[secdir] Repeat SecDir review: draft-ietf-dhc-topo-conf-09

Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 29 July 2016 15:32 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E656112D58C; Fri, 29 Jul 2016 08:32:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mqC1HiBhHGbD; Fri, 29 Jul 2016 08:32:44 -0700 (PDT)
Received: from mail-wm0-x232.google.com (mail-wm0-x232.google.com [IPv6:2a00:1450:400c:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89EA312B065; Fri, 29 Jul 2016 08:32:44 -0700 (PDT)
Received: by mail-wm0-x232.google.com with SMTP id i5so157390788wmg.0; Fri, 29 Jul 2016 08:32:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:subject:to:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=yfH8++JnNw/GBfe3fyqGoBXM8pgvunfHkGHTpCvfktk=; b=kSmnhERQVgPX1v8wj7JgNap9/PFjNbnam5WB95PfWe6rT0fLQNrdAN1PJ0iBVWv3bW YBLMnOtvC71Hac3leDf691YRrRhWbpX/duQ8tppsjMaNQVGsFg+mDsnZkIpPNtJ3R6+a dXZInQzfAbCCFLKC7giAltPFkyF6q8U5sYfza8yOM61G8nx3XkIqmhLy8CwvwRge5eTb TMUeOPW2QILic+tpwMANZSLxoo+UWD31qWm9Jfm3IEDuxia6B505H33G08zMgqT7/WMo qxQMClTD3NV1HYZv64yLnfQTKUtjhYri0BWUPRX/KmTxr4Oh+OZogY/IEYhTRS14W0k3 cAtg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:subject:to:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=yfH8++JnNw/GBfe3fyqGoBXM8pgvunfHkGHTpCvfktk=; b=W2Qk6p8R8BqVqNeGAw01tgtjhSawFVT4Cutb7i+YI5scq084u2nKAOm0z+tdEsfmSc TdhvFSYASam/UmDU7m0azTMNeEUaMU3ZCuwefgZxGt3+J5qVFIsEXfZ9PqQwOBsJwuFy IvnGVYDzKiic5tp/4G4ylCG/P4rYKHVPZHrhLiMUJANA0vr+XWcAuFPKkXtDZ/IRt2S9 dHvUKYsGbedOHVFYCp8e3kEwqPhMlH/uhGdUj14cniMYWxPckq4SLraqcDnEDmOjfdNj GEgWUgvKlGQsEkXrfW1z9ZBrbxWTwMIWa0fhtExnu1k3k+JwBQApWjU0ZXWDbgRLxK5B 5Fow==
X-Gm-Message-State: AEkoousuxMVBosbDFF3pjpVkpdSIma8RifLNjSVIKDg64V/bg12s5TmCZ+QUzHs5Saycig==
X-Received: by 10.28.171.214 with SMTP id u205mr25934691wme.97.1469806363038; Fri, 29 Jul 2016 08:32:43 -0700 (PDT)
Received: from [10.0.0.5] (bzq-109-65-68-224.red.bezeqint.net. [109.65.68.224]) by smtp.gmail.com with ESMTPSA id f187sm3559789wmf.15.2016.07.29.08.32.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 29 Jul 2016 08:32:41 -0700 (PDT)
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: IETF Security Directorate <secdir@ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-dhc-topo-conf.all@tools.ietf.org
Message-ID: <a3eb1ae2-c3f1-ccc2-a043-bef990a5cbfd@gmail.com>
Date: Fri, 29 Jul 2016 18:32:32 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/dJ5KWZ8CwtaH7VT35shRahfILuU>
Subject: [secdir] Repeat SecDir review: draft-ietf-dhc-topo-conf-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jul 2016 15:32:46 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors.  Document editors and WG chairs should treat these
comments just like any other last call comments.

This document describes current practices for configuring DHCP in
complex network scenarios, where the goal is to allow servers to
configure DHCP clients differently depending on the client's network
location.

Summary

The document is ready for publication.

Details

My previous SecDir review of -08 lamented the then short and essentially
useless Security Considerations section. This section has now been
significantly extended and as far as I can determine, is now at an
appropriate level for this draft.

I would like to thank the authors for addressing my comments!