Re: [v6ops] Secdir last call review of draft-ietf-v6ops-slaac-renum-03
Klaas Wierenga <klaas@wierenga.net> Thu, 24 September 2020 15:21 UTC
Return-Path: <klaas@wierenga.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB3123A0ED1; Thu, 24 Sep 2020 08:21:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.917
X-Spam-Level:
X-Spam-Status: No, score=-1.917 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u7iu6KH7ta4O; Thu, 24 Sep 2020 08:21:07 -0700 (PDT)
Received: from out69-ams.mf.surf.net (out69-ams.mf.surf.net [145.0.1.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8B8D3A0EB5; Thu, 24 Sep 2020 08:21:06 -0700 (PDT)
Received: from mail.het.net.je (mail.het.net.je [192.87.110.20]) by outgoing3-ams.mf.surf.net (8.14.4/8.14.4/Debian-4+deb7u1) with ESMTP id 08OFL3H9024152 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 24 Sep 2020 17:21:04 +0200
Received: from [109.37.133.155] (helo=[100.102.17.216]) by mail.het.net.je with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <klaas@wierenga.net>) id 1kLT2V-0002Y1-Na; Thu, 24 Sep 2020 17:20:07 +0200
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Klaas Wierenga <klaas@wierenga.net>
Mime-Version: 1.0 (1.0)
Date: Thu, 24 Sep 2020 17:21:02 +0200
Message-Id: <9D55177C-68BD-4022-BAAB-46E7642C9778@wierenga.net>
References: <48c03f94-bb4b-5d79-9afe-7a585b0c8151@si6networks.com>
Cc: secdir@ietf.org, v6ops@ietf.org, draft-ietf-v6ops-slaac-renum.all@ietf.org, last-call@ietf.org
In-Reply-To: <48c03f94-bb4b-5d79-9afe-7a585b0c8151@si6networks.com>
To: Fernando Gont <fgont@si6networks.com>
X-Mailer: iPhone Mail (17H35)
X-Antivirus: no malware found
X-Bayes-Prob: 0.0001 (Score 0, tokens from: p-out:default, p:default, base:default, @@RPTN)
X-CanIt-Geo: ip=192.87.110.20; country=NL; region=North Holland; city=Zaandam; latitude=52.4414; longitude=4.8156; http://maps.google.com/maps?q=52.4414,4.8156&z=6
X-CanItPRO-Stream: p-out:default (inherits from p:default,base:default)
X-Canit-Stats-ID: 0b3vPl39P - 823dc94f1efc - 20200924 (trained as not-spam)
X-Scanned-By: CanIt (www . roaringpenguin . com)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/m_K54URZiB4vYuLi9Yi-S6WcGlI>
Subject: Re: [v6ops] Secdir last call review of draft-ietf-v6ops-slaac-renum-03
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Sep 2020 15:21:15 -0000
My pleasure! Sent from my iPhone > On 24 Sep 2020, at 17:08, Fernando Gont <fgont@si6networks.com> wrote: > > Hi, Klaas, > > Thanks so much for your feedback! In-line.... > >> On 24/9/20 09:16, Klaas Wierenga via Datatracker wrote: >> Reviewer: Klaas Wierenga >> Review result: Ready >> I have reviewed this document as part of the security directorate's >> ongoing effort to review all IETF documents being processed by the >> IESG. These comments were written primarily for the benefit of the >> security area directors. Document editors and WG chairs should treat >> these comments just like any other last call comments. >> The document is clear and well-written. I believe that the workarounds >> presented are a bit weak, but I guess the future work will address the issue in >> a more fundamental manner. > > FWIW, the "workarounds" presented in this document are somewhat limited, because they suggest the things one might do without modifying the underlying protocols (i.e., operational mitigations). > > Indeed, other work being pursued (draft-ietf-v6ops-cpe-slaac-renum and draft-ietf-6man-slaac-renum) discuss how to mitigate the problem in a more comprehensive and effective manner. > > Thanks! > > CHeers, > -- > Fernando Gont > SI6 Networks > e-mail: fgont@si6networks.com > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > > > >
- [v6ops] Secdir last call review of draft-ietf-v6o… Klaas Wierenga via Datatracker
- Re: [v6ops] Secdir last call review of draft-ietf… Fernando Gont
- Re: [v6ops] Secdir last call review of draft-ietf… Klaas Wierenga