[Taps] Éric Vyncke's Discuss on draft-ietf-taps-transport-security-11: (with DISCUSS and COMMENT)
Éric Vyncke via Datatracker <noreply@ietf.org> Thu, 09 April 2020 10:01 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: taps@ietf.org
Delivered-To: taps@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id EAC843A1077; Thu, 9 Apr 2020 03:01:44 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Éric Vyncke via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-taps-transport-security@ietf.org, taps-chairs@ietf.org, taps@ietf.org, Philipp Tiesel <philipp@tiesel.net>, caw@heapingbits.net, philipp@tiesel.net, mohit.m.sethi@ericsson.com, brian@innovationslab.net, int-dir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.125.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Éric Vyncke <evyncke@cisco.com>
Message-ID: <158642650492.8627.16111048765603393250@ietfa.amsl.com>
Date: Thu, 09 Apr 2020 03:01:44 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/93vcZRx9mY25JIb4lUvHbF0H52M>
X-Mailman-Approved-At: Thu, 09 Apr 2020 05:28:57 -0700
Subject: [Taps] Éric Vyncke's Discuss on draft-ietf-taps-transport-security-11: (with DISCUSS and COMMENT)
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF Transport Services \(TAPS\) Working Group" <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2020 10:01:45 -0000
Éric Vyncke has entered the following ballot position for draft-ietf-taps-transport-security-11: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-taps-transport-security/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Thank you for the work put into this document. It is really easy to read. Nevertheless, I am balloting a DISCUSS (see below), I sincerely hope that I am wrongly asserting the lack of IPv6 support for CurveCP else the easy way to clear my DISCUSS would be to mention this limitation in section 3 even if the focus of this I-D is on the API. Please find below some non-blocking COMMENTs. An answer will be appreciated. I hope that this helps to improve the document, Regards, -éric == DISCUSS == I question the inclusion of CurveCP in the mix as per https://curvecp.org/addressing.html it does not seem to support IPv6. At the bare minimum, the I-D should mention this restriction in section 3. (and I hope to be corrected about CurveCP IPv6 support). ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Please respond to the IoT-directorate review by Mohit: https://mailarchive.ietf.org/arch/msg/iot-directorate/xTVOvQ7kI78sDPZQuVsTvGB2x0s Please respond to the INT-DIR review by Brian: https://mailarchive.ietf.org/arch/msg/int-dir/2IHPgukaAAMvMjO7TXvo_ujcI_I + Gorry Fairhurst's about GRE Generic comment about the intended transport: all protocols analyzed in this document are point to point (no multicast), this should probably be mentioned in the introduction. -- Section 1 -- Is there any reason why the integrity property of IPsec AH is not mentioned ? Same also applies in section 2 when "security protocol" is defined. -- Section 3 -- Use the wording of "record protocol" generically while the term "record protocol" is defined in section 2 as a blocked data transport (like in TLS). Suggest the use of "data transfer protocol" ? An important property of such protocols is to be able to traverse a NAPT box (that I hate)... I suggest to mention whether the analyzed protocols support NAT-traversal in this description section or even in the analysis parts as having a different view (application and network layers seeing possibly different IP addresses so a potential impact on the API).
- [Taps] Éric Vyncke's Discuss on draft-ietf-taps-t… Éric Vyncke via Datatracker
- Re: [Taps] Éric Vyncke's Discuss on draft-ietf-ta… Magnus Westerlund
- Re: [Taps] Éric Vyncke's Discuss on draft-ietf-ta… Eric Vyncke (evyncke)
- Re: [Taps] Éric Vyncke's Discuss on draft-ietf-ta… Magnus Westerlund
- Re: [Taps] Éric Vyncke's Discuss on draft-ietf-ta… Eric Vyncke (evyncke)
- Re: [Taps] Éric Vyncke's Discuss on draft-ietf-ta… Barry Leiba
- Re: [Taps] Éric Vyncke's Discuss on draft-ietf-ta… Kyle Rose
- Re: [Taps] Éric Vyncke's Discuss on draft-ietf-ta… Magnus Westerlund
- Re: [Taps] Éric Vyncke's Discuss on draft-ietf-ta… Tommy Pauly