Re: [sfc] John Scudder's No Objection on draft-ietf-sfc-nsh-integrity-06: (with COMMENT)
mohamed.boucadair@orange.com Thu, 15 July 2021 05:13 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 986D73A1C37; Wed, 14 Jul 2021 22:13:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rB143_gqfhxQ; Wed, 14 Jul 2021 22:13:21 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.66.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B0413A138E; Wed, 14 Jul 2021 22:13:20 -0700 (PDT)
Received: from opfedar06.francetelecom.fr (unknown [xx.xx.xx.8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by opfedar25.francetelecom.fr (ESMTP service) with ESMTPS id 4GQMvy6CNbz8tKx; Thu, 15 Jul 2021 07:13:18 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1626325998; bh=Pnnft0nblghT9uU2U6dYTKOLJQBnuu9K+mLaFSmQmq8=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=IFcfQFmIbbhv4iptyq6joLSLHiB+3athXPao8mTOlpLtXX9CQp/I/744ttUWw9aoG agjlG2DDlHLKsI9vGGOPdwnESk9A9QV1QKFTeAv4V4amHV8LnjsZihsNurZiP+3ggU OPL9j3l5PALH2DxPBG8nJNMrB8gECAMW/WLvhOTxQwN8QYZ9ODHY27LZxf/ul71EQi easoLKtXSoAzEHJfpkTc1EbSMYj8VzCun8HIJL8t15iRzzDqELCvtV4RfPY94DThnx 1P+28be4OUjOZo48ycMnqJX2ngaKRkLsvoByznCou+IcL0tHvg5o1uhy5mQmo5Eojd mgKa1lJQOd4EA==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by opfedar06.francetelecom.fr (ESMTP service) with ESMTPS id 4GQMvt5dZQz3wbN; Thu, 15 Jul 2021 07:13:14 +0200 (CEST)
From: mohamed.boucadair@orange.com
To: John Scudder <jgs@juniper.net>, The IESG <iesg@ietf.org>
CC: "gregimirsky@gmail.com" <gregimirsky@gmail.com>, "draft-ietf-sfc-nsh-integrity@ietf.org" <draft-ietf-sfc-nsh-integrity@ietf.org>, "sfc-chairs@ietf.org" <sfc-chairs@ietf.org>, "sfc@ietf.org" <sfc@ietf.org>
Thread-Topic: [sfc] John Scudder's No Objection on draft-ietf-sfc-nsh-integrity-06: (with COMMENT)
Thread-Index: AQHXeQY/zJsvbSZ7CkW+ihtKU84LsatDfEGw
Date: Thu, 15 Jul 2021 05:13:14 +0000
Message-ID: <32352_1626325998_60EFC3EE_32352_250_1_787AE7BB302AE849A7480A190F8B9330353BF458@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <162630455957.5451.359442420121368370@ietfa.amsl.com>
In-Reply-To: <162630455957.5451.359442420121368370@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/HyVUaRfV4pIDX4Ppl9nZ-oLra3U>
Subject: Re: [sfc] John Scudder's No Objection on draft-ietf-sfc-nsh-integrity-06: (with COMMENT)
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Jul 2021 05:13:26 -0000
Hi John, Thank you for the review. Please see inline. Cheers, Med > -----Message d'origine----- > De : sfc [mailto:sfc-bounces@ietf.org] De la part de John Scudder > via Datatracker > Envoyé : jeudi 15 juillet 2021 01:16 > À : The IESG <iesg@ietf.org> > Cc : gregimirsky@gmail.com; draft-ietf-sfc-nsh-integrity@ietf.org; > sfc-chairs@ietf.org; sfc@ietf.org > Objet : [sfc] John Scudder's No Objection on draft-ietf-sfc-nsh- > integrity-06: (with COMMENT) > > John Scudder has entered the following ballot position for > draft-ietf-sfc-nsh-integrity-06: No Objection > > When responding, please keep the subject line intact and reply to > all email addresses included in the To and CC lines. (Feel free to > cut this introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss- > criteria.html > for more information about DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh-integrity/ > > > > -------------------------------------------------------------------- > -- > COMMENT: > -------------------------------------------------------------------- > -- > > 1. Section 4.2 > > The authenticated encryption process takes as input four-octet > strings: a secret key (K), a plaintext (P), Additional > Authenticated > Data (A) (which contains the data to be authenticated, but not > encrypted), and an Initialization Vector (IV). The ciphertext > value > (E) and the Authentication Tag value (T) are provided as outputs. > > As written, this means that each of these quantities is a 32 bit > string, even P and A. I think you don’t mean that. If you mean each > quantity is a string of octets, then move the hyphen: “takes as > input four octet-strings“. (In the unlikely event you really do mean > each quantity is a string of four octets, then “… takes as input > four strings, each of four octets.”) > [Med] Good catch. Changed to "as input four octet strings:" > 2. Section 9 > > Regarding your use of the term “man-in-the-middle attacker”, you > might want to take into consideration that this language may be seen > as exclusionary by some readers, see also > https://www.ietf.org/about/groups/iesg/statements/on-inclusive- > language/. I’ve seen “on-path attacker“ used as a replacement in > some cases, but I understand there may be nuances that make this > inappropriate for some uses; it also appears you might just be able > to use “attacker” in your case. The RFC Editor may have further > guidance. [Med] Agree. Already fixed as part of Lars's review. > > 3. Section 9.1 > > You use “should“ in several places. As written, it isn’t clear if > you’re indicating expectation, or requirement. After reading the > whole section, I think you’re indicating requirement. This seems > like a good place for use of the RFC 2119 style SHOULD keyword. > > [Med] The normative language is not used because these are somehow covered by other normative text in the main document. See for example the statements about providing key materials to authorized entities and so on. > > _______________________________________________ > sfc mailing list > sfc@ietf.org > https://www.ietf.org/mailman/listinfo/sfc _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [sfc] John Scudder's No Objection on draft-ietf-s… John Scudder via Datatracker
- Re: [sfc] John Scudder's No Objection on draft-ie… mohamed.boucadair
- Re: [sfc] John Scudder's No Objection on draft-ie… John Scudder
- Re: [sfc] John Scudder's No Objection on draft-ie… mohamed.boucadair