Re: [tsvwg] AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07
"Tim Szigeti (szigeti)" <szigeti@cisco.com> Tue, 19 September 2017 04:19 UTC
Return-Path: <szigeti@cisco.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D3AF1329AD; Mon, 18 Sep 2017 21:19:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.519
X-Spam-Level:
X-Spam-Status: No, score=-14.519 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MFt8OVGvIL-I; Mon, 18 Sep 2017 21:18:58 -0700 (PDT)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA28A1270AB; Mon, 18 Sep 2017 21:18:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=28256; q=dns/txt; s=iport; t=1505794737; x=1507004337; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=pC6HUuaPK6+wumttz00SuwqCBP9Yg8xOVAIgjXh5rP0=; b=QlO6lEXNhGmbR8ENr4KJR7D3lXGSJJPoDole0dKvyH2HQOSgx5DEe4d/ vA7rKJw4+fElbC+lCNowyT8jmM26m3g0GoIBobj6m4wrQwDKqKAEaGWeE h2yKN9cEAx3ETrGi4fOHQcLyzDL7Wv8ajYkvvJnu/1ggqlgK1Lst6Aul6 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DAAAAZmcBZ/5tdJa1cGQEBAQEBAQEBAQEBBwEBAQEBgm9rZG4nB4NuiiCPd4F0iDuNaw6CBAojhRgCGoQwPxgBAgEBAQEBAQFrKIUYAQEBAQEBASMEBkwMBAIBCBEEAQEoAwICAh8RFAkIAgQOBQiJR0wDDQgQqTKBbTqHPA2DXwEBAQEBAQEBAQEBAQEBAQEBAQEBARgFgycEggKDM4MogliBaD8HKIJdgmAFhz+ZDTwCh1mHNE+EboIchWqDfoZ9jFqILgIRGQGBOAEfOIENdxVJhxx2AQGHBoEPAQEB
X-IronPort-AV: E=Sophos;i="5.42,416,1500940800"; d="scan'208,217";a="295256201"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Sep 2017 04:18:55 +0000
Received: from XCH-ALN-008.cisco.com (xch-aln-008.cisco.com [173.36.7.18]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id v8J4It3I027650 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 19 Sep 2017 04:18:55 GMT
Received: from xch-rcd-010.cisco.com (173.37.102.20) by XCH-ALN-008.cisco.com (173.36.7.18) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Mon, 18 Sep 2017 23:18:55 -0500
Received: from xch-rcd-010.cisco.com ([173.37.102.20]) by XCH-RCD-010.cisco.com ([173.37.102.20]) with mapi id 15.00.1263.000; Mon, 18 Sep 2017 23:18:55 -0500
From: "Tim Szigeti (szigeti)" <szigeti@cisco.com>
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>, "Black, David" <David.Black@dell.com>
CC: "tsvwg@ietf.org" <tsvwg@ietf.org>, "draft-ietf-tsvwg-ieee-802-11@ietf.org" <draft-ietf-tsvwg-ieee-802-11@ietf.org>
Thread-Topic: AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07
Thread-Index: AQHTLDvXI3dHIpVmrkWr5z05jMdi7aK2tLCAgASNOACAAEJVAIAAH2nA
Date: Tue, 19 Sep 2017 04:18:54 +0000
Message-ID: <dc3d512a82ba44a39e286fdfbafbbf83@XCH-RCD-010.cisco.com>
References: <CAKKJt-dnnYxO0C9ahXURu8aDjpRP=vtKn8z2JsiRm+YP+mLrVw@mail.gmail.com> <b0d50d3b2488488b8ef4f621a776eed5@XCH-RCD-010.cisco.com> <CE03DB3D7B45C245BCA0D243277949362FC59749@MX307CL04.corp.emc.com> <CAKKJt-fLm0kT6LR7fqX4RvyOBeU6NsXqJOKzih=6Y76fqvhdDw@mail.gmail.com>
In-Reply-To: <CAKKJt-fLm0kT6LR7fqX4RvyOBeU6NsXqJOKzih=6Y76fqvhdDw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.19.22.199]
Content-Type: multipart/alternative; boundary="_000_dc3d512a82ba44a39e286fdfbafbbf83XCHRCD010ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/zvcO-B4Xq9Z2SJcd2C5l2nQqTb8>
Subject: Re: [tsvwg] AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Sep 2017 04:19:01 -0000
Hi Spencer, I made the minor change requested; now the sentence avoids the loaded term ‘should consider’. Suffice it to say that the security of the devices and networks implementing QoS, including QoS mapping between wired and wireless networks, merits consideration in actual deployments. (Thanks David for bringing this to our attention). With that done, I think we’re ready for Last Call. Thanks, -tim From: Spencer Dawkins at IETF [mailto:spencerdawkins.ietf@gmail.com] Sent: Monday, September 18, 2017 2:24 PM To: Black, David Cc: Tim Szigeti (szigeti); tsvwg@ietf.org; draft-ietf-tsvwg-ieee-802-11@ietf.org Subject: Re: AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07 Dear All, On Mon, Sep 18, 2017 at 12:26 PM, Black, David <David.Black@dell.com<mailto:David.Black@dell.com>> wrote: The text that Spencer quoted brings up something else ... I'd suggest some editorial rephrasing of at least the words "SHOULD be considered" in: Suffice it to say that the security of the devices and networks implementing QoS, including QoS mapping between wired and wireless networks, SHOULD be considered in actual deployments. before someone on the IESG notes the relevance of Section 2 of RFC 6919 to that text: https://tools.ietf.org/html/rfc6919#section-2 and notices the publication date of RFC 6919 :-) :-). Thanks, --David > -----Original Message----- > From: Tim Szigeti (szigeti) [mailto:szigeti@cisco.com<mailto:szigeti@cisco.com>] > Sent: Friday, September 15, 2017 8:56 PM > To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com<mailto:spencerdawkins.ietf@gmail.com>>; Black, David > <david.black@emc.com<mailto:david.black@emc.com>> > Cc: Black, David <david.black@emc.com<mailto:david.black@emc.com>>; tsvwg@ietf.org<mailto:tsvwg@ietf.org>; draft-ietf-tsvwg- > ieee-802-11@ietf.org<mailto:ieee-802-11@ietf.org> > Subject: RE: AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07 > > Hi