IETF Logo Mail Archive

Re: [Softwires] WGLC for draft-ietf-softwire-map-mib-10

Yong Cui <cuiyong@tsinghua.edu.cn> Fri, 27 October 2017 02:37 UTC

Return-Path: <cuiyong@tsinghua.edu.cn>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8807013F4FE; Thu, 26 Oct 2017 19:37:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.49
X-Spam-Level:
X-Spam-Status: No, score=-0.49 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_MSPIKE_BL=0.01, RCVD_IN_MSPIKE_L3=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4A7S6GpbJ-SX; Thu, 26 Oct 2017 19:37:44 -0700 (PDT)
Received: from tsinghua.edu.cn (smtp28.tsinghua.edu.cn [101.6.4.52]) by ietfa.amsl.com (Postfix) with ESMTP id CC79813A5AF; Thu, 26 Oct 2017 19:37:43 -0700 (PDT)
Received: from [192.168.43.117] (unknown [117.136.75.173]) by app-4 (Coremail) with SMTP id EgQGZQAn2cHnm_JZ6d36AA--.36917S3; Fri, 27 Oct 2017 10:37:33 +0800 (CST)
Content-Type: text/plain; charset="gb2312"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Yong Cui <cuiyong@tsinghua.edu.cn>
In-Reply-To: <0A5E6031-5754-4C44-899C-231EC092746F@gmx.com>
Date: Fri, 27 Oct 2017 10:37:15 +0800
Cc: Yu Fu <fuyu@cnnic.cn>, softwires@ietf.org, draft-ietf-softwire-map-mib@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <B89983D5-341E-4764-881B-2C6895FCD70D@tsinghua.edu.cn>
References: <FC7CD004-7CD5-474A-8A3A-CEFC8114B6EF@tsinghua.edu.cn> <D41D22DB-FBB2-4FB5-9FEB-28356B3B7252@gmx.com> <000f01d34d73$b0121830$10364890$@cn> <0A5E6031-5754-4C44-899C-231EC092746F@gmx.com>
To: Ian Farrer <ianfarrer@gmx.com>
X-Mailer: Apple Mail (2.3124)
X-CM-TRANSID: EgQGZQAn2cHnm_JZ6d36AA--.36917S3
X-Coremail-Antispam: 1UD129KBjvJXoW7Zr47Gr1xKrWDWw4UAr4fKrg_yoW8Zw43pr ZYq3W2krWktrZ3GFs7Jw4vgryrt39YvF43J3ZagryfCwn8Wryvvr17twn0vF9rCryxuF1j vw4YvrZxZr1UZFJanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUyvb7Iv0xC_Zr1lb4IE77IF4wAFF20E14v26r1j6r4UM7CY07I2 0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rw A2F7IY1VAKz4vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_tr0E3s1l84ACjcxK6xII jxv20xvEc7CjxVAFwI0_Gr1j6F4UJwA2z4x0Y4vEx4A2jsIE14v26rxl6s0DM28EF7xvwV C2z280aVCY1x0267AKxVW0oVCq3wAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40EFcxC 0VAKzVAqx4xG6I80ewAv7VC0I7IYx2IY67AKxVWUJVWUGwAv7VC2z280aVAFwI0_Jr0_Gr 1lOx8S6xCaFVCjc4AY6r1j6r4UM4x0Y48IcxkI7VAKI48JMxAIw28IcxkI7VAKI48JMxC2 0s026xCaFVCjc4AY6r1j6r4UMI8I3I0E5I8CrVAFwI0_Jr0_Jr4lx2IqxVCjr7xvwVAFwI 0_JrI_JrWlx4CE17CEb7AF67AKxVWUAVWUtwCIc40Y0x0EwIxGrwCI42IY6xIIjxv20xvE 14v26r1j6r1xMIIF0xvE2Ix0cI8IcVCY1x0267AKxVWUJVW8JwCI42IY6xAIw20EY4v20x vaj40_Wr1j6rW3Jr1lIxAIcVC2z280aVAFwI0_Jr0_Gr1lIxAIcVC2z280aVCY1x0267AK xVW8JVW8JrUvcSsGvfC2KfnxnUUI43ZEXa7IU8pnQUUUUUU==
X-CM-SenderInfo: 5fxl50tqj632xlqjx3vdohv3gofq/
Archived-At: <https://mailarchive.ietf.org/arch/msg/softwires/ZUhta0lAnByW8AgOj5P0d0iyQsc>
Subject: Re: [Softwires] WGLC for draft-ietf-softwire-map-mib-10
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 02:37:46 -0000

Hi folk,

We don’t have major objections to advance the document during the WGLC.
As a result, before we advance the doc, we would encourage the authors to update a new version to address the minor comments.

Thanks so much for the Ian’s thorough review and the authors’ contribution.

Yong

> 在 2017年10月26日,14:57,Ian Farrer <ianfarrer@gmx.com> 写道:
> 
> Hi Yu,
> 
> Please see below. 
> 
> Thanks,
> Ian
> 
>> On 25. Oct 2017, at 11:28, Yu Fu <fuyu@cnnic.cn> wrote:
>> 
>> >g3.
>> >Section 7 - States that there are a list of objects and their sensitivity /
>> >vulnerability, but the list that follows only names the objects. No vulnerability
>> >information is included.
>>  
>> [Yu]: It has a description as followed :
>> “Some of the readable objects in this MIB module (i.e., objects with a
>>    MAX-ACCESS other than not-accessible) may be considered sensitive or
>>    vulnerable in some network environments. It is thus important to
>>    control even GET and/or NOTIFY access to these objects and possibly
>>    to even encrypt the values of these objects when sending them over
>>    the network via SNMP”
>> “Objects that reveal rule information of the MAP Domain: Various objects can reveal the
>>    rule information of the map domain.  A curious outsider could monitor
>>    these to assess the number of rules and the IPv6 prefix performed in
>>    this domain.  Further, an intruder could use the information to guess
>>    the address-sharing ratios of the ISPs.”
>>  
>> [Yu]: The objects in the list reveal the rule information and are readable. So they are vulnerable.
> 
> 
> [if - OK. The current text isn’t very clear. Can I propose the following text as a replacement?
> 
> Some of the MIB model's objects are vulnerable as the information
> which they hold may be used for targeting an attack against a MAP node (CE or BR).
> E.g., an intruder could use the information to help deduce the customer IPv4 and IPv6
> topologies and address-sharing ratios in use by the ISP.
> 
> The following is a list of the objects that have this vulnerability:
> ]

v2.23.0 | Report a Bug | By Email