ietf
[Top] [All Lists]

Re: Gen-ART LC Review of draft-ietf-dhc-relay-id-suboption-11

2012-12-21 09:40:54
Thanks for the timely response, and the background for the security language. 

This brings up one question, however. See inline: 

Thanks!

Ben.

On Dec 21, 2012, at 6:48 AM, RAMAKRISHNADTV 
<RAMAKRISHNADTV(_at_)infosys(_dot_)com> wrote:

Hi Ben,

Thank you for your review comments.
Please find my responses inline below.

Regards,
Ramakrishna DTV.

-----Original Message-----
From: Ben Campbell [mailto:ben(_at_)nostrum(_dot_)com]
Sent: Thursday, December 20, 2012 2:45 AM
To: 
draft-ietf-dhc-relay-id-suboption(_dot_)all(_at_)tools(_dot_)ietf(_dot_)org
Cc: gen-art(_at_)ietf(_dot_)org Review Team; ietf(_at_)ietf(_dot_)org List
Subject: Gen-ART LC Review of draft-ietf-dhc-relay-id-suboption-11

I am the assigned Gen-ART reviewer for this draft. For background on
Gen-ART, please see the FAQ at

<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Please resolve these comments along with any other Last Call comments
you may receive.

Document: draft-ietf-dhc-relay-id-suboption-11
Reviewer: Ben Campbell
Review Date: 2012-12-19
IETF LC End Date: 2013-01-07

Summary: This draft is basically ready for publication as a proposed
standard. However, there is one comment from a prior review that I am
not sure whether is resolved.

Major issues:

None

Minor issues:

-- In Sean Turner's 2009 review of version 07 of the document [
http://www.ietf.org/mail-archive/web/gen-art/current/msg04614.html ], he
made the following comment:

In the security considerations it says look to RFC 3046 and
RFC 4030 for security considerations and then says SHOULD use the
relay
agent authentication option from RFC 4030.  RFC 3046 is targeted at
network infrastructures that are "trusted and secure" and RFC 4030
allows the relay agent to be part of this trusted and secure network.
If an implementation doesn't use the relay agent authentication
option,
then the relay agent can't be part of the "trusted and secure"
network.

RFC3046 created the relay agent information option.
Relay agent information option exists only in the messages between
relay agents and DHCP servers. RFC3046 is targeted at network infrastructures
that are "trusted and secure" as far as the paths among relay agents and DHCP
servers is concerned. In many deployments, relay agents and DHCP servers
are under a single administrative control. By careful design and engineering
of the network, it is possible to ensure that the network infrastructure
comprising relay agents and DHCP server is trusted and secure. To achieve 
that,
RFC4030 may be used but is not a MUST. If not, RFC4030 would already be a MUST
for RFC3046 deployment. But that is not currently the case.

Is the SHOULD use 4030 language a new normative requirement, or is it simply 
describing existing requirements from 3046 or elsewhere?  If it's a new 
normative requirement, then I am fine with your answer and withdraw the 
concern. If not, then it would be better to use descriptive rather than 
normative language in this draft.



This makes me think that the relay agent authentication option from
RFC 4030 ought to be a MUST not a SHOULD?

I can't tell from the resulting conversation if that comment is
addressed in the current text. Additional text has been added, but the
SHOULD remains. I'm willing to accept it has been addressed if the
author's say so--I only mention it to make sure it didn't fall through a
crack.


We have indeed discussed about this comment and addressed it.

The following was a related comment from DHC WG Chair (Ted Lemon)
(http://www.ietf.org/mail-archive/web/gen-art/current/msg04615.html):

      "This document makes no changes to practice that require more or less 
security
      than is provided by existing relay agent options in RFC3046. Thus, the
      security considerations in RFC3046 should be adequate."

As Ted mentioned, our draft only proposes a new sub-option for relay-agent
option which was originally created as part of RFC3046. So, the security
considerations for RFC3046 apply to our draft as well. RFC3046 deployments may
use RFC4030 as explained above. So, we indicated in our draft to refer to
both RFC3046 and RFC4030. But there are no specific security issues in the
new relay-id sub-option itself to make RFC4030 a MUST.


Nits/editorial comments:

-- section 5, last paragraph:

I suggest removing the scare quotes around "stability". If there are
concerns about whether such stability is real, it would be better to say
that directly.


There is no need for these scare quotes. We will remove them.

-- informative references:

draft-ietf-dhc-dhcpv4-bulk-leasequery-06 is now 07

We will update this.



**************** CAUTION - Disclaimer *****************
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely
for the use of the addressee(s). If you are not the intended recipient, please
notify the sender by e-mail and delete the original message. Further, you are 
not
to copy, disclose, or distribute this e-mail or its contents to any other 
person and
any such actions are unlawful. This e-mail may contain viruses. Infosys has 
taken
every reasonable precaution to minimize this risk, but is not liable for any 
damage
you may sustain as a result of any virus in this e-mail. You should carry out 
your
own virus checks before opening the e-mail or attachment. Infosys reserves the
right to monitor and review the content of all messages sent to or from this 
e-mail
address. Messages sent to or from this e-mail address may be stored on the
Infosys e-mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***