[secdir] Secdir review of draft-ietf-i2rs-protocol-security-requirements
Radia Perlman <radiaperlman@gmail.com> Sun, 02 October 2016 04:12 UTC
Return-Path: <radiaperlman@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D81112B13D; Sat, 1 Oct 2016 21:12:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5-hNZlDtnn84; Sat, 1 Oct 2016 21:12:12 -0700 (PDT)
Received: from mail-oi0-x229.google.com (mail-oi0-x229.google.com [IPv6:2607:f8b0:4003:c06::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11B8412B01C; Sat, 1 Oct 2016 21:12:12 -0700 (PDT)
Received: by mail-oi0-x229.google.com with SMTP id r126so170011291oib.0; Sat, 01 Oct 2016 21:12:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=9Hw3ed+60X3r3P7mxNo5RbrpFE9uUU71L/ZO45MJLwU=; b=cEIt69jPqev1eqe4GnAe0Ck6KZmEbciAl/h6CheBbHNDOJE8jaMe/HU71vpx3kMvcg uDs2vYlxt7JAujH1TOFHu4rwyvZOz5DUy0Nq/DzteNhqMO3DZ386w6N/Mh15c85NrbPg ngmbltq9BXSXnuSWovpMAtgE6EuaMSJjhk5HuhwEftH3gvvCY4X5MbShea+24aiZq+0z 4oZZjP8oWCcVv0ReSOIEE+UVQEZ67X4l5kCamZTo5wkspBrBn3xl4yfotnjCFq30taNY JgijCYRwmrIyDy4mS/nmw9YauliPFrBkDXTY9lfc0w3Ythg6xBGYUmYoGzpB7O7TdoCF 4xhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=9Hw3ed+60X3r3P7mxNo5RbrpFE9uUU71L/ZO45MJLwU=; b=m24ED0b8CzQyZrV+xdmZp2UMCH2U00gqso3Xe5v/QR2haWSu6dcCQq/NNq19Jt5Sn9 5SpFdrCSFgGxHmKkgrHkdNuqj5BVOEMuyWDB9z572wEWpnVn7rtiTxqsQhJVCgMCqomw ZOCZJ2zDIwPfc4uTuTG+fj72MwxsbV/z2g9UfLmw7sS2bfnxleeDiC2c5T4MA24Kslpb yJ4VmaSsa/Ie6QPPP/SgVySLaPns4stdjAax8cMM+EFEpKI3vzbDh20U49amFoZZszTW mIqahQmksuAqnJPw3d6ROKdJgboIjN3MFeZKxRR3u89V9gg0yXjHQ5QHN/1wIPPZjMq0 1Uow==
X-Gm-Message-State: AA6/9Rnqpmm5VqIexEdy8aB4KMa0UltIlSull05PHmn9LFG59qUovkyD6gXzT/MxRX/B70rsNqqUHxpK5VizZw==
X-Received: by 10.157.21.76 with SMTP id z12mr10130024otz.240.1475381531436; Sat, 01 Oct 2016 21:12:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.182.120.201 with HTTP; Sat, 1 Oct 2016 21:12:10 -0700 (PDT)
From: Radia Perlman <radiaperlman@gmail.com>
Date: Sat, 01 Oct 2016 21:12:10 -0700
Message-ID: <CAFOuuo49L5=orrtOJ7CDTNMe7s+zm++dLNZYCrfBeL4NeyBFJw@mail.gmail.com>
To: "secdir@ietf.org" <secdir@ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-i2rs-protocol-security-requirements.all@tools.ietf.org
Content-Type: multipart/alternative; boundary="94eb2c1907aa16ed0f053dda08c3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/gqHnKGgMl9e8GOalp2YSLQtmcdk>
Subject: [secdir] Secdir review of draft-ietf-i2rs-protocol-security-requirements
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Oct 2016 04:12:13 -0000
On Thu, Sep 15, 2016 at 6:43 AM, Radia Perlman <radiaperlman@gmail.com> wrote: I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. I previously reviewed version 6 and 10, and all my comments are addressed in this version (17). The secdir assignment was for version 14, but the latest version seems to be 17, so that is the one that I reviewed. Nothing substantive, certainly no security issues, and it's ready for publication. I do have a few super-minor typos in this version (17) Apologies for the weird formatting of my comments below. Perhaps it's gmail, that when I cut-and-paste from the document, makes weird boxes, so please ignore the boxes. If gmail is just putting boxes in while I type in my comments, just to annoy me, and they don't appear in the sent email, then ignore the non-boxes I'm complaining about. Anyway, here are my comments: There seems to be a cut-and-paste error here: "The optional insecure transport can only be used restricted set of publically data available (events or information)" Perhaps it should be "The optional insecure transport can only be used when accessing publically available data (events or information)". Not exactly sure what you'd like it to be...but there does seem to be at least a missing word in the text from the document. ----- And as long as I'm noticing extremely minor editorial things during reread: "The first application is a weekly configuration application that uses the I2RS protocol to change configurations. The second application is an application that allows operators to makes emergency changes to routers in the network" In the first sentence I'd probably say "periodic" instead of "weekly". The second sentence should be "to make" instead of "to makes" ----------- Another super-minor typo "A variety of forms of managemen" is missing the letter "t" in "management" Radia
- [secdir] Secdir review of draft-ietf-i2rs-protoco… Radia Perlman
- Re: [secdir] Secdir review of draft-ietf-i2rs-pro… Susan Hares