Re: [secdir] Secdir early review of draft-ietf-anima-autonomic-control-plane-13
Toerless Eckert <tte@cs.fau.de> Mon, 23 July 2018 21:16 UTC
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B6C4130F63; Mon, 23 Jul 2018 14:16:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.95
X-Spam-Level:
X-Spam-Status: No, score=-3.95 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N42mQzEuFfA5; Mon, 23 Jul 2018 14:16:04 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DD6C130E73; Mon, 23 Jul 2018 14:16:04 -0700 (PDT)
Received: from faui48f.informatik.uni-erlangen.de (faui48f.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:52]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id CC4FD58C4AF; Mon, 23 Jul 2018 23:15:59 +0200 (CEST)
Received: by faui48f.informatik.uni-erlangen.de (Postfix, from userid 10463) id 954674402CB; Mon, 23 Jul 2018 23:15:59 +0200 (CEST)
Date: Mon, 23 Jul 2018 23:15:59 +0200
From: Toerless Eckert <tte@cs.fau.de>
To: Liang Xia <frank.xialiang@huawei.com>
Cc: secdir@ietf.org, anima@ietf.org, ietf@ietf.org, draft-ietf-anima-autonomic-control-plane.all@ietf.org
Message-ID: <20180723211559.f2u4ydl55ns5yhgo@faui48f.informatik.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: NeoMutt/20170113 (1.7.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Hm2JR-LTEaDWLWJLwOk_1wCqCaI>
Subject: Re: [secdir] Secdir early review of draft-ietf-anima-autonomic-control-plane-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jul 2018 21:16:07 -0000
Hi Frank, Mea maxima culpa. Your -13 review below was probably overlooked by me when integrating all received feeedbac from -13 into 14/15/16, although it looks more as if i did fix most of the stuff from your review but then forgot to send a reply. This is integretated into -17, i didn't push a new version up, but you can check it at: https://raw.githubusercontent.com/anima-wg/autonomic-control-plane/master/draft-ietf-anima-autonomic-control-plane/draft-ietf-anima-autonomic-control-plane-17.txt Replies inline below Cheers Toerless On Fri, Feb 23, 2018 at 07:28:05PM -0800, Liang Xia wrote: > Reviewer: Liang Xia > Review result: Has Issues > > In general, this document is well-written and considers security issues > carefully throughout the whole architecture. Thanks! > > nits: > Abstract: /or not misconfigured/or misconfigured/ Was fixed n -16. > the fifth paragraph of section 6.1: the last ")" is redundant, therefore can be > deleted Fixed. > some section titles don't comply the rule of starting from a capital letter Hmm.. checked -13 and -16 but could not find anything besides: (-16) A.3.3.2 mDNS and ... This starts with small letter because "mDNS" is a unique name with a lower letter, i think this is correct. If we're unsure, RFC editor would be best to resolve later on. (-16) Titles are all draft names and this section will be removed anyhow for RFC. > section 6.5 > /("IP security", see [RFC4301] and "Internet Key Exchange protocol version 2", > see [RFC7296] > /("IP security", see [RFC4301] and "Internet Key Exchange protocol version 2", > see [RFC7296])/ What change do you suggest, looks identical ? > suggestion: > all the Figures (e.g., Figure 1,2...) should have a title for explanation Done in -16. > section 2, please update the last paragraph to reference RFC8174 to indicate > that lowercase versions of the keywords are not normative Done in -16. > Section 11 (Security Considerations) Since section 9.2 has described the > self-protection properties of ACP well, it may be useful in this section to > mention them as a whole. Hmm.. Didn't want to reiterate too much text that is already written out in the document, but instead inserted a reference to section 9.2 into the security section.
- [secdir] Secdir early review of draft-ietf-anima-… Liang Xia
- Re: [secdir] Secdir early review of draft-ietf-an… Toerless Eckert
- Re: [secdir] Secdir early review of draft-ietf-an… Toerless Eckert