Re: [secdir] Secdir last call review of draft-ietf-rtgwg-net2cloud-problem-statement-36
Deb Cooley <debcooley1@gmail.com> Sat, 13 April 2024 13:30 UTC
Return-Path: <debcooley1@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F28B8C14F686; Sat, 13 Apr 2024 06:30:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.845
X-Spam-Level:
X-Spam-Status: No, score=-1.845 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rMe4bOW7i-2U; Sat, 13 Apr 2024 06:30:50 -0700 (PDT)
Received: from mail-il1-x134.google.com (mail-il1-x134.google.com [IPv6:2607:f8b0:4864:20::134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1233EC14F60E; Sat, 13 Apr 2024 06:30:50 -0700 (PDT)
Received: by mail-il1-x134.google.com with SMTP id e9e14a558f8ab-36a205e0f16so7095165ab.1; Sat, 13 Apr 2024 06:30:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1713015049; x=1713619849; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=lbnbhVupIYm+lspEF1FyQ9oGvz+WH47sCJ3QbuQGG4Q=; b=eTEy9CMElFvAJ1qcHmwUqzIlvX21xX+sF5Ma7Kdt1Qljp7m3WHW+Ac/1Ws9W+v7jbI hEWYRwuDk2bvA21QgAr8qhAMTFnKdTTu2Qpp57HoJYQ89jsvt7MUIG8NKzUKPChlnMEi j1yOscBAMhJTU9eaWvBwbUOmqTq9Dg4sDPv6SNpA5e6LG30HiEVZdpAvQS23u310aBfu f1xrzJtJjIRoEBLNqDrIz+caw+6vGYDS722SFkmByKt7jZna83YAFk9PqpYfXJFq2AyF N0j5NgEy8WwrQH2ySaWXtpnNjBGMZ+TivbGcMUo2SM7Kn/W8qbkpPtod/5/VFJRGXhIC sRLw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713015049; x=1713619849; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=lbnbhVupIYm+lspEF1FyQ9oGvz+WH47sCJ3QbuQGG4Q=; b=RQFQuWGoAhQHI9B5UZraILCFEMr0oK5HvonwTwCxKXEb3GT2aG7SSTCjRDisAISCXW CXEjQsmdrVz+178c2yjTdK81tLUxN3n3dTE0MnDVzRgEGuHGFZxZVlAU8L8UzHT9C5K5 75aTTHHNaAutO9J76QnndWZY3Iq6fe3SADnm+yiyFwSfsLsODUNQ8JnMdKgPXWCrTLKR Wwz0evVVk2aw9MFSRX1RvHErNYyh86dGx2yXO+QM7DJiVZCJuu/hJnhMXyBYCNq4L7pn 4oaul7s1aqxJEJNxg9FG2hiAWY5XmXZq/5Uoxlg9Qb7kS8Jiz2FAH5+bwVOFYtaiqtDl sldQ==
X-Forwarded-Encrypted: i=1; AJvYcCVMXLGDxiiqUfZG+UdorGB463dMbcj24t1EJQskxRhollHJj8b4Xe/4vNgzcULGIEeRUA1UBJ2UtrXElZERDHf7jdZ5b84ogqvJerXgE/bSWK5ANO8nljiF0Y0IhEPu702Shm6eGE8u78vtsEJVkVqgK7uzWk4JA0JD
X-Gm-Message-State: AOJu0YyN7pHBHzFTPOlHhu3khrCdir+7yWMFpeFQ3LE74kiogr1kZRWb 7FDIlgkwu0O2g9oDPp1H20eyOYX1fsCJVEPew6bJTUTF2JlcmoiyRmitqhqSiH371ZVdMfyOVJ1 ZOuIl6JeN53sUllSkBEpxvut5sn5u
X-Google-Smtp-Source: AGHT+IE6MEl3MabRm2+ufZY0m3P+hScX9KL+4wBaHfDgy0Uc662LAW5hbuxi7FK3wzpo027dq/iXRSHeSzU/ywd9zR8=
X-Received: by 2002:a92:c244:0:b0:368:bf64:24a4 with SMTP id k4-20020a92c244000000b00368bf6424a4mr7108413ilo.5.1713015049175; Sat, 13 Apr 2024 06:30:49 -0700 (PDT)
MIME-Version: 1.0
References: <170929516566.22050.4912794500698236384@ietfa.amsl.com> <CO1PR13MB49202C23241E301DB62DEE9085222@CO1PR13MB4920.namprd13.prod.outlook.com> <CAGgd1Of_3KuOpg4G9Pf0N4Qm-g+a0ymrVUV36Q0RY93gc-9Tfg@mail.gmail.com> <CAGgd1Oev+UPzLCpf+m+sKUt55KoDXX89gxfhdzqi057Avr51sA@mail.gmail.com> <PH0PR13MB4922280EFDD4CAAB0E2299D285062@PH0PR13MB4922.namprd13.prod.outlook.com> <CAGgd1OdDSS6VpEpikOKyxfm+w7f5r6=0Y=C_6eDj_pW7CCmz9g@mail.gmail.com> <PH0PR13MB4922BB9844C5D95E5001B14A85052@PH0PR13MB4922.namprd13.prod.outlook.com> <CAGgd1OdRaM=pLa4Bho=UkaH9tvjmo5RbPQK8kYGgkQVHdroZCA@mail.gmail.com> <CO1PR13MB49205D20604FA9898B09B00285042@CO1PR13MB4920.namprd13.prod.outlook.com>
In-Reply-To: <CO1PR13MB49205D20604FA9898B09B00285042@CO1PR13MB4920.namprd13.prod.outlook.com>
From: Deb Cooley <debcooley1@gmail.com>
Date: Sat, 13 Apr 2024 09:30:26 -0400
Message-ID: <CAGgd1OdmJ-LFW4nKJAFXyu5SzviBN7Wb7Ac_NR=m+cMJPriMiA@mail.gmail.com>
To: Linda Dunbar <linda.dunbar@futurewei.com>
Cc: "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org" <draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000804c440615fa6524"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/fngZ4XT5Ln-_si8GYEAPpUYyMRM>
Subject: Re: [secdir] Secdir last call review of draft-ietf-rtgwg-net2cloud-problem-statement-36
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Apr 2024 13:30:54 -0000
