Re: [secdir] Secdir review of draft-ietf-softwire-dslite-deployment

Tobias Gondrom <tobias.gondrom@gondrom.org> Sun, 14 October 2012 22:21 UTC

Return-Path: <tobias.gondrom@gondrom.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F5C821F8501 for <secdir@ietfa.amsl.com>; Sun, 14 Oct 2012 15:21:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -95.361
X-Spam-Level:
X-Spam-Status: No, score=-95.361 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zQ8CMaop66oi for <secdir@ietfa.amsl.com>; Sun, 14 Oct 2012 15:21:06 -0700 (PDT)
Received: from lvps176-28-13-69.dedicated.hosteurope.de (lvps176-28-13-69.dedicated.hosteurope.de [176.28.13.69]) by ietfa.amsl.com (Postfix) with ESMTP id 7247421F84EC for <secdir@ietf.org>; Sun, 14 Oct 2012 15:20:59 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=gondrom.org; b=JOxD4qUXhqyAWOsNJkDEg2VjD+4aPKKTeGk0aCQWXh1N7k2oyGOgdIooEBwRjUUwJ61jMZu4KRAKH6G22AbUvvJxRLdsuB7TByXSsf9Ggo+Upy4C1aZ5ARzqXlCrmWOQ; h=Received:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type;
Received: (qmail 21983 invoked from network); 15 Oct 2012 00:20:57 +0200
Received: from 188-223-113-88.zone14.bethere.co.uk (HELO ?192.168.1.65?) (188.223.113.88) by lvps176-28-13-69.dedicated.hosteurope.de with ESMTPSA (DHE-RSA-AES256-SHA encrypted, authenticated); 15 Oct 2012 00:20:57 +0200
Message-ID: <507B3AC8.1010302@gondrom.org>
Date: Sun, 14 Oct 2012 23:20:56 +0100
From: Tobias Gondrom <tobias.gondrom@gondrom.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121011 Thunderbird/16.0.1
MIME-Version: 1.0
To: Yiu_Lee@Cable.Comcast.com
References: <E3FAB1F4F41F3A45B287E8D9C53522FD37A78150@PACDCEXMB05.cable.comcast.com>
In-Reply-To: <E3FAB1F4F41F3A45B287E8D9C53522FD37A78150@PACDCEXMB05.cable.comcast.com>
Content-Type: multipart/alternative; boundary="------------020704040104040204020308"
Cc: iesg@ietf.org, draft-ietf-softwire-dslite-deployment.all@tools.ietf.org, secdir@ietf.org
Subject: Re: [secdir] Secdir review of draft-ietf-softwire-dslite-deployment
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Oct 2012 22:21:07 -0000

Hi Yiu,
thank you.
Best regards, Tobias

On 14/10/12 22:27, Lee, Yiu wrote:
> Hi Tobias,
>
> Thanks for reviewing the draft. Comments inline:
>
> Thanks,
> Yiu
>
> From: Tobias Gondrom <tobias.gondrom@gondrom.org 
> <mailto:tobias.gondrom@gondrom.org>>
> Date: Sunday, October 14, 2012 3:47 PM
> To: "iesg@ietf.org <mailto:iesg@ietf.org>" <iesg@ietf.org 
> <mailto:iesg@ietf.org>>, "secdir@ietf.org <mailto:secdir@ietf.org>" 
> <secdir@ietf.org <mailto:secdir@ietf.org>>, 
> "draft-ietf-softwire-dslite-deployment.all@tools.ietf.org 
> <mailto:draft-ietf-softwire-dslite-deployment.all@tools.ietf.org>." 
> <draft-ietf-softwire-dslite-deployment.all@tools.ietf.org 
> <mailto:draft-ietf-softwire-dslite-deployment.all@tools.ietf.org>.>
> Subject: Secdir review of draft-ietf-softwire-dslite-deployment
> Resent-To: <carlw@mcsr-labs.org <mailto:carlw@mcsr-labs.org>>, 
> <christian.jacquenet@orange.com 
> <mailto:christian.jacquenet@orange.com>>, <cuiyong@tsinghua.edu.cn 
> <mailto:cuiyong@tsinghua.edu.cn>>, <mohamed.boucadair@orange.com 
> <mailto:mohamed.boucadair@orange.com>>, 
> <roberta.maglione@telecomitalia.it 
> <mailto:roberta.maglione@telecomitalia.it>>, 
> <suresh.krishnan@ericsson.com <mailto:suresh.krishnan@ericsson.com>>, 
> "Yiu L. LEE" <yiu_lee@cable.comcast.com 
> <mailto:yiu_lee@cable.comcast.com>>
>
> I have reviewed this document as part of the security directorate's 
> ongoing effort to review all IETF documents being processed by the 
> IESG.  These comments were written primarily for the benefit of the 
> security area directors. Document editors and WG chairs should treat 
> these comments just like any other last call comments.
>
>
> I believe this document (draft-ietf-softwire-dslite-deployment) has an 
> adequate security considerations section and the main security risks 
> are sufficiently described for an informational "deployment 
> considerations" RFC.
>
> COMMENTS:
> section 2.6:
> "Internet hosts such as servers must no longer rely solely on IP 
> address to identify an abused user."
> Don't you mean here: "... an abusive user."
> and again in the next sentence "...to identify an abused user..." 
> should be "...to identify an abusive user".
>
> [YL] Fixed.
>
> Nits:
> - section 1: Overview
> third sentence: first mention of "softwire" may require a reference
>
> [YL] Fixed.
>
> - section 2.5, last paragraph:
> s/Depedning on the rate of NAT table changes/Depending on the rate of 
> NAT table changes
>
> [YL] Fixed.
>
>
> Best regards, Tobias
>
>