Spencer, > > Thank you very much for giving this document a thorough read. We really > appreciate your feedback and suggestions, all of which have been > implemented in the latest version (v08) just posted. I'm good to go with v08, but please let me know if anything will change in response to David's previous e-mail in this thread, so we don't start Last Call with comments that should be addressed. Thanks, Spencer > > Cheers, > > -tim > > > -----Original Message----- > > From: Spencer Dawkins at IETF [mailto:spencerdawkins.ietf@gmail.com<mailto:spencerdawkins.ietf@gmail.com>] > > Sent: Tuesday, September 12, 2017 7:56 PM > > To: David Black > > Cc: David L. Black; tsvwg@ietf.org<mailto:tsvwg@ietf.org>; draft-ietf-tsvwg-ieee-802-11@ietf.org<mailto:draft-ietf-tsvwg-ieee-802-11@ietf.org> > > Subject: AD Evaluation comments for draft-ietf-tsvwg-ieee-802-11-07 > > > > This was a very dense read, and I found only a few things to ask about, and > > half of those are nits. > > > > Nice work. > > > > Please take a look at my evaluation comments, and let me know how you'd > > like to proceed. > > > > Thanks, as always. > > > > Spencer > > > > Nit, but it's in the Abstract ... > > > > This document specifies a set Differentiated > > Services Code Point (DSCP) to IEEE 802.11 User Priority (UP) mappings > > > > should this be "... set of Differentiated Services Code Point ..."? > > > > I'm looking at this text, > > > > There is also a recommendation from the Global System for Mobile > > Communications Association (GSMA), specifically their Mapping Quality > > of Service (QoS) Procedures of Proxy Mobile IPv6 (PMIPv6) and WLAN > > [RFC7561] specification. This GSMA specification was developed > > without reference to existing IETF specifications for various > > services, referenced in Section 1.1. > > > > and I'm not quite sure how an IETF-stream Informational RFC produced by > a > > working group becomes "a recommendation from GSMA" and "a GSMA > > specification". I recognize the names of the RFC 7561 authors, and I see the > > connection, but I would have thought that the reference would have been > to > > something more obviously tied to GSMA. Is there any reference that could > > be cited, to help people who didn't sit two desks away from one of the > > authors see the connection? > > > > In this text, > > > > This document assumes and RECOMMENDS that all wireless access points > > (as the bridges between wired-and-wireless networks) support the > > ability to: > > > > is "bridges" the right word here? I would read that as saying that wireless > > access points are a layer two-layer two bridge. If you have readers who are > > familiar with IEEE 802.1 bridging, they may be more confused than I was. > > > > A nit - "unusued" -> "unused" > > > > I really appreciate the inclusion of Section 6, as an overview of IEEE 802.11 > > QoS. I'd suggest that this not be titled as "Appendix" - which > > https://www.rfc-editor.org/rfc/pdfrfc/rfc7322.txt.pdf doesn't think is part > of > > an RFC body, so at a minimum they would move it behind the security > > considerations, but I'd be OK if you left it as a normal Section in the body. > > Alternatively, if you're happier with this material as an Appendix, it's > probably > > better to slide it to the back material. > > > > A nit - "oftheir" -> "of their" > > > > I'm looking at the last paragraph of the Security Considerations, and I'm > > thinking that > > > > Finally, it should be noted that the recommendations put forward in > > this document are not intended to address all attack vectors > > leveraging QoS marking abuse. Mechanisms that may further help > > mitigate security risks include strong device- and/or user- > > authentication, access-control, rate limiting, control-plane > > policing, encryption and other techniques; however, the > > implementation recommendations for such mechanisms are beyond the > > scope of this document to address in detail. Suffice it to say that > > the security of the devices and networks implementing QoS, including > > QoS mapping between wired and wireless networks, SHOULD be > > considered > > in actual deployments. > > > > is missing the (perhaps obvious) point that the mechanisms you list under > > "further help" aren't specific to wireless networks, but should be > considered > > for any network that implements QoS. That might be covered in the last > > sentence, but that's not what I'm getting out of the last sentence.
- [tsvwg] AD Evaluation comments for draft-ietf-tsv… Spencer Dawkins at IETF
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Fred Baker
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Spencer Dawkins at IETF
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Tim Szigeti (szigeti)
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Black, David
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Spencer Dawkins at IETF
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Tim Szigeti (szigeti)
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Spencer Dawkins at IETF
- Re: [tsvwg] AD Evaluation comments for draft-ietf… Black, David