That would be fine. Deb On Fri, Apr 12, 2024 at 10:09 AM Linda Dunbar <linda.dunbar@futurewei.com> wrote: > Deb, > > > > Thank you for catching the typo. > > > > Would the following sentence of Section 7 address your comment? > > > > *“A full security evaluation will be needed before [MULTI-SEG-SDWAN] and > [SDWAN-EDGE-DISCOVERY] can be recommended as a solution to some problems > described in this document.”* > > > > We are in the process of revising the SDWAN-EDGE-DISCOVERY draft based on > the IETF119 discussion. Will update later this month. > > Linda > > > > *From:* Deb Cooley <debcooley1@gmail.com> > *Sent:* Thursday, April 11, 2024 5:45 PM > *To:* Linda Dunbar <linda.dunbar@futurewei.com> > *Cc:* secdir@ietf.org; > draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org; rtgwg@ietf.org > *Subject:* Re: Secdir last call review of > draft-ietf-rtgwg-net2cloud-problem-statement-36 > > > > Remaining comment and one nit: > > > > Section 5.1, paragraph 3: The draft referenced here is expired and the > security of the methods would have to be reviewed. (that is listed in > Section 7) > > > The expired draft has been replaced with another draft. The security of > the methods would have to be reviewed. Please list that in Section 7. > > > > Section 7, second to last bullet: typo: There is a single quotation mark > at the end of the paragraph. > > > > Deb > > > > > > On Thu, Apr 11, 2024 at 6:08 PM Linda Dunbar <linda.dunbar@futurewei.com> > wrote: > > Deb, > > > > Thank you. The -38 has been uploaded. > > > https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem-statement/ > > > > Linda > > > > *From:* Deb Cooley <debcooley1@gmail.com> > *Sent:* Thursday, April 11, 2024 5:53 AM > *To:* Linda Dunbar <linda.dunbar@futurewei.com> > *Cc:* secdir@ietf.org; > draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org; rtgwg@ietf.org > *Subject:* Re: Secdir last call review of > draft-ietf-rtgwg-net2cloud-problem-statement-36 > > > > perfect, I'll take a look at -38 when it gets published. > > > > Deb > > > > On Wed, Apr 10, 2024 at 10:58 AM Linda Dunbar <linda.dunbar@futurewei.com> > wrote: > > Deb, > > > > Thank you very much for the additional comments and the suggested wording. > > They are reflected in the revision -38. > > > > Linda > > > > -----Original Message----- > From: Deb Cooley <debcooley1@gmail.com> > Sent: Monday, March 18, 2024 8:24 AM > To: Linda Dunbar <linda.dunbar@futurewei.com> > Cc: secdir@ietf.org; > draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org; rtgwg@ietf.org > Subject: Re: Secdir last call review of > draft-ietf-rtgwg-net2cloud-problem-statement-36 > > > > Here is my review update for > > draft-ietf-rtgwg-net2cloud-problem-statement-37: > > > > I will update my review in the datatracker. > > > > original comments (in black), updates (in blue) > > > > 1. Section 5.1, paragraph 2: Certainly the principles and assumptions of > RFC 4535* would apply to any group key management situation (note the word > change from 'group encryption' to 'group key management'). The specific > protocol addressed by that RFC isn't being used here (even though they > mention ISAKMP). How about something like this: > > > > "The group key management protocol documented in [RFC4535] outlines the > relevant security risks for any group key management system in Section 3 > (Security Considerations). While this particular protocol isn't being > suggested, the drawbacks and risks of group key management are still > relevant." > > > > done. > > [Linda] Thank you for the suggestion. They are changed in -38. > > > > 2. Section 5.1, paragraph 3: The draft referenced here is expired and > the security of the methods would have to be reviewed. (that is listed in > Section 7) > > > > The expired draft has been replaced with another draft. The security of > the methods would have to be reviewed. Please list that in Section 7. > > [Linda] The referenced draft has been uploaded. > > > > 3. Section 5.2: The draft referenced in this section is (currently) an > individual draft, and again the security of the methods would have to be > reviewed. (I see that WG adoption has been requested, and the draft is > listed in Section 7). > > > > This is just a note to the WG - no action required as long as the WG > agrees. > > [Linda] the WG chair said they will start the WG adoption soon. > > > >
- [secdir] Secdir last call review of draft-ietf-rt… Deb Cooley via Datatracker
- Re: [secdir] Secdir last call review of draft-iet… Linda Dunbar
- Re: [secdir] Secdir last call review of draft-iet… Deb Cooley
- Re: [secdir] Secdir last call review of draft-iet… Deb Cooley
- Re: [secdir] Secdir last call review of draft-iet… Linda Dunbar
- Re: [secdir] Secdir last call review of draft-iet… Deb Cooley
- Re: [secdir] Secdir last call review of draft-iet… Linda Dunbar
- Re: [secdir] Secdir last call review of draft-iet… Deb Cooley
- Re: [secdir] Secdir last call review of draft-iet… Linda Dunbar
- Re: [secdir] Secdir last call review of draft-iet… Deb Cooley
- Re: [secdir] Secdir last call review of draft-iet… Linda Dunbar