From nobody Tue Jun  1 07:04:43 2021
Return-Path: <new-work-bounces@ietf.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 719E73A1939; Tue,  1 Jun 2021 07:01:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1622556113; bh=xRsyJH3BgrLhGPsmpgIvnfmBymomWvHSvrB77s/dUeo=; h=From:To:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:Reply-To; b=oXW0mGXtzAzMQ6O39NOqiC1dccsBjfoBo7EYVhaIOyxlESJ8oIHT7Xh/uHNdXNike iSem+ob//lR1xozXB5B5D9hS4+l0fz+LV+4m6i3/yTDFowWcxjLoYOFnCyhOaxh90W s3awcdVRh0/Yfc2xxMc4EF3676enhoj6Dfh8g2aU=
X-Mailbox-Line: From new-work-bounces@ietf.org  Tue Jun  1 07:01:45 2021
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 24CD83A1935; Tue,  1 Jun 2021 07:01:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1622556098; bh=xRsyJH3BgrLhGPsmpgIvnfmBymomWvHSvrB77s/dUeo=; h=From:To:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:Reply-To; b=aINl41ee2VeaPrl7/rJaaMEJ9brKy9yiVGCia4aMXyGeuLZ/7oFbWmuvcWMicxx91 6xPcLu0Antr27fkhoH2wqcbNc8CpFX6XHWF/Qb1n1aMn5aqqFjRDxTVJEk4DSVZKfa dpbHhnX5ti8awf+M4EZSeHiKJMi7Jfsv9YcYiwW8=
X-Original-To: new-work@ietf.org
Delivered-To: new-work@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 59BC93A1905 for <new-work@ietf.org>; Tue,  1 Jun 2021 07:01:32 -0700 (PDT)
MIME-Version: 1.0
From: The IESG <iesg@ietf.org>
To: <new-work@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 7.30.0
Auto-Submitted: auto-generated
Precedence: bulk
MIME-Version: 1.0
Reply_to: <iesg@ietf.org>
Message-ID: <162255609234.5567.8063647854061709985@ietfa.amsl.com>
Date: Tue, 01 Jun 2021 07:01:32 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/new-work/LVbPcIdHCBZIgfW5zi_x8tAp3o8>
X-BeenThere: new-work@ietf.org
X-Mailman-Version: 2.1.29
Reply-To: iesg@ietf.org
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: new-work-bounces@ietf.org
Sender: "new-work" <new-work-bounces@ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/ErBfObSG7LaUYh1tjCnK4JuQHMU>
X-Mailman-Approved-At: Tue, 01 Jun 2021 07:04:42 -0700
Subject: [secdir] [new-work] WG Review: Serialising Extended Data About Times and Events (sedate)
X-BeenThere: secdir@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Jun 2021 14:02:01 -0000

A new IETF WG has been proposed in the Applications and Real-Time Area. The
IESG has not made any determination yet. The following draft charter was
submitted, and is provided for informational purposes only. Please send your
comments to the IESG mailing list (iesg@ietf.org) by 2021-06-11.

Serialising Extended Data About Times and Events (sedate)
-----------------------------------------------------------------------
Current status: Proposed WG

Chairs:
  TBD

Assigned Area Director:
  Francesca Palombini <francesca.palombini@ericsson.com>

Applications and Real-Time Area Directors:
  Murray Kucherawy <superuser@gmail.com>
  Francesca Palombini <francesca.palombini@ericsson.com>

Mailing list:
  Address: sedate@ietf.org
  To subscribe: https://www.ietf.org/mailman/listinfo/sedate
  Archive: https://mailarchive.ietf.org/arch/browse/sedate/

Group page: https://datatracker.ietf.org/group/sedate/

Charter: https://datatracker.ietf.org/doc/charter-ietf-sedate/

RFC3339 defines a format that can reliably express an instant in time, either
in UTC or in a local time along with the offset against UTC. However,
datetime data often has additional context, such as the timezone or calendar
system that was in use when that instant was recorded. Particularly when
using times for interval, recurrence, or offset calculations, it is necessary
to know the context in which the timepoint exists.

It is valuable to have a serialisation format that retains this context and
can reliably round-trip the additional context to systems that understand it,
via intermediate systems that only need to know about the instant in time.

The TC39 working group at ECMA have developed a format that is a good basis
for this work: draft-ryzokuken-datetime-extended.

It is anticipated that this document would be a companion to RFC3339 rather
than a replacement, embedding an unaltered RFC3339 instant along with the
contextual data.

It is also within scope for this working group to consider a minor update to
RFC3339 to allow larger than four-digit signed years, to enable representing
times further into the past and future.

It is anticipated that this working group will publish one or two documents
on the work mentioned above. After that, the working group will close down or
recharter.

The working group will coordinate with ECMA International TC39 and ISO TC154.

Milestones:

  Dec 2021 - Submit extended date and time draft to the IESG for publication



_______________________________________________
new-work mailing list
new-work@ietf.org
https://www.ietf.org/mailman/listinfo/new-work


