Re: [secdir] Secdir review of draft-ietf-ippm-owamp-registry-03

"MORTON, ALFRED C (AL)" <> Thu, 17 September 2015 14:02 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 30A591A0015; Thu, 17 Sep 2015 07:02:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id VET4-lxMYEur; Thu, 17 Sep 2015 07:02:53 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 9C5D21A00B9; Thu, 17 Sep 2015 07:02:50 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id CC28D1229CD; Thu, 17 Sep 2015 10:28:53 -0400 (EDT)
Received: from ( []) by (Postfix) with ESMTP id 91E99E101C; Thu, 17 Sep 2015 10:01:14 -0400 (EDT)
Received: from ([fe80::108a:1006:9f54:fd90]) by ([fe80::108a:1006:9f54:fd90%25]) with mapi; Thu, 17 Sep 2015 10:02:50 -0400
From: "MORTON, ALFRED C (AL)" <>
To: Alan DeKok <>, "" <>
Date: Thu, 17 Sep 2015 10:02:49 -0400
Thread-Topic: Secdir review of draft-ietf-ippm-owamp-registry-03
Thread-Index: AdDwr+ejrlXABYCpRsygInVxFp7LpAAn3HQw
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Cc: "" <>, "" <>, "" <>, "" <>
Subject: Re: [secdir] Secdir review of draft-ietf-ippm-owamp-registry-03
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 17 Sep 2015 14:02:55 -0000

Hi Alan,
thanks for your review, please see replies below.
FWIW - I had to look-up the details.

> -----Original Message-----
> From: Alan DeKok []
> Sent: Wednesday, September 16, 2015 2:03 PM
> To:
> Cc:
> Subject: Secdir review of draft-ietf-ippm-owamp-registry-03
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the IESG.
> These comments were written primarily for the benefit of the security
> area directors.  Document editors and WG chairs should treat these
> comments just like any other last call comments.
>   This document requests IANA allocation of registries for OWAMP.   As
> such, it has minimal security impact.
>   One practical note is the request to assign an "Experimentation"
> OWAMP-Control Command Number.  Experience shows that such numbers are
> either never used, or used as experiments... which then get widely
> deployed before standards action catches up to practical needs.

I understand how this might happen, but IETF already has a 
BCP that covers this topic:

>   It may be good to add some discussion as to *how* experiments are
> done, and how experiments can transition from the "Experimentation"
> number to a standard number.

IMO, BCP82 covers this aspect adequately. 

>   One suggestion would be to change the label from "Experimentation" to
> "Site-Local".  That would still allow sites to experiment with OWAMP-
> Control commands, but would make it clearer that such experimentation is
> only for the local site, and MUST NOT be used in a  wider context.

Site-local is not a valid registry assignment, see:
Also, I would expect that an Internet performance characterization
protocol will be deployed on the Internet when using an experimental command
to conduct experiments, so not Site-Local.

Note that the existing reference to RFC5226 makes a clear reference to
BCP 82 in section 4.