Re: [secdir] Secdir last call review of draft-ietf-bess-evpn-prefix-advertisement-10
"Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com> Fri, 18 May 2018 19:30 UTC
Return-Path: <jorge.rabadan@nokia.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45B1B12E056; Fri, 18 May 2018 12:30:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j8mD9u5MBLEK; Fri, 18 May 2018 12:30:50 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0112.outbound.protection.outlook.com [104.47.1.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7B2E12DA25; Fri, 18 May 2018 12:30:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IHod2xLk+xRs79+69H8dXuYKqYy3ZmBViYnDggA8+Oc=; b=hMDdPMGAe9CFS/Ims3y4zI5npweNoQjROnfJmN9cyFd0SGI86xfDulRNdiOLesHTMgLOoxz75uyVaWSOidRlRZ+i0Z9jRcExBVKtqpIyuESbrU6eBsXlG6DR3jAKKbAu5/xPdRj7muZJyaY8YY/dTjWIqMvg+spj4/vqtPK/LHY=
Received: from AM0PR07MB3844.eurprd07.prod.outlook.com (52.134.82.20) by AM0PR07MB3924.eurprd07.prod.outlook.com (52.134.82.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.797.5; Fri, 18 May 2018 19:30:41 +0000
Received: from AM0PR07MB3844.eurprd07.prod.outlook.com ([fe80::94aa:e7c1:4d51:f39c]) by AM0PR07MB3844.eurprd07.prod.outlook.com ([fe80::94aa:e7c1:4d51:f39c%2]) with mapi id 15.20.0797.005; Fri, 18 May 2018 19:30:41 +0000
From: "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com>
To: Barry Leiba <barryleiba@computer.org>, "secdir@ietf.org" <secdir@ietf.org>
CC: "draft-ietf-bess-evpn-prefix-advertisement.all@ietf.org" <draft-ietf-bess-evpn-prefix-advertisement.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: Secdir last call review of draft-ietf-bess-evpn-prefix-advertisement-10
Thread-Index: AQHT468OieSeFC4FkUqCsk23oE6256Q2FeCA
Date: Fri, 18 May 2018 19:24:37 +0000
Message-ID: <96403E6F-5B94-4BBE-8E22-0077765F646A@nokia.com>
References: <152544190809.11693.11790094151278701234@ietfa.amsl.com>
In-Reply-To: <152544190809.11693.11790094151278701234@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.d.0.180513
x-originating-ip: [135.245.20.28]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM0PR07MB3924; 7:crKvxN5wfZAeBFuOJm4Q/PK+SSAGFcAGXf3cVtxZkCOaN1wAN1K6kZ8tTDKi/kWP+08EmUke4qgfdZsFkA/0HoH1ctxV94mcGGjyUvdEYAm9dPo4Zt6txuRLCaA8AvPWDwL26ibh9TYMFPnycWo/Wls/DjoXUxJ0RjAKhOzLGmtD0cle9pmuG8RXRmeD5OLfS2Y+PJysuboIAaF2Qj5IKGAuBdJjHX/Dx5tF00y72b5SpxOMKF1JPw+MVd2MFOSu
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:(109105607167333); BCL:0; PCL:0; RULEID:(7020095)(4652020)(8989080)(5600026)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(8990040)(2017052603328)(7193020); SRVR:AM0PR07MB3924;
x-ms-traffictypediagnostic: AM0PR07MB3924:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=jorge.rabadan@nokia.com;
x-microsoft-antispam-prvs: <AM0PR07MB392442DE952AE9A30148C2A9F7900@AM0PR07MB3924.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(138986009662008)(82608151540597)(85827821059158)(109105607167333)(95692535739014)(18271650672692)(97927398514766);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(3002001)(10201501046)(3231254)(11241501184)(806099)(944501410)(52105095)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123560045)(20161123564045)(20161123558120)(6072148)(201708071742011)(7699016); SRVR:AM0PR07MB3924; BCL:0; PCL:0; RULEID:; SRVR:AM0PR07MB3924;
x-forefront-prvs: 0676F530A9
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(376002)(346002)(39860400002)(366004)(39380400002)(189003)(199004)(18374002)(13464003)(26005)(3280700002)(3660700001)(82746002)(186003)(68736007)(86362001)(66066001)(36756003)(446003)(6486002)(229853002)(97736004)(76176011)(478600001)(6506007)(53546011)(102836004)(3846002)(2906002)(6116002)(25786009)(6246003)(14454004)(4326008)(83716003)(54906003)(110136005)(58126008)(316002)(99286004)(106356001)(5890100001)(2501003)(5250100002)(105586002)(6436002)(305945005)(33656002)(8676002)(81156014)(81166006)(8936002)(6512007)(7736002)(53936002)(11346002)(486006)(5660300001)(6666003)(476003)(2616005)(2900100001); DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR07MB3924; H:AM0PR07MB3844.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: nokia.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: ZLmHu2enz1tN+8DASYjTtQeVehBFlPq/rblgUGf0fmpUMZ26bUydTaQJ+KlipzO4EUqCuXDvQ+bGAZRGZ4e4maLnTAtaVpKKbY/u5SNj9lOCzzmsSeaG3BuIFUN+QrYVNbF0Cq2oNjkTZs9J1w83LUM4j6vENycKJuZDrUCzrOgvWx1Svv6nLrKmlVgUVsyxLAQ5JiaGIK2WQoX+1BWzmXHv03vn7P/9zLF9VLP1sGyOwEnAfUOUi0V5F+MU3W1F
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <9BAD6917DC8EDC488A6E81959F1AAB12@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: f578f84b-9a47-4a73-f28a-08d5bcf5d7d6
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f578f84b-9a47-4a73-f28a-08d5bcf5d7d6
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 May 2018 19:30:41.6180 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB3924
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/zh_cVYz9XMS-SA9dCPjseQ1PUuY>
Subject: Re: [secdir] Secdir last call review of draft-ietf-bess-evpn-prefix-advertisement-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 May 2018 19:30:59 -0000