From nobody Wed Jun  2 16:57:21 2021
Return-Path: <kyle.denhartog@mattr.global>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A80FC3A20C8 for <secdir@ietfa.amsl.com>; Wed,  2 Jun 2021 16:57:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mattrglobal242.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7qVb_JalOP94 for <secdir@ietfa.amsl.com>; Wed,  2 Jun 2021 16:57:14 -0700 (PDT)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01on2111.outbound.protection.outlook.com [40.107.108.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C2BEB3A20C6 for <secdir@ietf.org>; Wed,  2 Jun 2021 16:57:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nno1EHeMV04GnpZvHRF4s3Be5oYT4CUW5MNEXusFZba1//FtQsjZ67hoW4In16UP2NrzW9OXTJCo4TkZPBaxBQbFf0HNiFCKSqjfQBanHMpC/nalLpYzfx2VQMurHsPGV/Dr1CanDcPHdsykjqDAXmFOIX44KGI0h6pJICfJnLunOWdM4DAiNdqkrBkTxG6YEytpP/WtLu/S5rXa9mnnqtrr7QNndGUEsbFzs4cu4yP3uzy/K9zxm2fgoL/MgK/NBG8f7b4IaES4afZ3U6fFp+Ap2dhmf/8y1UFZJEfYS1+N4MtCfL7XXpjWBtlfQtdyn4PGGK4fTAe3HA6EgQxhMw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;  s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=isgOuxBR8c3buuff54s8UQ4wpdYcPy71vtdwZu+ENYQ=; b=JinKFPUqZ7b1NVUOtGFkILUTKH+QIv138D+Pi2AawN4bIXkZDzm3ePten74ftyTLMKdfG29S5tcMDRTv2rGhtu9wIgWrcrZp3aX+pf5dTrRq9vHmaTbWYL0ffL5hGUmYR3afUDVFPGd950KcDoBgrF/T/LaS8ykKck0QQp6RlbSZowwUh51A+XsTFux//otQk5h9vONObw079yH8uc3GXoq5vY8/SkFUJ9NCGsxaeHLaNUl7zXzrycEM+8WgS4rx2zg50Wa9PAbEnPgOTDUbehvPMU0e6qWcTJENUOpa54OVpGaEhE1ranHdDX2ce61mCgWKFxOXFqzSHbtJazNa4A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mattr.global; dmarc=pass action=none header.from=mattr.global; dkim=pass header.d=mattr.global; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mattrglobal242.onmicrosoft.com; s=selector1-mattrglobal242-onmicrosoft-com;  h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=isgOuxBR8c3buuff54s8UQ4wpdYcPy71vtdwZu+ENYQ=; b=czDzYlYmV++1U6eOnUuGh4aiTP+0+mVn4xoJuh8R2t1ijCNbgQzT85vI80L3GavMllk/coUXifJXXfyy1VynYh1lka618ACH44l84BNUVghbtX8/ISNHHvFoQMRqpq+XPUOKa1Sqewcxz9BmhxLtr8uVjEMyS5sG048LhiLPp4s=
Received: from SY4P282MB0796.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:a9::8) by SY4P282MB1226.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:ad::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.24; Wed, 2 Jun 2021 23:57:09 +0000
Received: from SY4P282MB0796.AUSP282.PROD.OUTLOOK.COM ([fe80::4081:9963:542b:6a06]) by SY4P282MB0796.AUSP282.PROD.OUTLOOK.COM ([fe80::4081:9963:542b:6a06%6]) with mapi id 15.20.4195.022; Wed, 2 Jun 2021 23:57:09 +0000
From: Kyle Den Hartog <kyle.denhartog@mattr.global>
To: "secdir@ietf.org" <secdir@ietf.org>
CC: "jricher@mit.edu" <jricher@mit.edu>, "mbj@microsoft.com" <mbj@microsoft.com>
Thread-Topic: JWK/CWK draft for pairing friendly curves
Thread-Index: AQHXWAmFGYV+mbG5XUCV65d3SNKWMw==
Date: Wed, 2 Jun 2021 23:57:09 +0000
Message-ID: <SY4P282MB07966541D26259EB31DFC2CBFC3D9@SY4P282MB0796.AUSP282.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=mattr.global;
x-originating-ip: [2403:4d00:301:a65:897e:1f8d:6eb1:6f3c]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f89de1f0-21da-4104-d245-08d926222272
x-ms-traffictypediagnostic: SY4P282MB1226:
x-microsoft-antispam-prvs: <SY4P282MB1226A0729DD153BAC3B366BEFC3D9@SY4P282MB1226.AUSP282.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: bBUcpT2dwdK61q0huPH16PxSQozfyfc/MTdY6VeT1dJKw2WdE5zp3G/X69l9Ur/JUnBeoo7LdISdk2K8Hd3dMcKVyemK3t55qx0LyuQLdrzgoKetJH6rXAfir4HlV5T4RRKj9hxzFbHaBT4UdioF+fAzHjuEhFcIFdsYyqAtTMFjQCSr0VX7bX8zvDkFrEgDXm++ccuo6lGZmUn8f/AS7vvCjB0Mo4z/wJUQFUSlsKvN5wKklr5L/hkQC18aK/nyKANM8IlDKCpHTT0dmI0IyEcTzOLqWRgPxDASMmJ2dCyVwhRypYkVHXlbVudidv731U98h5Z2h461oQvMv6KSUaqNDwwMf3jIgVO4SSVyWpIWJJPwDTsvvLFT9GExrQIPNU0fGXhEDgsB7bxZXuQOuQVAs8CIFP6VvDNzfheemGcKWf+dFgBS3ozSJuzPKG4rN8QYsR+CR5wJIEC09DkcNKBprZVBL7JPMxQsppYW1um7GLW6o8G9J074mNmihhSHQ905/M/6g1rE4pooQwkz4J3L/VY9cssP8AKezpYbVTg6NYvatpphFrCo39d171szK0fRkKsWYGIafkoWFN4SvkTAxnMzVnigBx1Kj/CjynC6NFPjZuw3Bz0v6qxiK42Z/iHrnMWY2J1XCl+31hrCpja6kzo1+oqTuKrznl5FjLefiUUH/RZvHF1wfg3C9+Qc2dfprgNGizk9/Y8VtKS12A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;  IPV:NLI; SFV:NSPM; H:SY4P282MB0796.AUSP282.PROD.OUTLOOK.COM; PTR:; CAT:NONE;  SFS:(136003)(39830400003)(366004)(376002)(346002)(396003)(478600001)(4326008)(6506007)(54906003)(966005)(186003)(4744005)(76116006)(166002)(8676002)(55016002)(71200400001)(2906002)(38100700002)(33656002)(316002)(9686003)(52536014)(66946007)(8936002)(5660300002)(66446008)(6916009)(66476007)(83380400001)(64756008)(122000001)(7696005)(86362001)(66556008); DIR:OUT; SFP:1102; 
x-ms-exchange-antispam-messagedata: =?Windows-1252?Q?gUUAPOJNbM1hw+NXZUpQNQdQ4dC9lakbtH+3QEvvFF7klz8k1qMIMTeB?= =?Windows-1252?Q?lk1HVDNcxVhxnXDk5fq04L5zxXa/wfmYh0cta5XtCeIeDpO2pQBaPSHP?= =?Windows-1252?Q?bT6RZFIru3Iw3P2y/3uUUfPOMIRwOtzprxS2Lf01R10CMK4CZo0FVTYp?= =?Windows-1252?Q?3S0ifyS+/hkcBn9lb0gNfAK/Ly+b8khdF7zQlGFe4tLsRvQKpzaSJVGV?= =?Windows-1252?Q?oAnDyEkLEkmz77hseXDMV0v+UCD1osspXkncXhIuGHm/f6Jlw8X3/ELC?= =?Windows-1252?Q?O838jswGO9l1ML79eYOsfhYRGhC/ld20ovMI5hfaQ12dA3xcn4Y/VcZu?= =?Windows-1252?Q?+rAlXOPPvIdSVzPWbyZ/QV1OLnEbPxWGTzFAOxdx+d7x1/opm/BDmAc5?= =?Windows-1252?Q?Oy/+4oxF3eOmIesh5yMoUvC8INSBAqP+nXwdbGBVxV0Vm9Fl5LwPokuX?= =?Windows-1252?Q?dPtrsrMHJkCR4wsYu4SWBm8m577o+6vtalpgWN699rfIZyJv06rCLj7r?= =?Windows-1252?Q?e+0bNXDC8+ehsxsVb3A+I1EqR0grqqQa7t0M8IKXppEp7S4fsN/m9+fb?= =?Windows-1252?Q?JQQEMFpFRsvmNN3yXxwnNo9DaK/qi7D74aGiER4jL+d7pA4VhnugwyW1?= =?Windows-1252?Q?Vp8E2TfzoHyFeqlRwHyrJ2YO2FuYwpENWjhNVmWZ0IK+18fMjsQmbpD0?= =?Windows-1252?Q?9CKYp+fIpdMxZ3GPKZHeOYbhbXgv76ZPuThPch8iYJ6iVNxhvbUG3FAB?= =?Windows-1252?Q?dgSe1gEfyAFFhWBalAzVr1PwKcQdBahDffRUGykQjBhURjNCuRE5jG1N?= =?Windows-1252?Q?KUSfVqZrnc7IsdSHOp0GImX8Jo75edqG09Cmirt01gfWvruyrA/O+IlV?= =?Windows-1252?Q?CXd5ts/LVjxUUa6Bom0lTVJUYUkoK7UrpUnN7mVsslDYGT8XGPM29rC8?= =?Windows-1252?Q?YhQ8BgGhMXwPRtBaVDLZ5pAf6JKNVPtznxiGztOB+J89ZjNWo56zJx0i?= =?Windows-1252?Q?FcSKL1OyoUjJyEwGcIrnqXPwpoizI8UboNvqPD1dSVNWiFA7HupeatLk?= =?Windows-1252?Q?dxA7xSM0Q34ULpMlYYNgo3cUfpaqaSvR6b7yzUi2FarveBzcAslNpHHo?= =?Windows-1252?Q?MHIuKr3LrGAtqGcT5sA45LCHILWc332qf/lRD/ZXWpdgV+l7+S4BdVbU?= =?Windows-1252?Q?lOiUNqDREIVZqYIV7wo9Di+tyoqkcSykWQSqQAS0IKQfZAN1AYm7+nvx?= =?Windows-1252?Q?FGCZATmpn1uD8+/zozeauLymjjBSEo3/fm+Otlc9H+jBVez5n5AAb3zr?= =?Windows-1252?Q?DGa9LkR2AC3XbE7suO+eXmIqRLHN8Fw/P54Qo96D2+AgbVy6ijy2nsB4?= =?Windows-1252?Q?enqbH/g5vgsnflgWccR2v6qqUfubfh/V0TtFUUY5D97bYRjPXUsRZuTk?= =?Windows-1252?Q?F6Egg889C6H3zlEEYacuBFsq2l9u+EiJ/26L69HdC4W5Y73e85oZXWhp?= =?Windows-1252?Q?1CX7Xxr+U4LV3qR/KNo5Kw17MpxczQ=3D=3D?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_SY4P282MB07966541D26259EB31DFC2CBFC3D9SY4P282MB0796AUSP_"
MIME-Version: 1.0
X-OriginatorOrg: mattr.global
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4P282MB0796.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: f89de1f0-21da-4104-d245-08d926222272
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jun 2021 23:57:09.7582 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c2c9cf73-6aae-4702-9844-02adab723771
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: fe6mtYRUJj+L6jjY7+HMqZBamiwMDoO1AT3avLTMygHnU4ttjwIFL9f+Iu9wqhKDjYLmIXgOaOGfWUt71iMOV0p0JJjxFUum4api7uLBpU0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY4P282MB1226
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Dbbud1jZ99QpP6fjBKACL86EZa4>
Subject: [secdir] JWK/CWK draft for pairing friendly curves
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jun 2021 23:57:19 -0000

--_000_SY4P282MB07966541D26259EB31DFC2CBFC3D9SY4P282MB0796AUSP_
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable

I=92ve recently been working on defining how to represent pairing-friendly =
curves [1], an ongoing draft at the IRTF CFRG, in JWK/CWK format which is n=
ow available here [2]. I=92m curious what would be the next best steps to g=
et this work reviewed and eventually registered in the JOSE and COSE IANA r=
egistries. Any help would be appreciated.

Thanks,
Kyle Den Hartog

[1] https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-=
curves-09
[2] https://datatracker.ietf.org/doc/html/draft-denhartog-pairing-curves-jo=
se-cose-00

--_000_SY4P282MB07966541D26259EB31DFC2CBFC3D9SY4P282MB0796AUSP_
Content-Type: text/html; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable

<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:sc=
hemas-microsoft-com:office:word" xmlns:m=3D"http://schemas.microsoft.com/of=
fice/2004/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
252">
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:#0563C1;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri",sans-serif;
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
	{page:WordSection1;}
--></style>
</head>
<body lang=3D"EN-NZ" link=3D"#0563C1" vlink=3D"#954F72" style=3D"word-wrap:=
break-word">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span lang=3D"EN-US">I=92ve recently been working on=
 defining how to represent pairing-friendly curves [1], an ongoing draft at=
 the IRTF CFRG, in JWK/CWK format which is now available here [2]. I=92m cu=
rious what would be the next best steps
 to get this work reviewed and eventually registered in the JOSE and COSE I=
ANA registries. Any help would be appreciated.<br>
<br>
Thanks,<br>
Kyle Den Hartog<br>
<br>
[1] <a href=3D"https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairin=
g-friendly-curves-09">
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-curv=
es-09</a><br>
[2] https://datatracker.ietf.org/doc/html/draft-denhartog-pairing-curves-jo=
se-cose-00<o:p></o:p></span></p>
</div>
</body>
</html>

