Re: [secdir] SECDIR review of draft-ietf-ccamp-pc-and-sc-reqs-06
"Adrian Farrel" <adrian@olddog.co.uk> Wed, 11 February 2009 21:44 UTC
Return-Path: <adrian@olddog.co.uk>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3A3C428C0D7; Wed, 11 Feb 2009 13:44:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.883
X-Spam-Level:
X-Spam-Status: No, score=-0.883 tagged_above=-999 required=5 tests=[BAYES_05=-1.11, SARE_SUB_OBFU_Q1=0.227]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LUFokRFfouFu; Wed, 11 Feb 2009 13:44:56 -0800 (PST)
Received: from asmtp1.iomartmail.com (asmtp1.iomartmail.com [62.128.201.248]) by core3.amsl.com (Postfix) with ESMTP id 2887F28C0E7; Wed, 11 Feb 2009 13:44:55 -0800 (PST)
Received: from asmtp1.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp1.iomartmail.com (8.12.11.20060308/8.12.8) with ESMTP id n1BLiRDn019740; Wed, 11 Feb 2009 21:44:27 GMT
Received: from your029b8cecfe (dsl-sp-81-140-15-32.in-addr.broadbandscope.com [81.140.15.32]) (authenticated bits=0) by asmtp1.iomartmail.com (8.12.11.20060308/8.12.11) with ESMTP id n1BLiP9b019731; Wed, 11 Feb 2009 21:44:26 GMT
Message-ID: <23E53B36510442F1B64C24DFE059AF91@your029b8cecfe>
From: Adrian Farrel <adrian@olddog.co.uk>
To: Jeffrey Hutzelman <jhutz@cmu.edu>, iesg@ietf.org, secdir@ietf.org, ccamp-chairs@tools.ietf.org, diego.caviglia@ericsson.com, dino.bramanti@ericsson.com, dan.li@huawei.com, dave.mcdysan@verizon.com
References: <29CB4AF52E418956F8DAC191@minbar.fac.cs.cmu.edu>
Date: Wed, 11 Feb 2009 21:44:15 -0000
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="response"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
Cc: Adrian Farrel <adrian@olddog.co.uk>
Subject: Re: [secdir] SECDIR review of draft-ietf-ccamp-pc-and-sc-reqs-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Adrian Farrel <adrian@olddog.co.uk>
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Feb 2009 21:44:57 -0000
Hi Jeffrey, Thanks for this input. >> I would change the paragraph to encompass a wider approach: >> >> "Any protocol used to configure a device should support >> authentication, encryption, integrity checking, and control of access >> to the configuration parameters. It is RECOMMENDED to deploy an IETF >> standard protocol for secure configuration, such as Netconf [RFC4741] >> or SNMPv3 [RFC3410]. Operators SHOULD enable cryptographic security >> and ensure that the entity giving access to configuration parameters >> is properly configured to give access only to those principals (users) >> that have legitimate rights to read/create/change/delete the >> parameters." I am not happy that the Security section should recomend the use of a particular management protocol, and certainly not in 2119 language. This I-D is not an IETF policy statement for the security of management protocols. I am also not particularly happy with your "SHOULD" guidance to the operator. This I-D is a requirements spec for the development of protocol solutions. It is not a protocol spec, and certainly not a deployment guide. But it is good to pick up some words here. I propose... OLD If SNMP MIBs are used for configuration, then the Management Plane should support authentication for PC-SC configuration changes as specified in [RFC3414]. NEW The Management Plane interactions MUST be supported through protocols that can offer adequate security mechanisms to secure the configuration and protect the operation of the devices that are managed. These mechanisms MUST include at least cryptographic security and the abilty to ensure that the entity giving access to configuration parameters is properly configured to give access only to those principals (users) that have legitimate rights to read/create/change/delete the parameters. IETF standard management protocols (Netconf [RFC4741] and SNMPv3 [RFC3410]) offer these mechanisms. END > My only other comment is regarding the abstract. A document and its > abstract should each stand on their own, independently. In particular, it > should not be necessary to read the abstract in order to understand the > document, and the abstract should contain only a brief description of what > the document is about, intended to be read by someone trying to determine > whether the document is of interest. In the case of this document, text > invoking RFC2119 does not belong in the abstract; rather, it belongs in > the main document body. Sure. There is an indentation issue in the current version that makes this look worse than it is. The 2119 boilerplate often seems to be placed immediately after the Abstract in I-Ds. But anyway, the RFC Editor has a special place for this text and will sort it out. However, you have just made me note that this is an Informational requirements draft, and so the 2119 language is not completely appropriate. A hoary old chestnut, this. We want to use some strong requirements language, but 2119 is intended only for protocol specs. I guess we will morph this to... Although this requirements document is an informational document not a protocol specification, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119] for clarity of requirement specification. Many thanks, Adrian
- [secdir] SECDIR review of draft-ietf-ccamp-pc-and… Jeffrey Hutzelman
- Re: [secdir] SECDIR review of draft-ietf-ccamp-pc… Adrian Farrel
- Re: [secdir] SECDIR review of draft-ietf-ccamp-pc… Jeffrey Hutzelman