Re: [secdir] Review of draft-arkko-arp-iana-rules-05
Jari Arkko <jari.arkko@piuha.net> Thu, 12 February 2009 07:27 UTC
Return-Path: <jari.arkko@piuha.net>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 777933A6AB6; Wed, 11 Feb 2009 23:27:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_22=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dU1V56xKAYH8; Wed, 11 Feb 2009 23:27:12 -0800 (PST)
Received: from smtp.piuha.net (p130.piuha.net [IPv6:2001:14b8:400::130]) by core3.amsl.com (Postfix) with ESMTP id D4C523A699A; Wed, 11 Feb 2009 23:27:11 -0800 (PST)
Received: from smtp.piuha.net (localhost [127.0.0.1]) by smtp.piuha.net (Postfix) with ESMTP id 4656319876C; Thu, 12 Feb 2009 09:27:16 +0200 (EET)
Received: from [127.0.0.1] (unknown [IPv6:2001:14b8:400::130]) by smtp.piuha.net (Postfix) with ESMTP id CD8741986EF; Thu, 12 Feb 2009 09:27:15 +0200 (EET)
Message-ID: <4993CF06.8030909@piuha.net>
Date: Thu, 12 Feb 2009 09:25:58 +0200
From: Jari Arkko <jari.arkko@piuha.net>
User-Agent: Thunderbird 2.0.0.19 (X11/20090105)
MIME-Version: 1.0
To: Larry Zhu <lzhu@windows.microsoft.com>
References: <AB1E5627D2489D45BD01B84BD5B900461499B6A2C0@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com>
In-Reply-To: <AB1E5627D2489D45BD01B84BD5B900461499B6A2C0@NA-EXMSG-W601.wingroup.windeploy.ntdev.microsoft.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV using ClamSMTP
Cc: "cpignata@cisco.com" <cpignata@cisco.com>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Review of draft-arkko-arp-iana-rules-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Feb 2009 07:27:13 -0000
Thanks for your review. Your comments have resulted in changes in the -06 version of the document. Jari Larry Zhu wrote: > I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. > > Document: draft-arkko-arp-iana-rules-05 > Title: IANA Allocation Guidelines for the Address Resolution Protocol (ARP) > > Overall, the document is clear and easy to read. I have the following comments. > > 1) The following text in the "acknowledgements" section fits better into the "introduction" section. > > The lack of any current rules has come up as new values were > requested from IANA. <<<cut>>> When no rules exist, IANA > consults the IESG for approval of the new values. The purpose of > this specification is to establish the rules and allow IANA to > operate based on the rules, without requiring confirmation from the > IESG. > > In addition, the above text somewhat contradicts to the fact that the assignment of ar$op values does require IESG approval. Hence I would recommend to replace OLD: > > The purpose of > this specification is to establish the rules and allow IANA to > operate based on the rules, without requiring confirmation from the > IESG. > > With NEW: > > The purpose of > this specification is to establish the rules and allow IANA to > manage number assignments based on these rules, to ensure consistent > interpretations in different implementations. > > 2) This document does not seem to fit exactly with RFC5226. Given there is an existing registry at http://www.iana.org/assignments/arp-parameters/arp-parameters.xhtml, I would recommend either spell exactly how to update it or how to create a new one to replace the existing one, and populate the new registry with the existing entries as "initial" assignments. > > I find no specific security issues with this document. > > --Larry Zhu > > > >