Re: [secdir] secdir review of draft-ietf-ospf-node-admin-tag-05

Shraddha Hegde <shraddha@juniper.net> Thu, 15 October 2015 04:05 UTC

Return-Path: <shraddha@juniper.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 245D61B2FF7; Wed, 14 Oct 2015 21:05:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZDjcc5Qd8HKJ; Wed, 14 Oct 2015 21:05:48 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0132.outbound.protection.outlook.com [207.46.100.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C6FC1B2FF5; Wed, 14 Oct 2015 21:05:48 -0700 (PDT)
Received: from BY1PR0501MB1381.namprd05.prod.outlook.com (10.160.107.139) by BY1PR0501MB1381.namprd05.prod.outlook.com (10.160.107.139) with Microsoft SMTP Server (TLS) id 15.1.293.16; Thu, 15 Oct 2015 04:05:47 +0000
Received: from BY1PR0501MB1381.namprd05.prod.outlook.com ([10.160.107.139]) by BY1PR0501MB1381.namprd05.prod.outlook.com ([10.160.107.139]) with mapi id 15.01.0293.007; Thu, 15 Oct 2015 04:05:47 +0000
From: Shraddha Hegde <shraddha@juniper.net>
To: Benjamin Kaduk <kaduk@MIT.EDU>, "Acee Lindem (acee)" <acee@cisco.com>
Thread-Topic: secdir review of draft-ietf-ospf-node-admin-tag-05
Thread-Index: AQHRAtRkmhe1qX1HzE+v6FQBX6gc055lH6mAgABoLJCABH8tgIAABXOAgAADDQCAAAE9AIAA3F8AgADWWYCAADQwMA==
Date: Thu, 15 Oct 2015 04:05:46 +0000
Message-ID: <BY1PR0501MB13810A4EB34DBD4915D10465D53E0@BY1PR0501MB1381.namprd05.prod.outlook.com>
References: <alpine.GSO.1.10.1510091159450.26829@multics.mit.edu> <D23ED021.34690%acee@cisco.com> <BY1PR0501MB1381A8D06B804AE4508F371AD5320@BY1PR0501MB1381.namprd05.prod.outlook.com> <alpine.GSO.1.10.1510131547130.26829@multics.mit.edu> <D242FF5D.34EA7%acee@cisco.com> <alpine.GSO.1.10.1510131856050.26829@multics.mit.edu> <D2430569.34EFD%acee@cisco.com> <D243BD35.351B8%acee@cisco.com> <alpine.GSO.1.10.1510142057370.26829@multics.mit.edu>
In-Reply-To: <alpine.GSO.1.10.1510142057370.26829@multics.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=shraddha@juniper.net;
x-originating-ip: [116.197.184.11]
x-microsoft-exchange-diagnostics: 1; BY1PR0501MB1381; 5:MtpUv09JwqTkfIdFgfBO6A7r8kma52znKig88zmZ1idH7hYn+PzyXdtV9FSpO1VlkeNpqeibpWrfobt6jyqd9huUgBqlon/IVhXm+5PJekvVkdoH2h0b5O0UTLYLduLKZHvW+dCBcpL9t07jljSdbQ==; 24:CXluv5zeiSeAPWEzPKSmmqEJSzKx7s1rv/+rVSjWSHZY8eGI8kxxXGvN5PvEcU97mGZYDkkKD7qV7/WpO3j2EjVC2WB7c/AusOYwJ71Gsnk=; 20:pbFy46CCTifBiJVKX/WQVmzQgGQlCgX3RJNtTmbbqVFEo98L86+SJW0alkb30CliEuNGUVPGT9GTc+5ZWAixxA==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY1PR0501MB1381;
x-microsoft-antispam-prvs: <BY1PR0501MB1381FC13453B355D9692B64ED53E0@BY1PR0501MB1381.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(240460790083961)(138986009662008)(95692535739014);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(520078)(5005006)(8121501046)(3002001); SRVR:BY1PR0501MB1381; BCL:0; PCL:0; RULEID:; SRVR:BY1PR0501MB1381;
x-forefront-prvs: 0730093765
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(199003)(377454003)(13464003)(24454002)(52604005)(189002)(479174004)(92566002)(66066001)(46102003)(64706001)(81156007)(2900100001)(102836002)(99286002)(33656002)(2171001)(5004730100002)(5001960100002)(105586002)(87936001)(19580395003)(77096005)(97736004)(93886004)(101416001)(106116001)(54356999)(5003600100002)(11100500001)(110136002)(50986999)(19580405001)(5001920100001)(10400500002)(106356001)(74316001)(122556002)(76576001)(5002640100001)(5008740100001)(5001770100001)(5007970100001)(76176999)(189998001)(86362001)(2950100001)(230783001)(40100003); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR0501MB1381; H:BY1PR0501MB1381.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Oct 2015 04:05:46.8144 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR0501MB1381
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/c8UUlSP-okKdvb-OrTwViyene3o>
X-Mailman-Approved-At: Thu, 22 Oct 2015 07:18:02 -0700
Cc: "draft-ietf-ospf-node-admin-tag.all@ietf.org" <draft-ietf-ospf-node-admin-tag.all@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] secdir review of draft-ietf-ospf-node-admin-tag-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Oct 2015 04:05:53 -0000

Acee/Ben,

Updated the text as below.

<t> Multiple node administrative tag TLVs MAY appear in an RI LSA or 
   multiple node administrative tag TLVs MAY be contained in different
   instances of the RI LSA.  The node administrative tags associated
   with a node that originates tags for the purpose of any computation or processing at a receiving node
   SHOULD be a superset of node administrative tags from all the TLVs in all the
   received RI LSA instances in the Link-State Database (LSDB) advertised by the 
   corresponding OSPF router.When an RI LSA is received that changes the set of 
   tags applicable to any originating node, a receiving node MUST repeat any computation or
	processing that is based on those administrative tags.
</t>


Rgds
Shraddha

-----Original Message-----
From: Benjamin Kaduk [mailto:kaduk@MIT.EDU] 
Sent: Thursday, October 15, 2015 6:28 AM
To: Acee Lindem (acee) <acee@cisco.com>
Cc: Shraddha Hegde <shraddha@juniper.net>et>; iesg@ietf.org; secdir@ietf.org; draft-ietf-ospf-node-admin-tag.all@ietf.org
Subject: Re: secdir review of draft-ietf-ospf-node-admin-tag-05

On Wed, 14 Oct 2015, Acee Lindem (acee) wrote:

> Hi Ben,
>
> On 10/13/15, 7:02 PM, "Acee Lindem (acee)" <acee@cisco.com> wrote:
>
> >
> >
> >On 10/13/15, 6:57 PM, "Benjamin Kaduk" <kaduk@MIT.EDU> wrote:
> >
> >>Thanks for clarifying.  So, this is a non-issue, and the only 
> >>question is whether the text could/should be changed to improve clarity.
> >
> >Let me think about this since it is a generic OSPF RI ambiguity and 
> >it will affect multiple documents. In a WebEx right now though…
>
> The key point here is that an OSPF router only maintains the 
> most-recent instance of an LSA in its Link-State Database. So, there 
> shouldn’t be any ambiguity. Perhaps, the text could be changed to “all 
> RI LSA instances in the Link-State Database (LSDB) advertised by the 
> corresponding OSPF router.”

That seems like a useful improvement; thanks.

-Ben