--_000_SY4P282MB07966541D26259EB31DFC2CBFC3D9SY4P282MB0796AUSP_--


From nobody Thu Jun  3 05:11:08 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FDFB3A0CC6 for <secdir@ietf.org>; Thu,  3 Jun 2021 05:11:05 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Tero Kivinen via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 7.30.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: secdir-secretary@mit.edu, Tero Kivinen <kivinen@iki.fi>
Message-ID: <162272226562.829.8106071107373964509@ietfa.amsl.com>
Date: Thu, 03 Jun 2021 05:11:05 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/57p0dU7b2o2KxK6YDr1RL6EdMl4>
Subject: [secdir] Assignments
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jun 2021 12:11:06 -0000

Review instructions and related resources are at:
http://tools.ietf.org/area/sec/trac/wiki/SecDirReview

For telechat 2021-06-03

Reviewer               LC end     Draft
Dan Harkins           R2021-03-22 draft-ietf-6man-spring-srv6-oam

For telechat 2021-06-17

Reviewer               LC end     Draft
Mališa Vučinić         2021-06-10 draft-ietf-httpbis-semantics
Paul Wouters           2021-06-10 draft-ietf-httpbis-messaging

Last calls:

Reviewer               LC end     Draft
John Bradley           2021-03-16 draft-ietf-idr-bgp-ls-registry
Nancy Cam-Winget       2021-06-08 draft-ietf-oauth-par
Shaun Cooley           2021-02-25 draft-ietf-v6ops-ipv6-ehs-packet-drops
Alan DeKok             2021-03-24 draft-ietf-cbor-tags-oid
Linda Dunbar           2021-06-07 draft-ietf-drip-reqs
Donald Eastlake        2021-06-07 draft-ietf-dnsop-rfc7816bis
Shawn Emery            2021-06-07 draft-ietf-perc-dtls-tunnel
Daniel Gillmor         2021-03-26 draft-ietf-lamps-crmf-update-algs
Phillip Hallam-Baker   2021-06-10 draft-ietf-stir-enhance-rfc8226
Steve Hanna            2021-03-22 draft-ietf-regext-secure-authinfo-transfer
Dan Harkins           R2021-03-22 draft-ietf-6man-spring-srv6-oam
Leif Johansson         None       draft-ietf-netconf-crypto-types
Aanchal Malhotra       None       draft-ietf-opsawg-l3sm-l3nm
Catherine Meadows      2021-04-14 draft-ietf-ntp-interleaved-modes
Kathleen Moriarty      2021-04-27 draft-ietf-bess-mvpn-msdp-sa-interoperation
Russ Mundy             2021-04-20 draft-ietf-dprive-xfr-over-tls
Sandra Murphy         R2021-04-05 draft-ietf-dmarc-psd
Sandra Murphy          2020-10-15 draft-ietf-tls-external-psk-importer
Yoav Nir               2021-04-28 draft-ietf-core-new-block
Melinda Shore          2021-05-17 draft-ietf-payload-rtp-jpegxs
Mališa Vučinić         2021-06-10 draft-ietf-httpbis-semantics
Carl Wallace          R2021-02-22 draft-ietf-tcpm-2140bis
Samuel Weiler          2021-02-22 draft-ietf-tls-dtls13
Brian Weis             2021-02-19 draft-ietf-lamps-cms-aes-gmac-alg
Klaas Wierenga         2020-12-02 draft-ietf-core-echo-request-tag
Klaas Wierenga         2020-05-26 draft-ietf-kitten-krb-spake-preauth
Christopher Wood       2021-06-15 draft-ietf-6man-ipv6-alt-mark
Paul Wouters           2021-06-10 draft-ietf-httpbis-messaging
Liang Xia              2021-03-17 draft-ietf-core-sid

Early review requests:

Reviewer               Due        Draft
Stephen Farrell        2021-06-21 draft-ietf-idr-bgpls-srv6-ext
Daniel Franke          2021-06-30 draft-ietf-anima-constrained-voucher
Tina Tsou              2021-02-15 draft-ietf-idr-eag-distribution
Dacheng Zhang          2020-12-07 draft-ietf-idr-eag-distribution

Next in the reviewer rotation:

  Daniel Gillmor
  Phillip Hallam-Baker
  Steve Hanna
  Dan Harkins
  Russ Housley
  Christian Huitema
  Leif Johansson
  Charlie Kaufman
  Scott Kelly
  Tero Kivinen


From nobody Thu Jun  3 13:19:25 2021
Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 802593A18D6; Thu,  3 Jun 2021 13:19:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level: 
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KKfBuAL1o7bG; Thu,  3 Jun 2021 13:19:12 -0700 (PDT)
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B04E43A18D4; Thu,  3 Jun 2021 13:19:11 -0700 (PDT)
Received: by mail-io1-xd31.google.com with SMTP id a8so7672787ioa.12; Thu, 03 Jun 2021 13:19:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=mime-version:from:date:message-id:subject:to:cc; bh=9iA+ciS8UZncAU2fWzb74iTactfEA13ckzGSFZkPW6k=; b=sNN3uhuXowULC/goGCGuLYkRJUdUfQ7DjpXAXitH+Hr6uf3xF7Ra6xMTsxJ4dpENKN b9V4GdA34IfLnJv9HyBJJKTpnWhnS8hT+bow5ehwQJ0FLaZtay3tjXAB9VdxkHD7d0dJ 0f+HfU73bV8SrnOHSA0ny6AvgGApJ67PL7dS9vfbq5UgHgIS1spPO7IoQQfzZnrSPtX3 HQisRYKtJnQI0vQ0kSAXmG8p9hdZ+Z/VBvhuBM8ocrr3Z6clHKyq3f5rKFVdlhbutt7E rr6meXd5kSPV05e50n29G4z/JfN/wy+pF/QnAE4mzc6CaQn9DfKiw1o+t/jKj+js0ifH RS8g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=9iA+ciS8UZncAU2fWzb74iTactfEA13ckzGSFZkPW6k=; b=Zs2tNHOVqRcGb0IjqQdGc7b2/9ia8hUgXg5RdPxLEGPv9ZuaYe3EmbYxCMH5lk07ks pqytvgQqDCU7X9MSU2qMP37ejxdD6qaGJQdzEfhx1K20M6oCusWFG/CRrfTO4NL3BeVc la3UjNwu8SjZz6sZh4QxUFkDv5Sa156CHlefe/KsqAvLAaxKGHIN7qNW863/XbIsDu4+ U2MKzZLWd2Xg4OACsq5G1cZLz4JbN2cdUNezWxbzBUtUAFs0UYNfdF9SH/UkuKxkYIRd +Vk8QXG4bLalLEup2B1uIMqFyOIjmleHpqf3FShqD+ahGlt02iJQhFbUfXc2BRehN1Md cEsQ==
X-Gm-Message-State: AOAM532aqHI28LwTbWAji6WUB6U1+z7hvO+F5nue4R6GpYvBeXY9CcN+ ng8+QIcJ/scTvsAExpkABwTyiOH4KiDzRCIdc77FVD9lh/U=
X-Google-Smtp-Source: ABdhPJyHkFzt/RqVPDKsIh4gblh17Y8JiOUgT17h6Am6A6khjXDepCel46e6c9Gl1xdtC/b/zJZ3asNHuY3T9V9+Eb0=
X-Received: by 2002:a5d:9694:: with SMTP id m20mr825168ion.185.1622751549867;  Thu, 03 Jun 2021 13:19:09 -0700 (PDT)
MIME-Version: 1.0
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Thu, 3 Jun 2021 16:18:59 -0400
Message-ID: <CAF4+nEFZTWqAE+N8bf5PbTtL=-FSzXqJrJnPPaXvzbatX7z0xA@mail.gmail.com>
To: "iesg@ietf.org" <iesg@ietf.org>
Cc: secdir <secdir@ietf.org>, Last Call <last-call@ietf.org>,  draft-ietf-dnsop-rfc7816bis.all@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/nRcZQTTexh-MdG9gABRoGCsSFBU>
Subject: [secdir] SECDIR review of draft-ietf-dnsop-rfc7816bis-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jun 2021 20:19:14 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. Document editors and WG chairs should treat these comments just
like any other last call comments.

The summary of the review is READY.

This is an excellent draft about how to minimize the information sent
to higher level DNS servers (those serving zones closer to root) to
protect privacy. There are more subtleties and 2nd order potential
difficulties with this than I would have expected but, as far as I can
tell, these are all covered by the draft, as one might expect in a bis
draft that incorporates lessons learned in the deployment of the
original (RFC 7816).

One wonders if/when it might be better to use AAAA as the substitute
QTYPE for minimized queries rather than A  :-)

Below I have a few suggested wording changes which I believe would be
small improvements but I consider optional.

Minor Suggestions:

Section 1, page 3: "this choice at this time" -> "this choice at that time"

Section 1.1, page 3:
"lessons learned from implementing QNAME minimization" ->
"lessons learned from implementing RFC 7816 QNAME minimization"

Section 2.1, page 5: To clarify, for readers who don't know, that RFC
8305 is the happy eyeballs RFC:
OLD
   records.  Another potential benefit of using QTYPE=A is that
   [RFC8305] clients that need answers for both the A and AAAA types
NEW
   records.  Another potential benefit of using QTYPE=A is that
   happy eyeballs [RFC8305] clients that need answers for both the A
and AAAA types

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com


From nobody Fri Jun  4 15:34:39 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 482D43A23A6; Fri,  4 Jun 2021 15:34:37 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Linda Dunbar via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: draft-ietf-drip-reqs.all@ietf.org, last-call@ietf.org, tm-rid@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.30.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162284607683.2810.922759741714671925@ietfa.amsl.com>
Reply-To: Linda Dunbar <linda.dunbar@futurewei.com>
Date: Fri, 04 Jun 2021 15:34:36 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/lrAuVH-j4JSdbon231J3ZWprNPE>
Subject: [secdir] Secdir last call review of draft-ietf-drip-reqs-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jun 2021 22:34:38 -0000

Reviewer: Linda Dunbar
Review result: Has Issues

Reviewer: Linda Dunbar
Review result: Has Issues

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
  last call comments.

