Re: [sidr] Ben Campbell's No Objection on draft-ietf-sidr-slurm-07: (with COMMENT)
Di Ma <madi@zdns.cn> Fri, 06 April 2018 14:29 UTC
Return-Path: <madi@zdns.cn>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE70A1270AC for <sidr@ietfa.amsl.com>; Fri, 6 Apr 2018 07:29:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zNrcorHKozQd for <sidr@ietfa.amsl.com>; Fri, 6 Apr 2018 07:29:53 -0700 (PDT)
Received: from smtpbgau2.qq.com (smtpbgau2.qq.com [54.206.34.216]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 277E21201FA for <sidr@ietf.org>; Fri, 6 Apr 2018 07:29:52 -0700 (PDT)
X-QQ-mid: bizesmtp3t1523024985tvkpi2n95
Received: from [192.168.3.3] (unknown [118.247.2.33]) by esmtp4.qq.com (ESMTP) with id ; Fri, 06 Apr 2018 22:29:44 +0800 (CST)
X-QQ-SSF: 00400000002000F0FH40B00A0000000
X-QQ-FEAT: Q4mUGnBphwP5vxxIvtVyWDRIkVc5kGzHc4w6SXX6eMc7HKXpiOq6oxe6GUh82 S6gVPILIa4kxXjS8Du9vKvIImlhHAIr4ZD4LA764yjU7lpoCuugJFmBJ3/Rw7v43I2K0BYt YcWOSCRB/lZlL+W5707RdUlgGHVrMuIVSkw7/pTfwmwFRcpeez470wFm6ZNOmoOH61Fxz6Z jmzmf7s/3C7LZNmSXHViLk4Nm3jc0faZkn7qooKco9eRzuFelrPy2T1TnTb8vC8yK0MLtuz Y4iqBpfhxu+tN9nLZ+mIaLJCzIcd+ZBR7o8obARywCGWBWCis7OZOtmfw=
X-QQ-GoodBg: 2
Content-Type: text/plain; charset="gb2312"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Di Ma <madi@zdns.cn>
In-Reply-To: <152278460436.22775.8518027666585390285.idtracker@ietfa.amsl.com>
Date: Fri, 06 Apr 2018 22:29:44 +0800
Cc: The IESG <iesg@ietf.org>, morrowc@ops-netman.net, draft-ietf-sidr-slurm@ietf.org, sidr@ietf.org, sidr-chairs@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <4339A019-F124-4B01-8554-88A8C085A430@zdns.cn>
References: <152278460436.22775.8518027666585390285.idtracker@ietfa.amsl.com>
To: Ben Campbell <ben@nostrum.com>
X-Mailer: Apple Mail (2.3445.5.20)
X-QQ-SENDSIZE: 520
Feedback-ID: bizesmtp:zdns.cn:qybgforeign:qybgforeign4
X-QQ-Bgrelay: 1
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/fZX2Y6xRVbDgLDfT37ZWeN8r9n4>
Subject: Re: [sidr] Ben Campbell's No Objection on draft-ietf-sidr-slurm-07: (with COMMENT)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Apr 2018 14:29:59 -0000
Ben, Thanks very much for your comments. Please see authors' responses in lines. > 在 2018年4月4日,03:43,Ben Campbell <ben@nostrum.com> 写道: > > Ben Campbell has entered the following ballot position for > draft-ietf-sidr-slurm-07: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-sidr-slurm/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Major Comments: > > §6: I also agree with Benjamin's sadness about the security considerations. The > section really should at least discuss the potential consequences of an > adversary inserting a false slurm file, modifying one on the fly, or > eavesdropping on one. We authors intend to work on a proposed standard mechanism for updating SLURM files through a secure API in the near future. The very proposal is intended to be in a separate draft for SIDROPS. > > Minor Comments: > > §1.1: The document contains at least a few lower case instances of "must". > Please consider using the boilerplate from RFC 8174. > ACK. > §3.3, 1st paragraph: "RP SHOULD verify that the target is an acceptable value" > What is the criteria for acceptability? As we authors have decided to drop slurmTarget element, this is no longer an issue :-) > > §8.2, " [RFC4648]": The document requires Base64 encoding. Doesn't that make > this a normative reference? But it has been listed as a normative reference. > > Editorial Comments and Nits: > > [significant] Abstract (and throughout the document): > > I don't find the term "local view of the RPKI" to be descriptive. IIUC, we are > talking about overriding assertions that come from the RPKI based on local (or > possibly 3rd party) knowledge. This seems to me to be a different thing than > providing a "local view of the RPKI", and I certainly would not have gotten a > sense of that difference from the Abstract alone, and possibly not the > introduction. We will make the change as follows: OLD: However, ISPs may want to establish a local view of the RPKI to control its own network while making use of RPKI data. NEW: However, ISPs may want to establish a local view of exceptions to the RPKI data in the form of local filters and additions. Hopefully this will give context to the term ‘local view’ throughout the document. > > §1, last paragraph: Please expand or define rpki-rtr on first mention. ACK. > > §3.4.1: Please expand SKI on first mention. (You do so in the second mention > :-) ) > > ACK. Di