IETF Logo Mail Archive

[sfc] Zaheduzzaman Sarker's No Objection on draft-ietf-sfc-nsh-integrity-06: (with COMMENT)

Zaheduzzaman Sarker via Datatracker <noreply@ietf.org> Tue, 13 July 2021 10:36 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: sfc@ietf.org
Delivered-To: sfc@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B357D3A128F; Tue, 13 Jul 2021 03:36:53 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Zaheduzzaman Sarker via Datatracker <noreply@ietf.org>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-sfc-nsh-integrity@ietf.org, sfc-chairs@ietf.org, sfc@ietf.org, gregimirsky@gmail.com, gregimirsky@gmail.com
X-Test-IDTracker: no
X-IETF-IDTracker: 7.34.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Zaheduzzaman Sarker <Zaheduzzaman.Sarker@ericsson.com>
Message-ID: <162617261371.15907.6050785043086194503@ietfa.amsl.com>
Date: Tue, 13 Jul 2021 03:36:53 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/B3P9y-9BsD6cacwvq7-WCJhz5DU>
Subject: [sfc] Zaheduzzaman Sarker's No Objection on draft-ietf-sfc-nsh-integrity-06: (with COMMENT)
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jul 2021 10:36:54 -0000

Zaheduzzaman Sarker has entered the following ballot position for
draft-ietf-sfc-nsh-integrity-06: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh-integrity/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thanks for the efforts on this specification.

I have following non-blocking comments those I believe would improve the
document if addressed --

* I agree with Alvaro and Lars's comment about updating 8300. Would like to get
response(s) to their comments.

* I think it will be helpful to explicitly mention if integrity and
confidentiality by the transport encapsulation is needed or not when this
specification is in use. This specification definitely says that one does not
need to relay on the service provided by the transport encapsulation but it
does not says that those services are not longer required.

* Section 1 : says -
    "This specification fills that gap.  Concretely, this document adds
   integrity protection and optional encryption of sensitive metadata
   directly to the NSH (Section 4);"

  Does this specification extends the use of NSH in multiple SFC domain? My
  little understanding of NSH says it is SFC domain specific and within one SFC
  domain the devices a vetted to be trusted. I think it will be very helpful to
  add zest from the section 3.2.1. of I-D.arkko-farrell-arch-model-t here.

* Section 6 :

   The epoch is 1970-01-01T00:00Z in UTC time.  Note this epoch value
      is different from the one used in Section 6 of [RFC5905].

   It would be great if we can add the implications of the difference. Now I
   don't know what it means.

v2.8.7 | Report a Bug | By Email