[secdir] SECDIR Review of draft-ietf-behave-ipfix-nat-logging-06
Phillip Hallam-Baker <phill@hallambaker.com> Tue, 09 February 2016 04:25 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB9781A036C; Mon, 8 Feb 2016 20:25:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wRZyFYFjJXAM; Mon, 8 Feb 2016 20:25:44 -0800 (PST)
Received: from mail-lb0-x22c.google.com (mail-lb0-x22c.google.com [IPv6:2a00:1450:4010:c04::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6A8D21A036A; Mon, 8 Feb 2016 20:25:44 -0800 (PST)
Received: by mail-lb0-x22c.google.com with SMTP id x4so95454776lbm.0; Mon, 08 Feb 2016 20:25:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=5DVuvx55MY3f3jriTx52fRqQYd3LzkSQbLTlguY3NPk=; b=yjvxok7dRz7XnnOAqBafhvhO65cc+zjFUh3LqrgzEpQ14ouZIg2DBzaEjh374xwjwG rB7bMZfHtoOhG3LbxyT6eRC5bF+3o7vOUHs4CM5WCykkcxiTCXUr+h574Mjnj+XEJ6g2 5K4E51SNsRh29fCAX96Lgz5Q/LUTtxEQVOYFo3cgUpTpnEklNBrq0yymX7VPEpQQkpzv zpVGxlF0lWK0kh9YSQuKthk+qM6nzPyEgOBan8yCmKQmKJJimIQAZs5bySIY6NStzns5 I3sdbg89L7S/hB8hevnqfos0nHAJJHNW3n4VrpPbbO0kA3Fj7c/aX5NLioJ60dUab6qO G7sQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:date:message-id:subject:from :to:content-type; bh=5DVuvx55MY3f3jriTx52fRqQYd3LzkSQbLTlguY3NPk=; b=eFNmEenA4a9dGH6iQfWeVkAge67GoKWOKO1X4pow9HVwW0P34zf+Mfih1/fHa7e82E KUWEQKij9Vvhgft4AEpMxbhrM28I26sFpkfhSpUMPeSfja1Rwv+DjSN92S5WsN2W3IIO iUOmZXWuX/VFSxD83G9oX4NzpNSpEpB+nLAyecWsTtzLo6gCpBrwwB8cGIqxOZp1ZgfP W/r5nUG3p5ck8qRsnfdT525by2hQrKvsFDRPtK/apb4EjefOR28bggR9SJcpHD7HCZCX 3P6JkQlDcxWOf2YZAlgaQwVg3U9m6eA4wX3LAXS4IsNj/fsi/cyUfxtNHkeLbHMLxamb i/nw==
X-Gm-Message-State: AG10YOR7ue7HstiqBv2TCJao1pjHf1BxS1CFXgtlcTjYLEllEhAyP4gJ7BsibT8GPJsNB5Aofmw8zTDNWFYGyg==
MIME-Version: 1.0
X-Received: by 10.112.166.100 with SMTP id zf4mr12847145lbb.58.1454991942512; Mon, 08 Feb 2016 20:25:42 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.49.80 with HTTP; Mon, 8 Feb 2016 20:25:42 -0800 (PST)
Date: Mon, 08 Feb 2016 23:25:42 -0500
X-Google-Sender-Auth: muB42dIGHlSSFGouldAZTvywUBc
Message-ID: <CAMm+Lwj4zr2fAYnHL5ygVNZu56d4o6HM7B8CNS=6kpRykLNrjw@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: draft-ietf-behave-ipfix-nat-logging.all@tools.ietf.org, "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/VBAeN4DSNgCxS-izkTqh4lg9C-w>
Subject: [secdir] SECDIR Review of draft-ietf-behave-ipfix-nat-logging-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2016 04:25:45 -0000
draft-ietf-behave-ipfix-nat-logging.all@tools.ietf.org I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. It is a logging format, you keep data, it might be disclosed. This document does not seem to add to the issues set out in RFC7011 which is cited in the references section. The cited reference is comprehensive, relevant and recent. Nothing further to add from a security point of view.
- [secdir] SECDIR Review of draft-ietf-behave-ipfix… Phillip Hallam-Baker