:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=Ea0kptlr; dkim=pass (1024-bit key) header.d=ericsson.com header.b=CefXo+UK
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v6dreBrKYGon for <secdir@ietfa.amsl.com>; Mon, 7 May 2018 02:46:03 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1593F12D880 for <secdir@ietf.org>; Mon, 7 May 2018 02:46:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1525686360; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=UYTxMdh6Pv2Jt8wv0ssVXZCvfUNgYEyKZSj/G5jWMgA=; b=Ea0kptlr4rFgckVYeWeyKG6GddnlqEy3XtyvpUQqTMuvWt4Erp0OsCDZvRF0dW5r FFzD+G/tUD5BQNBNgKtjqy51+0zz1/SAk6MV1bXKTr7r6vYYnRgpUPze0HpZub6/ bALRypInNAkBlXXsns04xCeWU0eBPUNaiqcObCuVDuE=;
X-AuditID: c1b4fb3a-d35ff7000000729c-9d-5af020583ccc
Received: from ESESSHC003.ericsson.se (Unknown_Domain [153.88.183.27]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id 0B.E9.29340.85020FA5; Mon, 7 May 2018 11:46:00 +0200 (CEST)
Received: from ESESSMR505.ericsson.se (153.88.183.127) by ESESSHC003.ericsson.se (153.88.183.27) with Microsoft SMTP Server (TLS) id 14.3.382.0; Mon, 7 May 2018 11:46:00 +0200
Received: from ESESBMB503.ericsson.se (153.88.183.170) by ESESSMR505.ericsson.se (153.88.183.127) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Mon, 7 May 2018 11:45:59 +0200
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB503.ericsson.se (153.88.183.170) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Mon, 7 May 2018 11:45:59 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=UYTxMdh6Pv2Jt8wv0ssVXZCvfUNgYEyKZSj/G5jWMgA=; b=CefXo+UK4s5qvCUQXXwY7IFvEQwpFfcN0gzlm+qrGR3lz72uve6eOE0D2GUgjS9uHVnTlB40YI84qV1ZuCkNOwymYP+trssnSJsyZMcBcBV6tDruz1lKDvl/feuF28foC45gH5x0/ViF9pWY+sL0hYpnkcp4zwQiokynv6r2UG8=
Received: from VI1PR07MB3167.eurprd07.prod.outlook.com (10.175.243.17) by VI1PR07MB1325.eurprd07.prod.outlook.com (10.164.92.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.755.15; Mon, 7 May 2018 09:45:58 +0000
Received: from VI1PR07MB3167.eurprd07.prod.outlook.com ([fe80::bd7a:2162:cf36:4392]) by VI1PR07MB3167.eurprd07.prod.outlook.com ([fe80::bd7a:2162:cf36:4392%2]) with mapi id 15.20.0755.012; Mon, 7 May 2018 09:45:58 +0000
From: Daniele Ceccarelli <daniele.ceccarelli@ericsson.com>
To: Radia Perlman <radiaperlman@gmail.com>, "draft-ietf-ccamp-microwave-framework.all@tools.ietf.org" <draft-ietf-ccamp-microwave-framework.all@tools.ietf.org>, The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Thread-Topic: Secdir review of draft-ietf-ccamp-microwave-framework-05
Thread-Index: AQHT5dBaSTmpqFmYGkCuUotKdlSMFqQkArvw
Date: Mon, 07 May 2018 09:45:58 +0000
Message-ID: <VI1PR07MB3167FAE7BD03E6751047B60DF09B0@VI1PR07MB3167.eurprd07.prod.outlook.com>
References: <CAFOuuo7PmeTWMYnetwi_8d-11UZmkPXx7WSje-coH_=ROfr9bA@mail.gmail.com>
In-Reply-To: <CAFOuuo7PmeTWMYnetwi_8d-11UZmkPXx7WSje-coH_=ROfr9bA@mail.gmail.com>
Accept-Language: it-IT, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [93.38.67.165]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR07MB1325; 7:CEhdfY+e1vS6vr4XSWt6mkYr4OMpBe1Yrsjt99SU5IEuIdzJClvzOB92gep8UndXzAyjNJoDc8qQOhyvh2lrD1eXX/+AN+YJhyBYZN5ItVwJnEILAk+DoeIVWrofcknSdtvKe+nVhhqSu+Q6pUTMJS3Dn41QaeDw8ZrbjMb41AvsC0DzZ/9VG7UmiuZbeilezgGWz6cE0+S8E6qbGxq2/rjiVFdtJt4cJa5JrzBQr7HKcEY8uJFmRiCGTfPRS7GE
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:VI1PR07MB1325;