This document specifies the requirements for Drone Remote Identifiers. But it
doesn't specify any Authoritative agencies to manage the Remote IDs. Section
1.2 states that the Remote IDs are "Self-reports".  Does it mean anyone who
buys or deploys drones will follow the naming requirements specified by this
document? How to enforce?

Best Regards,
Linda Dunbar




From nobody Sun Jun  6 17:54:10 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 11E5A3A2F33; Sun,  6 Jun 2021 17:54:04 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Shawn Emery via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: draft-ietf-perc-dtls-tunnel.all@ietf.org, last-call@ietf.org, perc@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.30.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162302724403.5524.7530871359171917876@ietfa.amsl.com>
Reply-To: Shawn Emery <shawn.emery@gmail.com>
Date: Sun, 06 Jun 2021 17:54:04 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/zZM4iyg-lbCZ9ShSN4ZkxN7Om-Y>
Subject: [secdir] Secdir last call review of draft-ietf-perc-dtls-tunnel-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 00:54:04 -0000

Reviewer: Shawn Emery
Review result: Not Ready

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
Document editors and WG chairs should treat these comments just like any other
last call comments.

This draft specifies a DTLS tunneling protocol for Privacy-Enhanced RTP
Conferencing (PERC).  This entails a key exchange between the conference
end-points and the key distributor through a delegate, media distributor.

The security considerations section does exist and describes that the media
distributor does not introduce any additional security issues given that it is
just on-path with the key exchange between the endpoint and the key
distributor.  Secondly, the key material between the media distributor and key
distributor is protected through the mutually authenticated connection between
the two entities.  Thirdly, the meta data exchanged between the media
distributor and key distributor is not sensitive information, but is still
protected through the TLS connection.  I agree with the above assertions. 
Besides the concerns described in the genart review about the impact of key
material disclosure, the authors should consider the various other forms of
security issues against the protocol, such as downgrade/DoS attacks from
profile negotiation, etc.  The section could list and simply refer to the base
RFCs, 5764, 8871, etc., to provide remediation against these attacks.

General comments:

The example message flow and binary coding was helpful, thank you.

Editorial comments:

s/might might/might/
s/!@RFC4566/RFC4566/g
s/An value/A value/
s/!@RFC8126/RFC8126/
s/material This/material.  This/




From nobody Mon Jun  7 01:53:56 2021
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD2B43A3D20; Mon,  7 Jun 2021 01:53:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level: 
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id guhvXUktX23L; Mon,  7 Jun 2021 01:53:46 -0700 (PDT)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85CAB3A3D1C; Mon,  7 Jun 2021 01:53:45 -0700 (PDT)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 85E48280DD3; Mon,  7 Jun 2021 10:53:42 +0200 (CEST)
Received: by mx4.nic.fr (Postfix, from userid 500) id 7EB632814FE; Mon,  7 Jun 2021 10:53:42 +0200 (CEST)
Received: from relay01.prive.nic.fr (relay01.prive.nic.fr [IPv6:2001:67c:2218:15::11]) by mx4.nic.fr (Postfix) with ESMTP id 76F9A280DD3; Mon,  7 Jun 2021 10:53:42 +0200 (CEST)
Received: from b12.nic.fr (b12.users.prive.nic.fr [10.10.86.133]) by relay01.prive.nic.fr (Postfix) with ESMTP id 723336071EA6; Mon,  7 Jun 2021 10:53:42 +0200 (CEST)
Received: by b12.nic.fr (Postfix, from userid 1000) id 6C1663FF3C; Mon,  7 Jun 2021 10:53:42 +0200 (CEST)
Date: Mon, 7 Jun 2021 10:53:42 +0200
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Donald Eastlake <d3e3e3@gmail.com>
Cc: "iesg@ietf.org" <iesg@ietf.org>, secdir <secdir@ietf.org>, Last Call <last-call@ietf.org>, draft-ietf-dnsop-rfc7816bis.all@ietf.org
Message-ID: <20210607085342.GA30635@nic.fr>
References: <CAF4+nEFZTWqAE+N8bf5PbTtL=-FSzXqJrJnPPaXvzbatX7z0xA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAF4+nEFZTWqAE+N8bf5PbTtL=-FSzXqJrJnPPaXvzbatX7z0xA@mail.gmail.com>
X-Operating-System: Debian GNU/Linux 10.9
X-Kernel: Linux 4.19.0-16-amd64 x86_64
X-Charlie: Je suis Charlie
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Bogosity: No, tests=bogofilter, spamicity=0.011879, version=1.2.2
X-PMX-Version: 6.4.9.2830568, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2021.6.7.84816, AntiVirus-Engine: 5.83.0, AntiVirus-Data: 2021.6.6.5830001
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/0C9xM1bnFgHJkch9XIM_XGxuNl8>
Subject: Re: [secdir] SECDIR review of draft-ietf-dnsop-rfc7816bis-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 08:53:51 -0000

On Thu, Jun 03, 2021 at 04:18:59PM -0400,
 Donald Eastlake <d3e3e3@gmail.com> wrote 
 a message of 45 lines which said:

> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG.

There is apparently some glitch on the datatracker since your review
is marked as not done yet
<https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc7816bis/reviewrequest/14679/>.


> One wonders if/when it might be better to use AAAA as the substitute
> QTYPE for minimized queries rather than A  :-)

There are two reasons to use A (probably the biggest changed since RFC
7816):

- minimize the risk of failure with broken middleboxes choking on
QTYPE they don't know,
- since the whole goal is privacy, you're more lost in the crowd with
A requests.


From nobody Mon Jun  7 05:00:27 2021
Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 788C13A12B0; Mon,  7 Jun 2021 05:00:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level: 
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sT2g16ichO3M; Mon,  7 Jun 2021 05:00:08 -0700 (PDT)
Received: from mail-io1-xd29.google.com (mail-io1-xd29.google.com [IPv6:2607:f8b0:4864:20::d29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A09B03A129D; Mon,  7 Jun 2021 05:00:07 -0700 (PDT)
Received: by mail-io1-xd29.google.com with SMTP id e17so17950853iol.7; Mon, 07 Jun 2021 05:00:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vRs1gc0GLC9dxZwPTcQtaltYSxYuDZGPvNyPWg26yEc=; b=ZF7F//8F04za0fH2J516Ays7PzWuSTFeN5iwWDFO1gN20Me6QtFqM5TOjZRNPzQrzp qLI48w3HG5s/FcqFZK2z9uJ7gfnHmL+4wkZRM4G8x+aYy7zn6tsIjLlBLMSvf26lHOcU 7yxZq00sPm8XbSpo3zEnCgxnubnVDQ2uThnyXyxcAVFju8GMHi14eqbhzO4ro9h1bvjn Zs8yMb5dUlnbB6LNALEBcHwY5+sU1V9zmFOlfoaACpKJ1w3mrPde3wAmbrj+klp8keQX 6TO092LFDO76y72LwxMAnq7lQaKwze0WFFYgsbokOVJqsY35J6sKg+5k5ZUvHD59RZvo zSdw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vRs1gc0GLC9dxZwPTcQtaltYSxYuDZGPvNyPWg26yEc=; b=VAUf9nvcwKYN78Z2r2P7rkUz+2c1nM4I6oKrHCP2HYl7qiU5vH0zsHAPZxfov4t+I4 y8rs0iUKRQzhLBGAIgoC9mtoiI0Lo0phMhENAeSY/MQUU5EfK2ZLW7mBmu5xQKTxaZUN BB57Ien8rv2MGPiJLZgY+4Qi7qNu4hXCvL297fuBvzqWpwMFRVAt8G1Q7BBDw9lCsy3S MAsyQMb6Nywzewv77XaLHMalEaztqYOHl/nb291Q4W526efjSRiME59epiHO5ZqiJasS A7Hg91u+NYZwMz7/sbMP4fJQuGWBYK3zdoZW8xHSjlfCtg6otGSOVw7fLOzMticyNivr kwkQ==
X-Gm-Message-State: AOAM5310GxDwrSiyC8X7j+ehUwrTela4Qj0WV2gOgxq75LJSARthWQlD LQy5xuOyRbFxax0gqt+cLvcAvdezDl6eQfJ1l8DCLrty
X-Google-Smtp-Source: ABdhPJxK/ivWEP9mIg5YghY2dSWyI84NHS6H87Gslw9230g3hn8imqyqdouOv74YCu6GGzYeAn3PP9zpcfRKNV5QoO4=
X-Received: by 2002:a05:6638:144a:: with SMTP id l10mr15687678jad.50.1623067205393;  Mon, 07 Jun 2021 05:00:05 -0700 (PDT)
MIME-Version: 1.0
References: <CAF4+nEFZTWqAE+N8bf5PbTtL=-FSzXqJrJnPPaXvzbatX7z0xA@mail.gmail.com> <20210607085342.GA30635@nic.fr>
In-Reply-To: <20210607085342.GA30635@nic.fr>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Mon, 7 Jun 2021 07:59:54 -0400
Message-ID: <CAF4+nEGsmrj0L+d9wgTP3BrzLPar4_uigd+y6O3ChQ3fb5FYaA@mail.gmail.com>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>, Viktor Dukhovni <ietf-dane@dukhovni.org>
Cc: secdir <secdir@ietf.org>, Last Call <last-call@ietf.org>,  draft-ietf-dnsop-rfc7816bis.all@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/mdZkCOJQ3loic2JdZnXLsM5l36Y>
Subject: Re: [secdir] SECDIR review of draft-ietf-dnsop-rfc7816bis-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 12:00:22 -0000

Dear Stephane and Viktor,

There is a reason I put a smiley face after my comment about AAAA. I
think the use of A is adequately motivated by text in the draft.

