Re: [tsvwg] AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07
"Black, David" <David.Black@dell.com> Mon, 18 September 2017 17:26 UTC
Return-Path: <David.Black@dell.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01C64132992; Mon, 18 Sep 2017 10:26:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.721
X-Spam-Level:
X-Spam-Status: No, score=-2.721 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dell.com header.b=QYKiVl4e; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=emc.com header.b=leR1S/20
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 45MZI3UmGirc; Mon, 18 Sep 2017 10:26:50 -0700 (PDT)
Received: from esa3.dell-outbound.iphmx.com (esa3.dell-outbound.iphmx.com [68.232.153.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4195133061; Mon, 18 Sep 2017 10:26:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dell.com; i=@dell.com; q=dns/txt; s=smtpout; t=1505755591; x=1537291591; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=Wdg4dE52Jr+f1WAuC0uEpeyC2TlO5kBhx3h+90JgBxQ=; b=QYKiVl4ejHxS0qmgWg/gGBafHGtekwIJ64wWHuAX+MYTqV3lQ1PdwY2s VSAtbMgIohFFVJ7JwpHs/bAKWCX5Lb03ylcIJF6Td1kkJ3vrVRAgxJYAe aSV2vwnzzdkPHe6X2kcvmZ6z77uY40RTYX5PRfigiJLlNQjlOeyeVnw4j 4=;
Received: from esa5.dell-outbound2.iphmx.com ([68.232.153.203]) by esa3.dell-outbound.iphmx.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Sep 2017 12:26:31 -0500
From: "Black, David" <David.Black@dell.com>
Received: from mailuogwdur.emc.com ([128.221.224.79]) by esa5.dell-outbound2.iphmx.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Sep 2017 23:19:57 +0600
Received: from maildlpprd56.lss.emc.com (maildlpprd56.lss.emc.com [10.106.48.160]) by mailuogwprd51.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id v8IHQj0b002790 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 18 Sep 2017 13:26:48 -0400
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd51.lss.emc.com v8IHQj0b002790
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1505755609; bh=LgkvaC2EK/hU12QJ26XFPdOgAUg=; h=From:To:CC:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:Content-Transfer-Encoding:MIME-Version; b=leR1S/20GjiXWgWgymib2biHsY03hBou0LARS/00KjbQ66ICb+vXH5dcRhWyDxc5T GRpA6X4V9i+X3bo6uPSAFr75WQgv69XUclbKJk5kbINsZxWzgJd3vJF2j3t5DLcdAv D2kKP7bV9XmyXKDU2dDE+Oo2scpNYAcgd4C7tIiM=
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd51.lss.emc.com v8IHQj0b002790
Received: from mailusrhubprd53.lss.emc.com (mailusrhubprd53.lss.emc.com [10.106.48.18]) by maildlpprd56.lss.emc.com (RSA Interceptor); Mon, 18 Sep 2017 13:26:33 -0400
Received: from MXHUB306.corp.emc.com (MXHUB306.corp.emc.com [10.146.3.32]) by mailusrhubprd53.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id v8IHQbdW009949 (version=TLSv1.2 cipher=AES128-SHA256 bits=128 verify=FAIL); Mon, 18 Sep 2017 13:26:37 -0400
Received: from MX307CL04.corp.emc.com ([fe80::849f:5da2:11b:4385]) by MXHUB306.corp.emc.com ([10.146.3.32]) with mapi id 14.03.0352.000; Mon, 18 Sep 2017 13:26:36 -0400
To: "Tim Szigeti (szigeti)" <szigeti@cisco.com>, Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
CC: "tsvwg@ietf.org" <tsvwg@ietf.org>, "draft-ietf-tsvwg-ieee-802-11@ietf.org" <draft-ietf-tsvwg-ieee-802-11@ietf.org>
Thread-Topic: AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07
Thread-Index: AQHTLDvXSq+UxrknR0ODuGgkGJv9zaK298IAgAP1DQA=
Date: Mon, 18 Sep 2017 17:26:36 +0000
Message-ID: <CE03DB3D7B45C245BCA0D243277949362FC59749@MX307CL04.corp.emc.com>
References: <CAKKJt-dnnYxO0C9ahXURu8aDjpRP=vtKn8z2JsiRm+YP+mLrVw@mail.gmail.com> <b0d50d3b2488488b8ef4f621a776eed5@XCH-RCD-010.cisco.com>
In-Reply-To: <b0d50d3b2488488b8ef4f621a776eed5@XCH-RCD-010.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.238.44.138]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd53.lss.emc.com
X-RSA-Classifications: public
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/6KxoIUbZnUkXN_BUmRL9PWqyOsk>
Subject: Re: [tsvwg] AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Sep 2017 17:26:53 -0000
The text that Spencer quoted brings up something else ... I'd suggest some editorial rephrasing of at least the words "SHOULD be considered" in:
Suffice it to say that
the security of the devices and networks implementing QoS, including
QoS mapping between wired and wireless networks, SHOULD be
considered in actual deployments.
before someone on the IESG notes the relevance of Section 2 of RFC 6919 to that text:
https://tools.ietf.org/html/rfc6919#section-2
and notices the publication date of RFC 6919 :-) :-).