x-ms-traffictypediagnostic: VI1PR07MB1325:
x-microsoft-antispam-prvs: <VI1PR07MB132529185896DFD77DED0007F09B0@VI1PR07MB1325.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(278428928389397)(192374486261705)(85827821059158)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(3231254)(944501410)(52105095)(10201501046)(149027)(150027)(6041310)(20161123558120)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(6072148)(201708071742011); SRVR:VI1PR07MB1325; BCL:0; PCL:0; RULEID:; SRVR:VI1PR07MB1325;
x-forefront-prvs: 066517B35B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(396003)(346002)(366004)(39380400002)(376002)(22974007)(189003)(199004)(3846002)(790700001)(6116002)(5250100002)(26005)(33656002)(229853002)(6346003)(5660300001)(3280700002)(2906002)(54896002)(44832011)(110136005)(316002)(66066001)(3660700001)(53936002)(25786009)(186003)(55016002)(97736004)(2501003)(6506007)(102836004)(53546011)(6246003)(6436002)(478600001)(2900100001)(8936002)(86362001)(99286004)(59450400001)(7736002)(106356001)(68736007)(81166006)(8676002)(5070765005)(81156014)(39060400002)(476003)(236005)(9686003)(486006)(6306002)(105586002)(14454004)(76176011)(446003)(74316002)(11346002)(7696005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR07MB1325; H:VI1PR07MB3167.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=daniele.ceccarelli@ericsson.com;
x-microsoft-antispam-message-info: pN08iaOT5TKVVbX+5PEeuCcmSMktQ5n19VSVA9VQ6VxWgqyX0JDaOfwkl0gBy+7K5xMHlyaLnw4orzqEYPYJ6jf2I09OcfTSRv3u6fA/r0mYAcnX5R70G7fTHAFsCTeHy1PT99animYid9Lx6VB8dwigAQCoc16hggSbToXyk5tM1uH24juWzd4l27ls6/rl
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_VI1PR07MB3167FAE7BD03E6751047B60DF09B0VI1PR07MB3167eurp_"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 52a91ecd-6ad6-48a0-463d-08d5b3ff5639
X-MS-Exchange-CrossTenant-Network-Message-Id: 52a91ecd-6ad6-48a0-463d-08d5b3ff5639
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 May 2018 09:45:58.5738 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB1325
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02SfUhTURjGOffebdfR6rgmvmqKrQ9LmpoYDQnJorIo0iiQUdjI6wfOabtm aZEmSPmVLjV0Wn6LTSlMrUwjXJO0QsGwUrC0zUpSmx9hYmhud4H//Z73PO/znvdwaFLcznOl Y9VJjEatVEn5Qqo0/KmbLNzTovBrzvWQf5zaLi/5qyXlreVTPLmlaozaT4W060YEIbW1i0TI /Ps5fiipEO6LZFSxyYzGN+i8MObPZBZKnM5AVybKKsl01JSWjRxowAFQd6dAkI2EtBgbEXSa h0lOtCDQVY3zOfEbweeXIzxO1BCQV9NOWAWFZwl4981oD9ASMFRYY+8ZQ9A007SaRtN8HAhm w3FrXYLNCEZuDyHr+I34ELwZbBBYWYIPw882E+LYH4yGfr6VKbwVGvSNpJVF+CxMZ/bZ/GIc Cm9bcgkrO+AwKGvttnkQdoeCjmpbDomdYdhcQXCrYqjt7Cc5doIJ0zKPY09oG3hNcewOAxU5 iONWAvJn7H4ZWIqLbS8D+AmCkslee6g3ZNytswfFwYvMecK6MOBrkPXKnuMB+rwxiuttI6HP qLf3boKyolFUgPx0a+7KcQL0LE/zdbadHaG31EzpVmNJvBMePfflLJuhKGdMwPEOyCy/J1hb r0QCPXJiGZaNj/b392E0sRdYNkHto2aSHqPVD9XVuhT4DHV9DzYgTCPpOlGPh0Uh5imT2ZR4 AwKalEpEG7p/KcSiSGVKKqNJiNBcUjGsAbnRlNRZdCBKrhDjaGUSE8cwiYzm/ylBO7imI7nX rW2mYys+2nppauN8aQ58CIqIEkq+NJ0LXuicW7zvK5s4HeCimFRdpKevCtRtzc1njmQUeu1K 01afqs9vvuEkCwkzlqhM12U3oXRp1CU0O/PEg6MLW/Ra3kPvg6a99OWGWd2gS0eFt+XrStbJ H44dktH1MyPBzOA4I4n8tEdKsTHK3d6khlX+A9uPJ5pMAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/H8n_ADBkBffhb_DSn7MKXvWE38Y>
Subject: Re: [secdir] Secdir review of draft-ietf-ccamp-microwave-framework-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 May 2018 09:46:07 -0000