Stephane: I'm not sure why the review was not marked as done but it is
so marked now.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com

On Mon, Jun 7, 2021 at 4:53 AM Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote:
>
> On Thu, Jun 03, 2021 at 04:18:59PM -0400,
>  Donald Eastlake <d3e3e3@gmail.com> wrote
>  a message of 45 lines which said:
>
> > I have reviewed this document as part of the security directorate's
> > ongoing effort to review all IETF documents being processed by the
> > IESG.
>
> There is apparently some glitch on the datatracker since your review
> is marked as not done yet
> <https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc7816bis/reviewrequest/14679/>.
>
>
> > One wonders if/when it might be better to use AAAA as the substitute
> > QTYPE for minimized queries rather than A  :-)
>
> There are two reasons to use A (probably the biggest changed since RFC
> 7816):
>
> - minimize the risk of failure with broken middleboxes choking on
> QTYPE they don't know,
> - since the whole goal is privacy, you're more lost in the crowd with
> A requests.
>


From nobody Mon Jun  7 08:24:00 2021
Return-Path: <stu.card@axenterprize.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 077693A193A for <secdir@ietfa.amsl.com>; Mon,  7 Jun 2021 08:23:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=axenterprize.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x0UTHvfsxtsT for <secdir@ietfa.amsl.com>; Mon,  7 Jun 2021 08:23:49 -0700 (PDT)
Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8F073A1A36 for <secdir@ietf.org>; Mon,  7 Jun 2021 08:23:48 -0700 (PDT)
Received: by mail-qk1-x730.google.com with SMTP id i68so13442807qke.3 for <secdir@ietf.org>; Mon, 07 Jun 2021 08:23:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axenterprize.com; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=9DuG4Wa5TbXcRxNdJ8ikE0Upqjjwb9yZ3nmWVXptu58=; b=QiDMCFczDCCNDKn5JL2qY55ALe4YjkeA4Ie9ZH4O34l6xWAdMfVQlvEAxa9WallM5f vO489qqI4WczT4nIUUgNLBu6nIsvv1aj91OkC5HvgPymMKNdCrn/tg+1enhiPAtfECDR /PDG/mXpWAGbMu6YmGd/1YqRDSQ9wT/06iqvQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=9DuG4Wa5TbXcRxNdJ8ikE0Upqjjwb9yZ3nmWVXptu58=; b=K/Y8XDMYWcewc1zKs3uMF3E6G3jhk85xBAq32GwWu9L/oS1slCPXdWnYjU9WpsIDRe lhJg0yzFQmawUwppWE+kTauDo7Vtck2pd/bZe1ff6r0/NxZeIJaLrYmeTIdsIxvhl3Hn jPMZ+OhEQOPYEFBbyj5/yKjJkNtW5wVZb5TlFstvFxR3CVGM31wGc6rQbXDv86OSlNLp 7QdhLDT8qkAnriA3Wao50fYCRkzb4hRFIVNF0ytoaNk4CcFhWdTvBbOj9um+AedoWxfj eyzegxOZHbm9lz1Mt90xcjsnrx81Uc0Ct8UrJPXlSgJiSVBbfQ/fb0ftIoC7rmauRtGD 9QmA==
X-Gm-Message-State: AOAM532fa4RwBODFQuGhTQeBrONmQRrUFcGVxOwP1Xr8EgNi9gAFSq6N zc9H3joXiDDSRckMGh6Epat6vA==
X-Google-Smtp-Source: ABdhPJz3WMfQwawMgfQHgOUhhwKRg52NJ+UsYKWATj4qNS3oGHQBoMjrGHF8P9lB90l3kBVPywbprw==
X-Received: by 2002:a37:a8c1:: with SMTP id r184mr16890853qke.129.1623079425879;  Mon, 07 Jun 2021 08:23:45 -0700 (PDT)
Received: from [192.168.129.107] (ip-72-10-210-250.nwptny.ntcnet.net. [72.10.210.250]) by smtp.gmail.com with ESMTPSA id l127sm1053339qkc.64.2021.06.07.08.23.44 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 07 Jun 2021 08:23:45 -0700 (PDT)
To: Linda Dunbar <linda.dunbar@futurewei.com>, secdir@ietf.org
Cc: draft-ietf-drip-reqs.all@ietf.org, last-call@ietf.org, tm-rid@ietf.org
References: <162284607683.2810.922759741714671925@ietfa.amsl.com>
From: "Stuart W. Card" <stu.card@axenterprize.com>
Message-ID: <1fda7554-4396-e2be-6710-9d418d0f9171@axenterprize.com>
Date: Mon, 7 Jun 2021 11:23:46 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <162284607683.2810.922759741714671925@ietfa.amsl.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/j7w7eNFWRz1FuL31zZ9i86g0KHs>
Subject: Re: [secdir] Secdir last call review of draft-ietf-drip-reqs-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 15:23:54 -0000

Good catch: not that the issue has not been addressed, but that where 
(external to IETF) it has been addressed is neither cited nor explained 
in our requirements; those of us more involved in UAS know it was 
addressed elsewhere, so never thought even to mention it here, as we 
should. Thanks!

I previously sent the above reply to a narrower distribution, but just 
learned proper form in this context is to Reply to All.

On 6/4/2021 6:34 PM, Linda Dunbar via Datatracker wrote:
> Reviewer: Linda Dunbar
> Review result: Has Issues
> 
> Reviewer: Linda Dunbar
> Review result: Has Issues
> 
> I have reviewed this document as part of the security directorate's ongoing
> effort to review all IETF documents being processed by the IESG.  These
> comments were written primarily for the benefit of the security area directors.
>   Document editors and WG chairs should treat these comments just like any other
>    last call comments.
> 
> This document specifies the requirements for Drone Remote Identifiers. But it
> doesn't specify any Authoritative agencies to manage the Remote IDs. Section
> 1.2 states that the Remote IDs are "Self-reports".  Does it mean anyone who
> buys or deploys drones will follow the naming requirements specified by this
> document? How to enforce?
> 
> Best Regards,
> Linda Dunbar
> 
> 
> 


-- 
-----------------------------------------
Stuart W. Card, PhD, Principal Engineer
AX Enterprize, LLC  www.axenterprize.com
4947 Commercial Drive, Yorkville NY 13495


From nobody Mon Jun  7 19:50:53 2021
Return-Path: <paulej@packetizer.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 081853A1DAC; Mon,  7 Jun 2021 19:50:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.399
X-Spam-Level: 
X-Spam-Status: No, score=-4.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=packetizer.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3xdMiVe1ondq; Mon,  7 Jun 2021 19:50:36 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [IPv6:2600:1f18:24d6:2e01:e842:9b2b:72a2:d2c6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C39213A1D9A; Mon,  7 Jun 2021 19:50:35 -0700 (PDT)
Received: from authuser (localhost [127.0.0.1]) 
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=packetizer.com; s=dublin; t=1623120628; bh=Ffz5fyXLf27OQwkA6fOeiMVYHCy3kPxMoXKkO8dzBGU=; h=From:To:Subject:Cc:Date:In-Reply-To:References:Reply-To; b=VndkYpWYL1EhEhTbmAc5kewxRw87FjV4RZP0tJ5QXIVHwCHqOPpJv5dIYGpIahEp9 VoE5CXoT//ZljGIsrYPWJyV2yOLOOj+hwBAGMPPvVpThLz6daLMbUnp0hmq1j15Is7 fDTiYwXUmB55sghiUDpLBQUruRhRSr/XotbJRy+g=
From: "Paul E. Jones" <paulej@packetizer.com>
To: "Shawn Emery" <shawn.emery@gmail.com>, secdir@ietf.org
Cc: draft-ietf-perc-dtls-tunnel.all@ietf.org, last-call@ietf.org, perc@ietf.org
Date: Tue, 08 Jun 2021 02:50:25 +0000
Message-Id: <em199c2ab4-ef2f-4756-b044-35572ddfe7c2@sydney>
In-Reply-To: <162302724403.5524.7530871359171917876@ietfa.amsl.com>
References: <162302724403.5524.7530871359171917876@ietfa.amsl.com>
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
User-Agent: eM_Client/8.2.1237.0
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/TM21vmG7qkVAX0YD3lcsbTuyH1Q>
Subject: Re: [secdir] Secdir last call review of draft-ietf-perc-dtls-tunnel-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jun 2021 02:50:49 -0000

Shawn,

Thanks for the review.  Russ also had comments on the security=20
considerations section.  I have changed that substantially and welcome=20
any additional input.  See these changes:

https://github.com/percwg/perc-wg/compare/paulej_ietf_lc

Paul

------ Original Message ------
From: "Shawn Emery via Datatracker" <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-perc-dtls-tunnel.all@ietf.org; last-call@ietf.org;=20
perc@ietf.org
Sent: 6/6/2021 8:54:04 PM
Subject: Secdir last call review of draft-ietf-perc-dtls-tunnel-08

