Re: [secdir] Review of draft-ietf-opsawg-ipfix-bgp-community-07

li zhenqiang <li_zhenqiang@hotmail.com> Thu, 20 September 2018 10:31 UTC

Return-Path: <li_zhenqiang@hotmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 925B3130E50; Thu, 20 Sep 2018 03:31:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.125
X-Spam-Level:
X-Spam-Status: No, score=-1.125 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7halI1ETkgI7; Thu, 20 Sep 2018 03:31:32 -0700 (PDT)
Received: from APC01-PU1-obe.outbound.protection.outlook.com (mail-pu1apc01olkn080f.outbound.protection.outlook.com [IPv6:2a01:111:f400:febe::80f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BC3F130E3B; Thu, 20 Sep 2018 03:31:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GsRGVQWyfSgBQ3jfY7hv08QGNwVWQi8S3fspi9WFAoc=; b=I3MlGG+lv5v0AG3B52ATBf9lIHpDrxhjlxs0o8B2mmkdByotVyZxKo4QsyBw4RFLvfYGAltkJJI4npJAsSf476Ujf0RcmNzcN1JNPfpYR2AN1buBtFPTJAMPkbAeVzJMgY3VkgabEavDj6ekIOtSQjCfqIPme0113I+0M4qNHVHu/64icUgFYQSY+pMcOb7Gr1D0jWJLUggxNjj40IFQ+nSaz8COk/xe9AjOAbhM0/KIm1EHBD5vJTrA9LJjqcTnTqZLFOl1wJa8uDoaYDyFCE2qKU+E2f+0apRuJlio7BsEIGHOo/3fRyJ01OOXrzY24yjoRZZ5mjWqe/b6s+PyZQ==
Received: from PU1APC01FT020.eop-APC01.prod.protection.outlook.com (10.152.252.58) by PU1APC01HT097.eop-APC01.prod.protection.outlook.com (10.152.253.52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.1164.13; Thu, 20 Sep 2018 10:31:28 +0000
Received: from SG2PR06MB2170.apcprd06.prod.outlook.com (10.152.252.52) by PU1APC01FT020.mail.protection.outlook.com (10.152.252.217) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.20.1164.13 via Frontend Transport; Thu, 20 Sep 2018 10:31:28 +0000
Received: from SG2PR06MB2170.apcprd06.prod.outlook.com ([fe80::ac4e:9355:9d60:3ef8]) by SG2PR06MB2170.apcprd06.prod.outlook.com ([fe80::ac4e:9355:9d60:3ef8%6]) with mapi id 15.20.1143.014; Thu, 20 Sep 2018 10:31:28 +0000
From: li zhenqiang <li_zhenqiang@hotmail.com>
To: Shawn Emery <shawn.emery@gmail.com>, secdir <secdir@ietf.org>, draft-ietf-opsawg-ipfix-bgp-community.all <draft-ietf-opsawg-ipfix-bgp-community.all@tools.ietf.org>, opsawg <opsawg@ietf.org>
Thread-Topic: Review of draft-ietf-opsawg-ipfix-bgp-community-07
Thread-Index: AQHUUM0WcC149jzhrUONRg77T/T5qA==
Date: Thu, 20 Sep 2018 10:31:28 +0000
Message-ID: <SG2PR06MB217016BC102E505BFA30DC97FC130@SG2PR06MB2170.apcprd06.prod.outlook.com>
References: <CAChzXmbZaRmr5KqG33v_Oq=nxGtKZhkTxYLUg_JnJhKHrLOwiw@mail.gmail.com>
Accept-Language: zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: SG2PR06CA0172.apcprd06.prod.outlook.com (2603:1096:1:1e::26) To SG2PR06MB2170.apcprd06.prod.outlook.com (2603:1096:4:f::22)
x-incomingtopheadermarker: OriginalChecksum:655C93B4C8EFD641E3BE0A777F7903D2EA547449F5F3AA2987D3B88014AECE60; UpperCasedChecksum:CA4DE835C783D80E1D90437771A4CEF1BB5D169712631F183950A4171AC9E89E; SizeAsReceived:7569; Count:49
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [k5GxVxFNjMyKWIi9SclDeqEM3qVQUXMldtA7RYRGa+8=]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PU1APC01HT097; 6:vM25aS5BIFFuS9nxxuP3yzSCFpV5uWVTY6bTrmssr+bZPHNYlhddOjgBtahLdyijLIj8qDX92i2qZv+kqN7REAaYfZsmSDotAsmAH4fWqX93uHV1cFgXQKe3Ba4bVtLmp/y/7cGcCT40s104u9PRswzM+avVJ2tipzJafXUPvts28tScpyVssRu9SJ+B12vv3fWAfNWq62wMmKRCgfN/9zBcJcGz206spx/YTJlb/0bsVssyYirsI/aXajekmaY61GNbBuql8k2FV6bmHk7DYS4vlM7QELKahdIxlPqKsVrzhcuppnKtn5OzmFFRSwt0IhgBCP4NoOSd4tRECcqtD1Pdi7vyrxdK1mpaZfTDnMkesaiRzLRkHe8wchVlQmsQ1lYtQgncJxQ9d8b/Jf0T2rnPTeanTSoSSNyubIbaJW7cO21PrMFz7hSZ/jG1Hf+WXXEV2F41WtZkW3Mp4MhKTw==; 5:Eqv/g3aqW7LJ4b52d9u9CHqB5Qof3iWs9rsqWq+zANK0uhFa1MIzhMlFb+YixWpH1YkMMPslWcuiSB/XA/iQ01zlFoVYWB9+SDp7WMoSvjh9iXC4v1/Ref1uPsdcc1chkmhSOkSkZTKBxvfspyjnT6T6/5F1mKtfpm9XE3+/cEo=; 7:TQsHHKn4HkMkSPnxlD+FUz7ukpyv5rRXAL8XcQ+OJI0bEywdDv+bgbCuLQHIDeImnkOSk4kZFIQ+rA8sCveKt7Iw5VWN4nOqGOkcvplPAJqHPcMeCUInNK+SbR/ZgQmkjOr/mdZ58+lhxu/BsGVGooPIx6idKf9Woads9P1aLfdP2zN5LB45ipknSFpH4ZNP6Mh8d6KErb5vHcz6h/HTSNz5L/OQVV3zwF0NEMs0ux+tt+38n+voz3DIqPuif2WN
x-incomingheadercount: 49
x-eopattributedmessage: 0
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1603101475)(1601125500)(1701031045); SRVR:PU1APC01HT097;
x-ms-traffictypediagnostic: PU1APC01HT097:
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(4566010)(82015058); SRVR:PU1APC01HT097; BCL:0; PCL:0; RULEID:; SRVR:PU1APC01HT097;
x-forefront-prvs: 0801F2E62B
x-forefront-antispam-report: SFV:NSPM; SFS:(7070007)(189003)(199004)(345774005)(5070765005)(5660300001)(86152003)(55016002)(7696005)(53546011)(45080400002)(236005)(9686003)(102836004)(71200400001)(86362001)(71190400001)(54896002)(99286004)(6436002)(8676002)(14444005)(14454004)(82202002)(6346003)(446003)(256004)(2900100001)(4326008)(26005)(25786009)(56003)(74316002)(105586002)(39060400002)(106356001)(486006)(33656002)(73972006)(20460500001)(6246003)(110136005)(5250100002)(81156014)(104016004)(229853002)(97736004)(87572001)(6506007)(386003)(8936002)(76176011)(476003)(83332001)(68736007)(15852004); DIR:OUT; SFP:1901; SCL:1; SRVR:PU1APC01HT097; H:SG2PR06MB2170.apcprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: hotmail.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=li_zhenqiang@hotmail.com;
x-microsoft-antispam-message-info: dLVGFpd42ukmngxutm/XMstpdwdRglZC3Itgw+hXzZXwuowU00VikoMPn43cMzZy5mHnSjw8r8QzHO8GVaeDB1xliLJ7yghheXKKACEf1eGQ88GjtjAONpp4S/EambJ4i7rVCRLok3Cwxax8SqQAGZH4FGqfAQlYEmpeTAB0VjEDYz71WUNWQBA3IoI3GVrozmDi/k56R6Np933lz8mr5p9r+Exk8UCyfTGMm/dPAxk=
Content-Type: multipart/alternative; boundary="_000_SG2PR06MB217016BC102E505BFA30DC97FC130SG2PR06MB2170apcp_"
MIME-Version: 1.0
X-OriginatorOrg: hotmail.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 24fd1209-d934-423e-a578-ee886993c07f
X-MS-Exchange-CrossTenant-Network-Message-Id: 93b97761-8287-4c74-299c-08d61ee438b2
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 24fd1209-d934-423e-a578-ee886993c07f
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Sep 2018 10:31:28.0586 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PU1APC01HT097
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/OFt07Bq2bKmS__OcVw1q047b31E>
Subject: Re: [secdir] Review of draft-ietf-opsawg-ipfix-bgp-community-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Sep 2018 10:31:35 -0000

