Re: [secdir] Secdir review of draft-ietf-ippm-owamp-registry-03
"MORTON, ALFRED C (AL)" <acmorton@att.com> Thu, 17 September 2015 14:02 UTC
Return-Path: <acmorton@att.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30A591A0015; Thu, 17 Sep 2015 07:02:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VET4-lxMYEur; Thu, 17 Sep 2015 07:02:53 -0700 (PDT)
Received: from mail-pink.research.att.com (mail-pink.research.att.com [204.178.8.22]) by ietfa.amsl.com (Postfix) with ESMTP id 9C5D21A00B9; Thu, 17 Sep 2015 07:02:50 -0700 (PDT)
Received: from mail-green.research.att.com (H-135-207-255-15.research.att.com [135.207.255.15]) by mail-pink.research.att.com (Postfix) with ESMTP id CC28D1229CD; Thu, 17 Sep 2015 10:28:53 -0400 (EDT)
Received: from exchange.research.att.com (njfpsrvexg0.research.att.com [135.207.255.124]) by mail-green.research.att.com (Postfix) with ESMTP id 91E99E101C; Thu, 17 Sep 2015 10:01:14 -0400 (EDT)
Received: from NJFPSRVEXG0.research.att.com ([fe80::108a:1006:9f54:fd90]) by NJFPSRVEXG0.research.att.com ([fe80::108a:1006:9f54:fd90%25]) with mapi; Thu, 17 Sep 2015 10:02:50 -0400
From: "MORTON, ALFRED C (AL)" <acmorton@att.com>
To: Alan DeKok <aland@deployingradius.com>, "secdir@ietf.org" <secdir@ietf.org>
Date: Thu, 17 Sep 2015 10:02:49 -0400
Thread-Topic: Secdir review of draft-ietf-ippm-owamp-registry-03
Thread-Index: AdDwr+ejrlXABYCpRsygInVxFp7LpAAn3HQw
Message-ID: <4AF73AA205019A4C8A1DDD32C034631D0BB4581583@NJFPSRVEXG0.research.att.com>
References: <6FD706E2-FEAC-4EF2-BCE8-43D16095BB11@deployingradius.com>
In-Reply-To: <6FD706E2-FEAC-4EF2-BCE8-43D16095BB11@deployingradius.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/mwPI-gf5O1WVZ63OV9spfu9Wnx0>
Cc: "ippm-ads@ietf.org" <ippm-ads@ietf.org>, "ippm-chairs@ietf.org" <ippm-chairs@ietf.org>, "draft-ietf-ippm-owamp-registry@tools.ietf.org" <draft-ietf-ippm-owamp-registry@tools.ietf.org>, "ippm@ietf.org" <ippm@ietf.org>
Subject: Re: [secdir] Secdir review of draft-ietf-ippm-owamp-registry-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2015 14:02:55 -0000
Hi Alan, thanks for your review, please see replies below. FWIW - I had to look-up the details. Al > -----Original Message----- > From: Alan DeKok [mailto:aland@deployingradius.com] > Sent: Wednesday, September 16, 2015 2:03 PM > To: secdir@ietf.org > Cc: draft-ietf-ippm-owamp-registry@tools.ietf.org > Subject: Secdir review of draft-ietf-ippm-owamp-registry-03 > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the IESG. > These comments were written primarily for the benefit of the security > area directors. Document editors and WG chairs should treat these > comments just like any other last call comments. > > This document requests IANA allocation of registries for OWAMP. As > such, it has minimal security impact. > > One practical note is the request to assign an "Experimentation" > OWAMP-Control Command Number. Experience shows that such numbers are > either never used, or used as experiments... which then get widely > deployed before standards action catches up to practical needs. [ACM] I understand how this might happen, but IETF already has a BCP that covers this topic: https://tools.ietf.org/html/bcp82 > > It may be good to add some discussion as to *how* experiments are > done, and how experiments can transition from the "Experimentation" > number to a standard number. [ACM] IMO, BCP82 covers this aspect adequately. > > One suggestion would be to change the label from "Experimentation" to > "Site-Local". That would still allow sites to experiment with OWAMP- > Control commands, but would make it clearer that such experimentation is > only for the local site, and MUST NOT be used in a wider context. [ACM] Site-local is not a valid registry assignment, see: https://tools.ietf.org/html/rfc5226#section-4 Also, I would expect that an Internet performance characterization protocol will be deployed on the Internet when using an experimental command to conduct experiments, so not Site-Local. Note that the existing reference to RFC5226 makes a clear reference to BCP 82 in section 4.
- [secdir] Secdir review of draft-ietf-ippm-owamp-r… Alan DeKok
- Re: [secdir] Secdir review of draft-ietf-ippm-owa… MORTON, ALFRED C (AL)