>Reviewer: Shawn Emery
>Review result: Not Ready
>
>I have reviewed this document as part of the security directorate's ongoin=
g
>effort to review all IETF documents being processed by the IESG.  These
>comments were written primarily for the benefit of the security area direc=
tors.
>Document editors and WG chairs should treat these comments just like any o=
ther
>last call comments.
>
>This draft specifies a DTLS tunneling protocol for Privacy-Enhanced RTP
>Conferencing (PERC).  This entails a key exchange between the conference
>end-points and the key distributor through a delegate, media distributor.
>
>The security considerations section does exist and describes that the medi=
a
>distributor does not introduce any additional security issues given that i=
t is
>just on-path with the key exchange between the endpoint and the key
>distributor.  Secondly, the key material between the media distributor and =
key
>distributor is protected through the mutually authenticated connection bet=
ween
>the two entities.  Thirdly, the meta data exchanged between the media
>distributor and key distributor is not sensitive information, but is still
>protected through the TLS connection.  I agree with the above assertions.
>Besides the concerns described in the genart review about the impact of ke=
y
>material disclosure, the authors should consider the various other forms o=
f
>security issues against the protocol, such as downgrade/DoS attacks from
>profile negotiation, etc.  The section could list and simply refer to the=
 base
>RFCs, 5764, 8871, etc., to provide remediation against these attacks.
>
>General comments:
>
>The example message flow and binary coding was helpful, thank you.
>
>Editorial comments:
>
>s/might might/might/
>s/!@RFC4566/RFC4566/g
>s/An value/A value/
>s/!@RFC8126/RFC8126/
>s/material This/material.  This/
>
>
>


From nobody Wed Jun  9 07:17:28 2021
Return-Path: <Edward.Birrane@jhuapl.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0031A3A18CB; Wed,  9 Jun 2021 07:17:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.389
X-Spam-Level: 
X-Spam-Status: No, score=-4.389 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jhuapl.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z5noXct-7Jp7; Wed,  9 Jun 2021 07:17:21 -0700 (PDT)
Received: from aplegw01.jhuapl.edu (aplegw01.jhuapl.edu [128.244.251.168]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6FE43A18C9; Wed,  9 Jun 2021 07:17:12 -0700 (PDT)
Received: from pps.filterd (aplegw01.jhuapl.edu [127.0.0.1]) by aplegw01.jhuapl.edu (8.16.0.43/8.16.0.43) with SMTP id 159EGxlL071119; Wed, 9 Jun 2021 10:17:09 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jhuapl.edu; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=JHUAPLDec2018; bh=I3SYfSrYGk6Bi44IkVkyNJgh7hD7NkF/JZjcnbpy0bs=; b=pH4O5RhymB1CIOdGwJVrPSGgC9vlDGPag8f2yuLuGGc/NovA/JAK0Z681LLL+47UKhMy IBg3Z0ubAsdKHQ9M0oY9yeZH+jgrnF0Mmo6VC96vX2hDTJHurW5C+d1SeUeVqugqe/Mo ci8+RBy+CvYDHJvteKhXyMEjPzu6ur2GgxTFGrFnWhObCeH5qC96vftkFyFLFFBXaOyi sLiOaKyBKhQ+36aLPmQnKNRUG1ttt7j6L2+cZHXVD87rfg63YzyXZtVIKfv4bOzX7NUT MoG+VfZEfoce+w3SpzSNTEuySZQkE8gdSsaJIGXjew1VkO4XDNRaM3a9JbXPmDZBLL+w iw== 
Received: from aplex02.dom1.jhuapl.edu (aplex02.dom1.jhuapl.edu [128.244.198.6]) by aplegw01.jhuapl.edu with ESMTP id 391y9a99cp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 09 Jun 2021 10:17:09 -0400
X-CrossPremisesHeadersFilteredBySendConnector: aplex02.dom1.jhuapl.edu
Received: from aplex01.dom1.jhuapl.edu (128.244.198.5) by aplex02.dom1.jhuapl.edu (128.244.198.6) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Wed, 9 Jun 2021 10:17:08 -0400
Received: from aplex01.dom1.jhuapl.edu ([fe80::19f5:dcc5:c696:1a50]) by aplex01.dom1.jhuapl.edu ([fe80::19f5:dcc5:c696:1a50%25]) with mapi id 15.00.1497.018; Wed, 9 Jun 2021 10:17:08 -0400
From: "Birrane, Edward J." <Edward.Birrane@jhuapl.edu>
To: Christian Huitema <huitema@huitema.net>, "secdir@ietf.org" <secdir@ietf.org>
CC: "draft-ietf-dtn-bpsec-default-sc.all@ietf.org" <draft-ietf-dtn-bpsec-default-sc.all@ietf.org>, "dtn@ietf.org" <dtn@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: [EXT] Secdir last call review of draft-ietf-dtn-bpsec-default-sc-07
Thread-Index: AQHXU+6UBlgxk74+pESA6s7S8RVd1qsLxdJg
Date: Wed, 9 Jun 2021 14:17:08 +0000
Message-ID: <5c607c5d7cf64b998a8bd2e057770ca0@aplex01.dom1.jhuapl.edu>
References: <162222621650.3936.204909667434697510@ietfa.amsl.com>
In-Reply-To: <162222621650.3936.204909667434697510@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [128.244.198.168]
Content-Type: multipart/alternative; boundary="_000_5c607c5d7cf64b998a8bd2e057770ca0aplex01dom1jhuapledu_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: aplex02.dom1.jhuapl.edu
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-06-09_04:2021-06-04, 2021-06-09 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/RQM2l7ez-vnnaFpCjRPOLKahBwE>
Subject: Re: [secdir] [EXT] Secdir last call review of draft-ietf-dtn-bpsec-default-sc-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jun 2021 14:17:26 -0000

--_000_5c607c5d7cf64b998a8bd2e057770ca0aplex01dom1jhuapledu_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