Hi Barry, Thank you very much for reviewing. I addressed all your comments, see below. Thanks a bunch! Jorge -----Original Message----- From: Barry Leiba <barryleiba@computer.org> Date: Friday, May 4, 2018 at 3:51 PM To: "secdir@ietf.org" <secdir@ietf.org> Cc: "draft-ietf-bess-evpn-prefix-advertisement.all@ietf.org" <draft-ietf-bess-evpn-prefix-advertisement.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "bess@ietf.org" <bess@ietf.org> Subject: Secdir last call review of draft-ietf-bess-evpn-prefix-advertisement-10 Resent-From: <alias-bounces@ietf.org> Resent-To: <jorge.rabadan@nokia.com>, <wim.henderickx@nokia.com>, <jdrake@juniper.net>, <wlin@juniper.net>, <sajassi@cisco.com>, <matthew.bocci@nokia.com>, <stephane.litkowski@orange.com>, <martin.vigoureux@nokia.com>, <db3546@att.com>, <aretana.ietf@gmail.com>, Zhaohui Zhang <zzhang@juniper.net>, <zzhang@juniper.net> Resent-Date: Friday, May 4, 2018 at 3:51 PM Reviewer: Barry Leiba Review result: Has Issues The "issues" I call out below are minor, and if the working group thinks they aren't worth dealing with, I'll not be offended nor lose any sleep. — Section 1 — I’m sure that all these terms are defined in the normative references, and ’tis a small thing, but it would sure help a non-expert reader if this list of terms included, for each term, a citation to the RFC that defines it. I hope you’ll consider adding that; thanks. [JORGE] I added a few references. Hope it's better now. [Follow-up; I finally found “Tenant System” defined in RFC 7365, which is not in your references at all. Please don’t make your readers work that hard, and please consider beefing up the references and citations to definitions.] [JORGE] added now. — Section 2.1 — If the term Tenant System (TS) is used to designate a physical or virtual system identified by MAC and maybe IP addresses, and connected to a BD by an Attachment Circuit, the following considerations apply: I find the wording “if the term Tenant System is used” to be odd. Are you really saying (maybe you are) that the application of the considerations depends on whether or not we *call* it a Tenant System? Or whether or not it *is* a Tenant System? From the definition I found for “Tenant System” I can see that maybe this can go either way. But if we’re talking about the latter, I’d use wording more like, “The following considerations apply to Tenant Systems (TS) that are physical or virtual systems identified by MAC and maybe IP addresses and connected to BDs by Attachment Circuits:” (cast as plural, because the considerations use plurals). [JORGE] I took your suggestion, thx — Section 3.1 — I initially couldn’t figure out, as I was reading this, how you’d know whether you’re dealing with v4 or v6 addresses, and, therefore, how to interpret the lengths of the IP Prefix and GW IP Address fields. I finally got to it seven bullets down, where you say, “The total route length will indicate the type of prefix”. Maybe someone already expert in this would find this OK, but to me it was too much work to sort it out, when I think it could be made clearer like this: NEW An IP Prefix Route Type for IPv4 has the Length field set to 34 and consists of the following fields: +---------------------------------------+ | RD (8 octets) | +---------------------------------------+ |Ethernet Segment Identifier (10 octets)| +---------------------------------------+ | Ethernet Tag ID (4 octets) | +---------------------------------------+ | IP Prefix Length (1 octet, 0 to 32) | +---------------------------------------+ | IP Prefix (4 octets) | +---------------------------------------+ | GW IP Address (4 octets) | +---------------------------------------+ | MPLS Label (3 octets) | +---------------------------------------+ An IP Prefix Route Type for IPv6 has the Length field set to 58 and consists of the following fields: +---------------------------------------+ | RD (8 octets) | +---------------------------------------+ |Ethernet Segment Identifier (10 octets)| +---------------------------------------+ | Ethernet Tag ID (4 octets) | +---------------------------------------+ | IP Prefix Length (1 octet, 0 to 128) | +---------------------------------------+ | IP Prefix (16 octets) | +---------------------------------------+ | GW IP Address (16 octets) | +---------------------------------------+ | MPLS Label (3 octets) | +---------------------------------------+ The total route length will indicate the type of IP Prefix (34 for IPv4 or 58 for IPv6) and the type of GW IP Address. The IP Prefix and GW IP Address are always both IPv4 or both IPv6; mixing the two is not allowed. […and then follow with the explanations of the fields…] END Do you agree that that makes things clearer? [JORGE] ok, done — Section 3.2 — o If either the ESI or GW IP are non-zero, then one of them is the Overlay Index, regardless of whether the Router's MAC Extended Community is present or the value of the Label. Should that say “then the non-zero one is the Overlay Index”? [JORGE] ok, good point, done
- [secdir] Secdir last call review of draft-ietf-be… Barry Leiba
- Re: [secdir] Secdir last call review of draft-iet… Rabadan, Jorge (Nokia - US/Mountain View)
- Re: [secdir] Secdir last call review of draft-iet… Barry Leiba