Hi Radia,

let me reply on behalf of the authors. First of all many thanks for your review.

Regarding your question about traditional NMS vs SDN I agree with you on the fact that they are evolving towards a common component and the distinction is quite blurry, but there is still plenty of networks where NMS is still considered as the implementation of the management plane while SDN the centralization of the control plane and they are still kept as separate things.

Hence, since the authors speak about “traditional” NMS and SDN I would tend to allow for the distinction to be kept. If you prefer a note speaking about the convergence of the two things can be added.

Thanks a lot
Daniele  (ccamp co-chair)

From: Radia Perlman [mailto:radiaperlman@gmail.com]
Sent: lunedì 7 maggio 2018 08:55
To: draft-ietf-ccamp-microwave-framework.all@tools.ietf.org; The IESG <iesg@ietf.org>; secdir@ietf.org
Subject: Secdir review of draft-ietf-ccamp-microwave-framework-05

Sorry...resending because I mistyped the author address.


---------- Forwarded message ----------
From: Radia Perlman <radiaperlman@gmail.com<mailto:radiaperlman@gmail.com>>
Date: Sun, May 6, 2018 at 11:48 PM
Subject: Secdir review of draft-ietf-ccamp-microwave-framework-05
To: draft-ietf-ccamp-microwave-framework-05.all@tools.ietf.org<mailto:draft-ietf-ccamp-microwave-framework-05.all@tools.ietf.org>, The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>, secdir@ietf.org<mailto:secdir@ietf.org>

Summary:  No security issues found, but I do have questions, and there are editing glitches

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

This document describes the management interface for microwave radio links.
It advocates (correctly, I believe) that such an interface should be extensible to provide for vendor-specific features.

I don't understand the difference between a "a traditional network management system" and SDN.  Perhaps it is not the job of this document to clearly make the distinction, and I suspect there is no real distinction...setting parameters (traditional network management) is a way of "programming" an interface ("SDN").

This document could use an editing pass for glitches, but these glitches do not impact its readability.

The glitches consist  mostly of leaving out little words like "of" in the following sentence.
"The adoption of an SDN framework for management and
   control the microwave interface is one of the key applications for
   this work."

The security considerations say that they assume a secure transport layer (authenticated, probably encryption isn't necessary) for communication.  Other than that, perhaps, there might be security considerations for inadvertently setting parameters incorrectly, or maliciously by a trusted administrator.  But this document does not specify the specific parameters to be managed, just a general framework.

Radia

v2.23.0 | Report a Bug | By Email