[Gen-art] Gen-ART Telechat review of draft-ietf-opsec-ip-options-filtering-05.txt
Suresh Krishnan <suresh.krishnan@ericsson.com> Mon, 18 November 2013 05:54 UTC
Return-Path: <suresh.krishnan@ericsson.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0A0711E82DE for <gen-art@ietfa.amsl.com>; Sun, 17 Nov 2013 21:54:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.598
X-Spam-Level:
X-Spam-Status: No, score=-102.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3w1KCT4lhGxM for <gen-art@ietfa.amsl.com>; Sun, 17 Nov 2013 21:54:52 -0800 (PST)
Received: from usevmg20.ericsson.net (usevmg20.ericsson.net [198.24.6.45]) by ietfa.amsl.com (Postfix) with ESMTP id D2CF421F9A5F for <gen-art@ietf.org>; Sun, 17 Nov 2013 21:54:51 -0800 (PST)
X-AuditID: c618062d-b7f278e000005a8f-66-5289aba8c7a8
Received: from EUSAAHC007.ericsson.se (Unknown_Domain [147.117.188.93]) by usevmg20.ericsson.net (Symantec Mail Security) with SMTP id E5.22.23183.8ABA9825; Mon, 18 Nov 2013 06:54:49 +0100 (CET)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC007.ericsson.se ([147.117.188.93]) with mapi id 14.02.0328.009; Mon, 18 Nov 2013 00:54:49 -0500
From: Suresh Krishnan <suresh.krishnan@ericsson.com>
To: "draft-ietf-opsec-ip-options-filtering.all@tools.ietf.org" <draft-ietf-opsec-ip-options-filtering.all@tools.ietf.org>
Thread-Topic: Gen-ART Telechat review of draft-ietf-opsec-ip-options-filtering-05.txt
Thread-Index: Ac7kHYXKbUMvGsBOQ6C++TIgfHbimg==
Date: Mon, 18 Nov 2013 05:54:48 +0000
Message-ID: <E87B771635882B4BA20096B589152EF62847326A@eusaamb107.ericsson.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.134]
Content-Type: multipart/alternative; boundary="_000_E87B771635882B4BA20096B589152EF62847326Aeusaamb107erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrNLMWRmVeSWpSXmKPExsUyuXRPrO7K1Z1BBr/nM1ksbP/CYnH11WcW ByaPJUt+Mnl8ufyZLYApissmJTUnsyy1SN8ugStj0iSJgpXmFWc+L2dqYFxm0MXIySEhYCIx 79ViVghbTOLCvfVsXYxcHEICRxglPj3oYoZwljNK/LnWwAhSxQbUsWHnZyYQW0SgWqLz73Gg OAcHs4CLxKWDKiBhYYEgiW39L5lBwiIC4RI/38dCVOtJPN81kxnEZhFQlfi04zs7iM0r4Csx e94fsBsYgW74fmoN2HRmAXGJW0/mM0HcJiCxZM95ZghbVOLl439QNytLLHmynwWiPl9i1uKD LBAzBSVOznzCMoFReBaSUbOQlM1CUgYR15FYsPsTG4StLbFs4WtmGPvMgcdMyOILGNlXMXKU FqeW5aYbGWxiBEbIMQk23R2Me15aHmKU5mBREuf98tY5SEggPbEkNTs1tSC1KL6oNCe1+BAj EwenVANjyt1NZxU+FM1zvbXYin8pX5df+n2LbcIcyYkJKWttDp43VTUKXTZFmUnu1fybZn78 m08zBtQLTWaO/pRWeerymxnsRv9tzpywXxK4jfX3C73sG64L086EKM8oYhLdqrXm/Yqre1eG tCyYksS9+SmvwYcAWSOO05cOsK2al8uqt3XDf4829+aNSizFGYmGWsxFxYkACsS0UV4CAAA=
Cc: "General Area Review Team (gen-art@ietf.org)" <gen-art@ietf.org>
Subject: [Gen-art] Gen-ART Telechat review of draft-ietf-opsec-ip-options-filtering-05.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2013 05:54:57 -0000
I have been selected as the General Area Review Team (Gen-ART) reviewer for this draft (for background on Gen-ART, please see http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html). Please wait for direction from your document shepherd or AD before posting a new version of the draft. Document: draft-ietf-opsec-ip-options-filtering-05.txt Reviewer: Suresh Krishnan Review Date: 2013/11/17 IESG Telechat date: 2013/11/21 Summary: This draft is almost ready for publication as a BCP but I do have some issues that you may wish to consider * Sections 4.12.5 and 4.13.5 Since these options are supposed to be used in closed environments, how likely are these options to appear in the wild? Even if they do, isn't it a symptom of a misconfiguration somewhere. Given this, I would have expected the recommendation to read Routers, security gateways, and firewalls ... SHOULD by default drop packets because they contain this option... but the recommendation is "SHOULD NOT by default". I think It would be good if there was some reasoning attached to this recommendation. Without such reasoning, I think this recommendation will probably not be followed. * Section 4.22.5 Have you considered that the default behavior for the option could be related to the option class. E.g. Class 2 would default to ignore and forward and class 0 would default to drop and log. * Section 4.23.4 It would be good to specify a default for this knob. Thanks Suresh
- [Gen-art] Gen-ART Telechat review of draft-ietf-o… Suresh Krishnan
- Re: [Gen-art] Gen-ART Telechat review of draft-ie… Carlos Pignataro (cpignata)
- Re: [Gen-art] Gen-ART Telechat review of draft-ie… Jari Arkko
- Re: [Gen-art] Gen-ART Telechat review of draft-ie… Carlos Pignataro (cpignata)
- [Gen-art] Fwd: Gen-ART Telechat review of draft-i… Carlos Pignataro (cpignata)
- Re: [Gen-art] Gen-ART Telechat review of draft-ie… Jari Arkko