Dear Shawn M. Emery,

Thank you for your review and nits. I have corrected all the nits and uploaded a new version -08. Please check and thanks again.

Zhenqiang Li
________________________________
li_zhenqiang@hotmail.com

From: Shawn Emery<mailto:shawn.emery@gmail.com>
Date: 2018-09-19 15:03
To: secdir<mailto:secdir@ietf.org>; draft-ietf-opsawg-ipfix-bgp-community.all<mailto:draft-ietf-opsawg-ipfix-bgp-community.all@tools.ietf.org>
CC: Shawn Emery<mailto:shawn.emery@gmail.com>
Subject: Review of draft-ietf-opsawg-ipfix-bgp-community-07

Reviewer: Shawn M. Emery
Review result: Ready with numerous nits

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This draft specifies new Information Elements (IEs) in order to support BGP community
information for the IP Flow Information eXport (IPFIX) protocol.

The security considerations section does exist and states that the draft just defines
new IEs and does not introduce any new security considerations.  The section then
goes on to state that the same security issues that apply to the IPFIX protocol and
the corresponding Information Model applies to this specification.  I agree with these
assertions.

General comments:

None.

Editorial comments:

s/differnt/different/g

s/Netwok/Network/

s/statistic/statistics/

s/mediator needs/the mediator needs/

s/Mediator is/The mediator is/

s/figure up/determine/g

s/mechanisum/mechanism/

s/generted/generated/

s/Please refer/Please refer to/g

s/originated from AS A and destinated/originating from AS A and destined/

s/becuse it will cause the congestion/because it will cause congestion/

s/togecher/together/

s/source IP and destination IP/source and destination IP address/g

s/both the source IP and the destination IP related/relating to both the source and destination IP addresses/

s/length one IPFIX/length of one IPFIX/

s/to the information about the networks in the field/to information about networks in the field/


OLD:

configure export policy of BGP communities on the exporter to limit the BGP communities to be exported, so as to only export some specific communities,or not to export some specific communities.

NEW:

configure the export policy of BGP communities to limit the BGP communities by including or excluding specific communities.


s/The detailed mechanism is out of the scope of this document./The details of increasing IPFIX message length is out of scope for this document./

s/refer Appendix A/refer to Appendix A/

s/source or destination IP/source or destination IP address/


Shawn.

--