Q2hyaXN0aWFuLA0KDQoNCg0KICBUaGFuayB5b3UgZm9yIHRoaXMgdXBkYXRlZCByZXZpZXcuDQoN
Cg0KDQogIEkgdW5kZXJzdGFuZCBhbmQgYWdyZWUgd2l0aCB5b3VyIGFkZGl0aW9uYWwgY29tbWVu
dHMgb24gQUVBRCBhbmQgaGF2ZSBwcm9kdWNlZCBhIC0wOCB3aGljaCBJIGhvcGUgY2xhcmlmaWVz
IG9wdGlvbnMgYXJvdW5kIHRoZSBoYW5kbGluZyBvZiB0aGUgYXV0aGVudGljYXRpb24gdGFnLg0K
DQoNCg0KICBUaHJlZSBxdWljayBvYnNlcnZhdGlvbnM6DQoNCg0KDQotICAgICAgICAgICBUaGUg
QkNCLUFFUy1HQ00gc2VjdXJpdHkgY29udGV4dCB3aWxsIGFsd2F5cyBiZSBkb2N1bWVudGVkIGZv
ciB0aGUgR0NNIG1vZGUgb2YgQUVTIHNvLCBhcyB5b3Ugc2F5LCBtYW5hZ2luZyB0aGlzIGNvbXBs
ZXhpdHkgZm9yIEFFUy1HQ00gaXMgd29ya2FibGUuIEJ1dCBhbHNvIGFncmVlIHRoYXQgZm9yIERU
TiBhdCBsYXJnZSwgYXMgd2Ugd29yayB0byBpbmNvcnBvcmF0ZSBuZXdlciBlbmNyeXB0aW9uIGFs
Z29yaXRobXMsIG5ldyBzZWN1cml0eSBjb250ZXh0IGRvY3VtZW50cyB3aWxsIGJlIHByb2R1Y2Vk
IGFuZCBhdXRoZW50aWNhdGlvbi9lbmNyeXB0aW9uIGNhbiBiZSBqb2luZWQgZm9yIHRob3NlIGRv
Y3VtZW50cyBhbmQgYWxnb3JpdGhtcyBpbiBhIGxlc3MgY29tcGxleCB3YXkuDQoNCg0KDQotICAg
ICAgICAgIFdlIGFyZSBzdGlsbCB3b3JraW5nIHdpdGggKHNvbWUpIGFlcy1nY20gbGlicmFyaWVz
IHdob3NlIEFQSXMgc2VwYXJhdGUgdGhlIGF1dGhlbnRpY2F0aW9uIHRhZy4gRm9yIGV4YW1wbGUs
IHRoZSBtYmVkdGxzIChodHRwczovL3d3dy50cnVzdGVkZmlybXdhcmUub3JnL3Byb2plY3RzL21i
ZWQtdGxzLykgQVBJIHVzZXMgdGhlIGZ1bmN0aW9uICBtYmVkdGxzX2djbV9jcnlwdF9hbmRfdGFn
IHdoaWNoIHRha2VzIHRoZSB0YWcgc2VwYXJhdGVseSBmcm9tIHRoZSBjaXBoZXIgdGV4dC4gIEZv
ciBpbnRlcm9wZXJhYmlsaXR5LCBwdWxsaW5nIHRoZSB0YWcgaW50byBhIHNlY3VyaXR5IHJlc3Vs
dCBpcyBoZWxwZnVsLiBJZiBhIHNlY3VyaXR5IHNvdXJjZSB3ZXJlIHRvIHByb2R1Y2UgYSBibG9i
IHRoYXQgcmVwcmVzZW50ZWQgYW4gdW5rbm93biBvcmRlcmluZyBvZiBjaXBoZXIgdGV4dCBhbmQg
YXV0aGVudGljYXRpb24gdGFnLCB0aGVuIGEgc2VjdXJpdHkgZGVzdGluYXRpb24gdXNpbmcgbWJl
ZHRscyB3b3VsZCBub3QgbmVjZXNzYXJpbHkga25vdyB3aGVyZSBpbiB0aGF0IGJsb2IgdG8gcHVs
bCB0aGUgdGFnIHdoZW4gY29uc3RydWN0aW5nIHRoZSBjYWxsIHRvIG1iZWR0bHNfZ2NtX2NyeXB0
X2FuZF90YWcuIFByZWZlcnJpbmcgdG8gZXh0cmFjdCB0aGUgdGFnIGlzIGNsZWFybHkgbW9yZSBj
b21wbGV4aXR5IGJ1dCBpdCBhbHNvIG1heSBiZSBoZWxwZnVsIHdoZW4gd29ya2luZyBpbiBuZXR3
b3JrcyB0aGF0IGhhdmUgZGVwbG95ZWQgZGlmZmVyZW50IEFFUy1HQ00gaW1wbGVtZW50YXRpb25z
IGF0IGRpZmZlcmVudCBub2Rlcy4NCg0KDQoNCi0gICAgICAgICAgVGhlcmUgaGFzIGJlZW4gc29t
ZSBkaXNjdXNzaW9uIHdoZXJlIGhhdmluZyBjZXJ0YWluIGV4dGVuc2lvbiBibG9ja3MgYmUgZml4
ZWQtc2l6ZSB3b3VsZCBoZWxwIHdpdGggcHJvY2Vzc2luZywgd2hpY2ggaXMgd2hhdCBtYWRlIHRo
ZSBBRVMtR0NNIGNpcGhlciBzdWl0ZSBhdHRyYWN0aXZlIHRvIHRob3NlIHVzZXMuIEtlZXBpbmcg
dGhlIHRhZyBzZXBhcmF0ZSBpcyBhIHdheSB0byBwcmVzZXJ2ZSB0aGF0IGxlbmd0aCBjb25zdHJh
aW50IGluIHRoZSBmZXcgY2FzZXMgd2hlcmUgdGhhdCBpcyBoZWxwZnVsLg0KDQoNCg0KICBBZ2Fp
biwgdGhhbmsgeW91IGZvciB5b3VyIHRpbWU7IHRoZXNlIHJldmlld3MgaGF2ZSBtYWRlIHRoZSBk
ZWZhdWx0IHNlY3VyaXR5IGNvbnRleHQgZG9jdW1lbnQgbXVjaCBtb3JlIGNvbXBsZXRlIGFuZCB1
c2VmdWwuDQoNCg0KDQotRWQNCg0KDQoNCi0tLQ0KDQpFZHdhcmQgSi4gQmlycmFuZSwgSUlJLCBQ
aC5ELg0KDQpFbWJlZGRlZCBBcHBsaWNhdGlvbnMgR3JvdXAgU3VwZXJ2aXNvcg0KDQpTcGFjZSBF
eHBsb3JhdGlvbiBTZWN0b3INCg0KSm9obnMgSG9wa2lucyBBcHBsaWVkIFBoeXNpY3MgTGFib3Jh
dG9yeQ0KDQooVykgNDQzLTc3OC03NDIzIC8gKEYpIDQ0My0yMjgtMzgzOQ0KDQoNCg0KDQoNCg0K
DQo+IC0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQoNCj4gRnJvbTogQ2hyaXN0aWFuIEh1aXRl
bWEgdmlhIERhdGF0cmFja2VyIDxub3JlcGx5QGlldGYub3JnPg0KDQo+IFNlbnQ6IEZyaWRheSwg
TWF5IDI4LCAyMDIxIDI6MjQgUE0NCg0KPiBUbzogc2VjZGlyQGlldGYub3JnDQoNCj4gQ2M6IGRy
YWZ0LWlldGYtZHRuLWJwc2VjLWRlZmF1bHQtc2MuYWxsQGlldGYub3JnOyBkdG5AaWV0Zi5vcmc7
IGxhc3QtDQoNCj4gY2FsbEBpZXRmLm9yZw0KDQo+IFN1YmplY3Q6IFtFWFRdIFNlY2RpciBsYXN0
IGNhbGwgcmV2aWV3IG9mIGRyYWZ0LWlldGYtZHRuLWJwc2VjLWRlZmF1bHQtc2MtMDcNCg0KPg0K
DQo+IEFQTCBleHRlcm5hbCBlbWFpbCB3YXJuaW5nOiBWZXJpZnkgc2VuZGVyIG5vcmVwbHlAaWV0
Zi5vcmc8bWFpbHRvOm5vcmVwbHlAaWV0Zi5vcmc+IGJlZm9yZSBjbGlja2luZw0KDQo+IGxpbmtz
IG9yIGF0dGFjaG1lbnRzDQoNCj4NCg0KPiBSZXZpZXdlcjogQ2hyaXN0aWFuIEh1aXRlbWENCg0K
PiBSZXZpZXcgcmVzdWx0OiBSZWFkeQ0KDQo+DQoNCj4gSSByZXZpZXdlZCBkcmFmdC1pZXRmLWR0
bi1icHNlYy1kZWZhdWx0LXNjLTAyIGFzIHBhcnQgb2YgYW4gZWFybHkgc2VjdXJpdHkNCg0KPiBy
ZXZpZXcgcmVxdWVzdGVkIGJ5IHRoZSB0cmFuc3BvcnQgQUQuIFRoaXMgaXMgdGhlIGZvbGxvdy11
cCBsYXN0IGNhbGwgcmV2aWV3IG9mDQoNCj4gZHJhZnQtaWV0Zi1kdG4tYnBzZWMtZGVmYXVsdC1z
Yy0wNy4NCg0KPg0KDQo+IFRoZSBkcmFmdCBpcyByZWFkeSwgYWx0aG91Z2ggSSB3b3VsZCBwcmVm
ZXIgdG8gc2VlIHNvbWVjaGFuZ2VzIGluIHRoZQ0KDQo+IGVuY29kaW5nIG9mIEFFQUQgdGFncyBh
cyBleHBsYWluZWQgYmVsb3cuDQoNCj4NCg0KPiBUaGUgY2hhbmdlcyBpbiBkcmFmdC0wNyBhZGRy
ZXNzIG1vc3Qgb2YgdGhlIHBvaW50cyBJIG1hZGUgaW4gdGhlIGVhcmx5DQoNCj4gcmV2aWV3Lg0K
DQo+IFRoZSBzbWFsbCBuaXQgY29uY2VybmluZyBhIHJlZmVyZW5jZSBpbiB0aGUgdGFibGUgb2Yg
QklCLUhNQUMtU0hBMiBTZWN1cml0eQ0KDQo+IFBhcmFtZXRlcnMgaXMgZml4ZWQgYW5kIHRoZSBp
bXBsZW1lbnRhdGlvbiBvZiBBRUFEIGFsZ29yaXRobXMgaXMgZWFzeSB0bw0KDQo+IHJlYWQuDQoN
Cj4NCg0KPiBJIGFwcHJlY2lhdGUgdGhhdCB0aGUgZHJhZnQgbm93IGNvbnRhaW5zIGFuIGVudGly
ZSBhcHBlbmRpeCBkZXNjcmliaW5nDQoNCj4gZXhhbXBsZXMgb2YgbWVzc2FnZXMsIHRoZWlyIGNs
ZWFyLXRleHQgZW5jb2RpbmcgYW5kIHRoZSByZXN1bHQgb2YNCg0KPiBhdXRoZW50aWNhdGlvbiBh
bmQgZW5jcnlwdGlvbi4gVGhpcyBwcm9iYWJseSByZXF1aXJlZCBzaWduaWZpY2FudCBlZmZvcnQs
IGFuZA0KDQo+IGl0IGRvZXMgYWRkcmVzcyBteSBzdWdnZXN0aW9uIHRvIGFkZCB0ZXN0IHZlY3Rv
cnMgaW4gb3JkZXIgdG8gbWFuYWdlDQoNCj4gaW1wbGVtZW50YXRpb24gY29tcGxleGl0eS4NCg0K
Pg0KDQo+IEkgY291bGQganVzdCBzYXkgdGhhdCB0aGUgZHJhZnQgaXMgcmVhZHksIGV4Y2VwdCBm
b3Igb25lIGFkZGl0aW9uIHRoYXQgSSBmaW5kIGEgYml0DQoNCj4gc3B1cmlvdXMuDQoNCj4gVGhl
IGRlc2NyaXB0aW9uIG9mIEFFUy1HQ00gc3RhdGVzIHRoYXQgInRoZSBhdXRoZW50aWNhdGlvbiB0
YWcgcHJvZHVjZWQgYnkNCg0KPiB0aGUgR0NNDQoNCj4gbW9kZSBvZiBBRVMgaXMgbm90IGNvbnNp
ZGVyZWQgcGFydCBvZiB0aGUgY2lwaGVyIHRleHQgaXRzZWxmIiwgYW5kIHRoYXQgInRoZQ0KDQo+
DQoNCj4gYXV0aGVudGljYXRpb24gdGFnIGlzIGV4cGVjdGVkIHRvIGJlIGNhcnJpZWQgaW4gdGhl
IEJDQi1BRVMtR0NNDQoNCj4gICAgICAgICAgICAgc2VjdXJpdHkgYmxvY2siLiBUaGUNCg0KPiBz
dGF0ZW1lbnQgaXMgbm90IHRlY2huaWNhbGx5IGZhbHNlLCBidXQgdGhlIHNlcGFyYXRpb24gb2Yg
bWVzc2FnZSBhbmQgdGFnDQoNCj4gZ29lcyBhZ2FpbnN0IHRoZSBkZXNpZ24gb2YgbWFueSBBRUFE
IGltcGxlbWVudGF0aW9ucywgaW4gd2hpY2ggdGhlDQoNCj4gYXBwbGljYXRpb24gcHJvdmlkZXMg
dGhlIGNyeXB0byBBUEkgd2l0aCBhIGNsZWFyIHRleHQgb2Ygc29tZSBsZW5ndGgsIGFuZA0KDQo+
IHJldHJpZXZlcyBhIGNpcGhlciB0ZXh0IG9mIGEgZGlmZmVyZW50IGxlbmd0aCwgaW5jbHVkaW5n
IHRoZSB0YWcuIFNlcGFyYXRpbmcgdGhhdA0KDQo+IHRhZyBhbmQgbW92aW5nIGl0IHRvIGEgZGlm
ZmVyZW50IGxvY2F0aW9uIGlzIHlldCBhbm90aGVyIHdheSB0byBpbnRyb2R1Y2UNCg0KPiBjb21w
bGV4aXR5Lg0KDQo+DQoNCj4gVGhhdCBjb21wbGV4aXR5IGNhbiBwcm9iYWJseSBzdGlsbCBiZSBt
YW5hZ2VkIGZvciBBRVMtR0NNLCBidXQgdGhlIGdlbmVyYWwNCg0KPiB0cmVuZCBpcyB0byBpbXBs
ZW1lbnQgZW5jcnlwdGlvbiBhbmQgYXV0aGVudGljYXRpb24gaW4gYSBzaW5nbGUgb3BlcmF0aW9u
LiBJDQoNCj4gZnVsbHkgZXhwZWN0IHRoYXQgbmV3IGVuY3J5cHRpb24gYWxnb3JpdGhtcyB3aWxs
IGNvbnRpbnVlIHRoYXQgdHJlbmQsIGFuZCBtYXkNCg0KPiB3ZWxsIGRvIGF3YXkgd2l0aCB0aGUg
Zm9ybWFsIHNlcGFyYXRpb24gYmV0d2VlbiBjaXBoZXJ0ZXh0IGFuZCB0YWcuDQoNCj4gUmVjb2du
aXppbmcgdGhhdCBlbmNyeXB0aW9uIGFuZCBhdXRoZW50aWNhdGlvbiBhcmUgbm90IHNlcGFyYWJs
ZSB3b3VsZA0KDQo+IHNpbXBsaWZ5IHRoZSBEVE4gYnVuZGxlIHByb3RvY29sLg0KDQo+DQoNCg0K

