Re: [secdir] [6lo] Secdir last call review of draft-ietf-6lo-ap-nd-12
"Pascal Thubert (pthubert)" <pthubert@cisco.com> Mon, 06 January 2020 10:27 UTC
Return-Path: <pthubert@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AF6E120124; Mon, 6 Jan 2020 02:27:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=dI/G0Rj5; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=0TfODARc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hn1qQbbhmyxQ; Mon, 6 Jan 2020 02:27:01 -0800 (PST)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37971120106; Mon, 6 Jan 2020 02:27:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1232; q=dns/txt; s=iport; t=1578306421; x=1579516021; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=QKcSQekGzzuLgPpAJvUV2de9gVyMZg9V1FHTcpOmdpQ=; b=dI/G0Rj5TqCij+5iP9AVMDSeIu2iXSfPeuJh61fNxuxfGRKlV7kbcJ4o 1E3GqxfV508xN4nOKQPh7cVTffqPgD23OCFH9jrvBYyzLsG541io5EgQH 3QSgB7DYjGqOP3uMajd0SdqDqc4H5YmFBw3tKr/e89f4jB9zxHdubBXJ/ 0=;
IronPort-PHdr: 9a23:ownASxeHQq0U6I1cXO4hBSXnlGMj4e+mNxMJ6pchl7NFe7ii+JKnJkHE+PFxlwGQD57D5adCjOzb++D7VGoM7IzJkUhKcYcEFnpnwd4TgxRmBceEDUPhK/u/dzA6Ac5PTkNN9HCgOk8TE8H7NBXf
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BWAQBiChNe/4UNJK1mHAEBAQEBBwEBEQEEBAEBgWsEAQELAYFTUAWBRCAECyqECYNGA4p/gl+YDYJSA1QJAQEBDAEBLQIBAYRAAheBUiQ3Bg4CAw0BAQQBAQECAQUEbYU3DIVeAQEBAQIBEhERDAEBNwEECwIBBgIaAiYCAgIwFRACBAENDRqFRwMOIAECkSKQZAKBOIhhdYEygn4BAQWFABiCDAmBDigBhRyFOYFDGoFBP4ERR4JMPoRLgw4ygiyNc4JLiBmHIY42bwqCNpY1gkaHfYtWhEKOU5pZAgQCBAUCDgEBBYFoI4FYcBWDJ1AYDY0Sg3OKU3SBKIsSLYIUAQE
X-IronPort-AV: E=Sophos;i="5.69,402,1571702400"; d="scan'208";a="409445030"
Received: from alln-core-11.cisco.com ([173.36.13.133]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 06 Jan 2020 10:27:00 +0000
Received: from XCH-RCD-010.cisco.com (xch-rcd-010.cisco.com [173.37.102.20]) by alln-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id 006AR01q008965 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 6 Jan 2020 10:27:00 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-010.cisco.com (173.37.102.20) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 6 Jan 2020 04:26:59 -0600
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 6 Jan 2020 05:26:58 -0500
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 6 Jan 2020 05:26:58 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Y3kfUxCPDQ5svOMcOYBK/JAZ9MQp+OMI/YhIL7pi//RuT2HtKpI38XwBkkuGwEwgmUbKADDIOq6ekBu8VSewbjpxUlccZVG/crrUwg4kCECaesGTFT5nc2O8OccUttp/5WIHVhrP8tZL6aiw+F5dsW5ArTVjExV7k4l0D/FhCqkH2/tnXKLb6I3SLDaNRT/oJcuMvVUvHStSOpNV7AaBIeXFKokAAUBwTA/16/NEp4gT7QSJCjtycQ54sOdliKaeadyFOwJyibrSTS0ZNSMKnJd79xbbgC/749Rk+JaX+xEuPN39dZVK6rvC1IZmrrQpJW0yshdUVuSeaStsafn3RA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QKcSQekGzzuLgPpAJvUV2de9gVyMZg9V1FHTcpOmdpQ=; b=jpzfG19jxNzJ82gQpgO34ZiW8FhGLhHanlgxdnPUcN4GasIuG0llOPj+DKA78VUXeoda/x77OKJpy/3Qv9q45AmUy57Qf9Z3jKm5Pp/vpdKgD+F/asACO6SYDvpSnTcILJwZUj887j4xN2nXww9xUNdVmUjWLEuvZEU+xrR/zvaNrV/94afmMjSZcPzDAOB/n8eTjVptBahEersj2zBfnCNdvOFXw8bUyjY7lYWdkYobODoTgjLteCjb+4qP0UCp10PzR63z5MP9Ts+FFm0XgjvM393y1OCUp1IlACQCg02S7+R/FX5SbmVVevpp4UrA4MeMxtS0q+AacOHhlt3N4A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QKcSQekGzzuLgPpAJvUV2de9gVyMZg9V1FHTcpOmdpQ=; b=0TfODARccFaoY4Df3/3U0T6fwEn8psTZJH5bcwYTnG8a6yESHNzwVl8xuMFkJf0qta4TBZ75u/WBkzqW0n27U0mU1jK/zacW/tsvjDrC6ILaxiPcb2q0MZ8/m8ztbVCIEVovny9RgDZ/N/ZBvefGCVMaPiMnTbbfHCv6Uh3EhFo=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB3838.namprd11.prod.outlook.com (20.178.252.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2602.12; Mon, 6 Jan 2020 10:26:57 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::fd76:1534:4f9a:452a%3]) with mapi id 15.20.2602.015; Mon, 6 Jan 2020 10:26:57 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Adam Montville <adam.montville.sdo@gmail.com>, "secdir@ietf.org" <secdir@ietf.org>
