IETF Logo Mail Archive

[sfc] John Scudder's No Objection on draft-ietf-sfc-nsh-integrity-06: (with COMMENT)

John Scudder via Datatracker <noreply@ietf.org> Wed, 14 July 2021 23:16 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: sfc@ietf.org
Delivered-To: sfc@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A1033A0C55; Wed, 14 Jul 2021 16:16:00 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: John Scudder via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-sfc-nsh-integrity@ietf.org, sfc-chairs@ietf.org, sfc@ietf.org, gregimirsky@gmail.com, gregimirsky@gmail.com
X-Test-IDTracker: no
X-IETF-IDTracker: 7.34.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: John Scudder <jgs@juniper.net>
Message-ID: <162630455957.5451.359442420121368370@ietfa.amsl.com>
Date: Wed, 14 Jul 2021 16:16:00 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/Xu8KSr4V_eaGjiXJzxTBxzho9RQ>
Subject: [sfc] John Scudder's No Objection on draft-ietf-sfc-nsh-integrity-06: (with COMMENT)
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jul 2021 23:16:00 -0000

John Scudder has entered the following ballot position for
draft-ietf-sfc-nsh-integrity-06: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh-integrity/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

1. Section 4.2

   The authenticated encryption process takes as input four-octet
   strings: a secret key (K), a plaintext (P), Additional Authenticated
   Data (A) (which contains the data to be authenticated, but not
   encrypted), and an Initialization Vector (IV).  The ciphertext value
   (E) and the Authentication Tag value (T) are provided as outputs.

As written, this means that each of these quantities is a 32 bit string, even P
and A. I think you don’t mean that. If you mean each quantity is a string of
octets, then move the hyphen: “takes as input four octet-strings“. (In the
unlikely event you really do mean each quantity is a string of four octets,
then “… takes as input four strings, each of four octets.”)

2. Section 9

Regarding your use of the term “man-in-the-middle attacker”, you might want to
take into consideration that this language may be seen as exclusionary by some
readers, see also
https://www.ietf.org/about/groups/iesg/statements/on-inclusive-language/. I’ve
seen “on-path attacker“ used as a replacement in some cases, but I understand
there may be nuances that make this inappropriate for some uses; it also
appears you might just be able to use “attacker” in your case. The RFC Editor
may have further guidance.

3. Section 9.1

You use “should“ in several places. As written, it isn’t clear if you’re
indicating expectation, or requirement. After reading the whole section, I
think you’re indicating requirement. This seems like a good place for use of
the RFC 2119 style SHOULD keyword.

v2.23.0 | Report a Bug | By Email