Thanks, --David
> -----Original Message-----
> From: Tim Szigeti (szigeti) [mailto:szigeti@cisco.com]
> Sent: Friday, September 15, 2017 8:56 PM
> To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>; Black, David
> <david.black@emc.com>
> Cc: Black, David <david.black@emc.com>; tsvwg@ietf.org; draft-ietf-tsvwg-
> ieee-802-11@ietf.org
> Subject: RE: AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07
>
> Hi Spencer,
>
> Thank you very much for giving this document a thorough read. We really
> appreciate your feedback and suggestions, all of which have been
> implemented in the latest version (v08) just posted.
>
> Cheers,
>
> -tim
>
> > -----Original Message-----
> > From: Spencer Dawkins at IETF [mailto:spencerdawkins.ietf@gmail.com]
> > Sent: Tuesday, September 12, 2017 7:56 PM
> > To: David Black
> > Cc: David L. Black; tsvwg@ietf.org; draft-ietf-tsvwg-ieee-802-11@ietf.org
> > Subject: AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07
> >
> > This was a very dense read, and I found only a few things to ask about, and
> > half of those are nits.
> >
> > Nice work.
> >
> > Please take a look at my evaluation comments, and let me know how you'd
> > like to proceed.
> >
> > Thanks, as always.
> >
> > Spencer
> >
> > Nit, but it's in the Abstract ...
> >
> > This document specifies a set Differentiated
> > Services Code Point (DSCP) to IEEE 802.11 User Priority (UP) mappings
> >
> > should this be "... set of Differentiated Services Code Point ..."?
> >
> > I'm looking at this text,
> >
> > There is also a recommendation from the Global System for Mobile
> > Communications Association (GSMA), specifically their Mapping Quality
> > of Service (QoS) Procedures of Proxy Mobile IPv6 (PMIPv6) and WLAN
> > [RFC7561] specification. This GSMA specification was developed
> > without reference to existing IETF specifications for various
> > services, referenced in Section 1.1.
> >
> > and I'm not quite sure how an IETF-stream Informational RFC produced by
> a
> > working group becomes "a recommendation from GSMA" and "a GSMA
> > specification". I recognize the names of the RFC 7561 authors, and I see the
> > connection, but I would have thought that the reference would have been
> to
> > something more obviously tied to GSMA. Is there any reference that could
> > be cited, to help people who didn't sit two desks away from one of the
> > authors see the connection?
> >
> > In this text,
> >
> > This document assumes and RECOMMENDS that all wireless access points
> > (as the bridges between wired-and-wireless networks) support the
> > ability to:
> >
> > is "bridges" the right word here? I would read that as saying that wireless
> > access points are a layer two-layer two bridge. If you have readers who are
> > familiar with IEEE 802.1 bridging, they may be more confused than I was.
> >
> > A nit - "unusued" -> "unused"
> >
> > I really appreciate the inclusion of Section 6, as an overview of IEEE 802.11
> > QoS. I'd suggest that this not be titled as "Appendix" - which
> > https://www.rfc-editor.org/rfc/pdfrfc/rfc7322.txt.pdf doesn't think is part
> of
> > an RFC body, so at a minimum they would move it behind the security
> > considerations, but I'd be OK if you left it as a normal Section in the body.
> > Alternatively, if you're happier with this material as an Appendix, it's
> probably
> > better to slide it to the back material.
> >
> > A nit - "oftheir" -> "of their"
> >
> > I'm looking at the last paragraph of the Security Considerations, and I'm
> > thinking that
> >
> > Finally, it should be noted that the recommendations put forward in
> > this document are not intended to address all attack vectors
> > leveraging QoS marking abuse. Mechanisms that may further help
> > mitigate security risks include strong device- and/or user-
> > authentication, access-control, rate limiting, control-plane
> > policing, encryption and other techniques; however, the
> > implementation recommendations for such mechanisms are beyond the
> > scope of this document to address in detail. Suffice it to say that
> > the security of the devices and networks implementing QoS, including
> > QoS mapping between wired and wireless networks, SHOULD be
> > considered
> > in actual deployments.
> >
> > is missing the (perhaps obvious) point that the mechanisms you list under
> > "further help" aren't specific to wireless networks, but should be
> considered
> > for any network that implements QoS. That might be covered in the last
> > sentence, but that's not what I'm getting out of the last sentence.
- [tsvwg] AD Evaluation comments for draft-ietf-tsv… Spencer Dawkins at IETF
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Fred Baker
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Spencer Dawkins at IETF
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Tim Szigeti (szigeti)
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Black, David
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Spencer Dawkins at IETF
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Tim Szigeti (szigeti)
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Spencer Dawkins at IETF
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Black, David