CC: "last-call@ietf.org" <last-call@ietf.org>, "draft-ietf-6lo-ap-nd.all@ietf.org" <draft-ietf-6lo-ap-nd.all@ietf.org>, "6lo@ietf.org" <6lo@ietf.org>
Thread-Topic: [6lo] Secdir last call review of draft-ietf-6lo-ap-nd-12
Thread-Index: AQHVwk+geWGCc+mHh0O5f6aJXz2JJKfdb9Dw
Date: Mon, 06 Jan 2020 10:26:28 +0000
Deferred-Delivery: Mon, 6 Jan 2020 10:25:32 +0000
Message-ID: <MN2PR11MB35653391C698E44CF1AC347ED83C0@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <157806749349.9008.754513854275764571@ietfa.amsl.com>
In-Reply-To: <157806749349.9008.754513854275764571@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:c0c0:1007::25a]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 542c2970-1665-425d-f18d-08d79292f563
x-ms-traffictypediagnostic: MN2PR11MB3838:
x-microsoft-antispam-prvs: <MN2PR11MB3838E57B02AF033F01562FDFD83C0@MN2PR11MB3838.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 0274272F87
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(366004)(376002)(346002)(396003)(39860400002)(199004)(189003)(5660300002)(86362001)(52536014)(33656002)(66556008)(66446008)(64756008)(66476007)(55016002)(2906002)(7696005)(9686003)(8936002)(66946007)(76116006)(6506007)(71200400001)(81156014)(478600001)(6666004)(8676002)(110136005)(316002)(54906003)(4326008)(81166006)(4744005)(186003); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3838; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: s54jIcBcAi2RjTDxOKVcFyrRSclp5KtLdpOqI16+LoHo9+zsK8NZ0iFcmVfqD3vqbbdz7vAAdMqmo24EfWlKMzHG6C6k8SfPniCD46BqmWfdGat0vksYiNM02mQdAz8t+c8tc6KFMmXkppkflQHcbYt5Wj+wa5/Va1+HRP7YprQlerwPGQjuLHi7GpXdvwvgWaiAzUbMQBHp+4xXXiLvgjA2IZ2ItnjbCf+S0voxhgIaHED78qMZDlJZmVTyy+8QPJspclWSzpFBJB/SPulUsUifg+QoF6tx0b3aqAcC7e6CpIz649/iAM1gwKGiOHaBVjPCDY6PDcgamo/FoHoSHhU12U4/nPeqIKRp82xg+fnxq5L6ExaSkNP/o+gX2kd76jJfItJ9Yyk/ZZbtFXUw5XuaSCsBQEUMJPyNtN1YP7YCILmo7Ka/uWflk052No7I
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 542c2970-1665-425d-f18d-08d79292f563
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jan 2020 10:26:57.4173 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: G5MC9/IgMKCCOSIPkIxeJbtAr0Znlr/gm4XVsRDMt4C0sMb3WUCgi6mDNTE8jTkFz/CkmQ57ejW1sbMy9LsQUw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3838
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.20, xch-rcd-010.cisco.com
X-Outbound-Node: alln-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/cn9QKrSXNE_j8i3vSDns06HgOgU>
Subject: Re: [secdir] [6lo] Secdir last call review of draft-ietf-6lo-ap-nd-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jan 2020 10:27:03 -0000
Hello Adam Many thanks for your review 😊 Please see below: > 1. In the first exchange with a 6LR: "When a 6LR receives a NS(EARO) > registration with a new Crypto-ID as a ROVR, it SHOULD challenge by > responding with a NA(EARO) with a status of "Validation Requested"". Under > what circumstances would a challenge not be warranted? In other words, could > this SHOULD be a MUST? Yes I guess it is a MUST, unless the registration is rejected for another reason, e.g., the overflow below. Unless someone posts against it I'll make the change with the next revision. > 2. The following sentence in 7.1 reads, "The 6LR must protect itself against > overflows and reject excessive registration with a status 2 "Neighbor Cache > Full"". Does that need to be a MUST instead of a must? Yes, I suppose so. I'll make that change too. Many thanks again Adam! Pascal
- [secdir] Secdir last call review of draft-ietf-6l… Adam Montville via Datatracker
- Re: [secdir] [6lo] Secdir last call review of dra… Pascal Thubert (pthubert)