--_000_5c607c5d7cf64b998a8bd2e057770ca0aplex01dom1jhuapledu_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6eD0idXJuOnNjaGVtYXMtbWljcm9z
b2Z0LWNvbTpvZmZpY2U6ZXhjZWwiIHhtbG5zOm09Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5j
b20vb2ZmaWNlLzIwMDQvMTIvb21tbCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnL1RSL1JFQy1o
dG1sNDAiPg0KPGhlYWQ+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9
InRleHQvaHRtbDsgY2hhcnNldD11dGYtOCI+DQo8bWV0YSBuYW1lPSJHZW5lcmF0b3IiIGNvbnRl
bnQ9Ik1pY3Jvc29mdCBXb3JkIDE1IChmaWx0ZXJlZCBtZWRpdW0pIj4NCjxzdHlsZT48IS0tDQov
KiBGb250IERlZmluaXRpb25zICovDQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OldpbmdkaW5n
czsNCglwYW5vc2UtMTo1IDAgMCAwIDAgMCAwIDAgMCAwO30NCkBmb250LWZhY2UNCgl7Zm9udC1m
YW1pbHk6IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpA
Zm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAy
IDQgMyAyIDQ7fQ0KLyogU3R5bGUgRGVmaW5pdGlvbnMgKi8NCnAuTXNvTm9ybWFsLCBsaS5Nc29O
b3JtYWwsIGRpdi5Nc29Ob3JtYWwNCgl7bWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAx
cHQ7DQoJZm9udC1zaXplOjExLjBwdDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJp
Zjt9DQphOmxpbmssIHNwYW4uTXNvSHlwZXJsaW5rDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsN
Cgljb2xvcjpibHVlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KYTp2aXNpdGVkLCBz
cGFuLk1zb0h5cGVybGlua0ZvbGxvd2VkDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xv
cjpwdXJwbGU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQpwLk1zb1BsYWluVGV4dCwg
bGkuTXNvUGxhaW5UZXh0LCBkaXYuTXNvUGxhaW5UZXh0DQoJe21zby1zdHlsZS1wcmlvcml0eTo5
OTsNCgltc28tc3R5bGUtbGluazoiUGxhaW4gVGV4dCBDaGFyIjsNCgltYXJnaW46MGluOw0KCW1h
cmdpbi1ib3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTEuMHB0Ow0KCWZvbnQtZmFtaWx5OiJD
YWxpYnJpIixzYW5zLXNlcmlmO30NCnNwYW4uUGxhaW5UZXh0Q2hhcg0KCXttc28tc3R5bGUtbmFt
ZToiUGxhaW4gVGV4dCBDaGFyIjsNCgltc28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLXN0eWxl
LWxpbms6IlBsYWluIFRleHQiOw0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmO30N
Ci5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5O30NCkBwYWdlIFdv
cmRTZWN0aW9uMQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJnaW46MS4waW4gMTI5Ljc1cHQg
MS4waW4gMTI5LjdwdDt9DQpkaXYuV29yZFNlY3Rpb24xDQoJe3BhZ2U6V29yZFNlY3Rpb24xO30N
Ci8qIExpc3QgRGVmaW5pdGlvbnMgKi8NCkBsaXN0IGwwDQoJe21zby1saXN0LWlkOjcyMjM1MDk7
DQoJbXNvLWxpc3QtdHlwZTpoeWJyaWQ7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOi0yOTM2NzE3
NjggMTQ2NDkyMDYxOCA2NzY5ODY5MSA2NzY5ODY5MyA2NzY5ODY4OSA2NzY5ODY5MSA2NzY5ODY5
MyA2NzY5ODY4OSA2NzY5ODY5MSA2NzY5ODY5Mzt9DQpAbGlzdCBsMDpsZXZlbDENCgl7bXNvLWxl
dmVsLXN0YXJ0LWF0OjA7DQoJbXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1s
ZXZlbC10ZXh0Oi07DQoJbXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJl
ci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCglmb250LWZhbWlseToiQ2Fs
aWJyaSIsc2Fucy1zZXJpZjsNCgltc28tZmFyZWFzdC1mb250LWZhbWlseTpDYWxpYnJpO30NCkBs
aXN0IGwwOmxldmVsMg0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxl
dmVsLXRleHQ6bzsNCgltc28tbGV2ZWwtdGFiLXN0b3A6bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVy
LXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCWZvbnQtZmFtaWx5OiJDb3Vy
aWVyIE5ldyI7fQ0KQGxpc3QgbDA6bGV2ZWwzDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1
bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJ
bXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCglm
b250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDA6bGV2ZWw0DQoJe21zby1sZXZlbC1udW1i
ZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgrc7DQoJbXNvLWxldmVsLXRhYi1z
dG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50
Oi0uMjVpbjsNCglmb250LWZhbWlseTpTeW1ib2w7fQ0KQGxpc3QgbDA6bGV2ZWw1DQoJe21zby1s
ZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDpvOw0KCW1zby1sZXZl
bC10YWItc3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0
LWluZGVudDotLjI1aW47DQoJZm9udC1mYW1pbHk6IkNvdXJpZXIgTmV3Ijt9DQpAbGlzdCBsMDps
ZXZlbDYNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0
Ou+CpzsNCgltc28tbGV2ZWwtdGFiLXN0b3A6bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0
aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCWZvbnQtZmFtaWx5OldpbmdkaW5nczt9
DQpAbGlzdCBsMDpsZXZlbDcNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1z
by1sZXZlbC10ZXh0Ou+CtzsNCgltc28tbGV2ZWwtdGFiLXN0b3A6bm9uZTsNCgltc28tbGV2ZWwt
bnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCWZvbnQtZmFtaWx5
OlN5bWJvbDt9DQpAbGlzdCBsMDpsZXZlbDgNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVs
bGV0Ow0KCW1zby1sZXZlbC10ZXh0Om87DQoJbXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNv
LWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCglmb250
LWZhbWlseToiQ291cmllciBOZXciO30NCkBsaXN0IGwwOmxldmVsOQ0KCXttc28tbGV2ZWwtbnVt
YmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674KnOw0KCW1zby1sZXZlbC10YWIt
c3RvcDpub25lOw0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVu
dDotLjI1aW47DQoJZm9udC1mYW1pbHk6V2luZ2RpbmdzO30NCkBsaXN0IGwxDQoJe21zby1saXN0
LWlkOjEyNDczNzQ4NDE7DQoJbXNvLWxpc3QtdHlwZTpoeWJyaWQ7DQoJbXNvLWxpc3QtdGVtcGxh
dGUtaWRzOjQzMzY0MDM5MiAxNjkxMDIyNTgyIDY3Njk4NjkxIDY3Njk4NjkzIDY3Njk4Njg5IDY3
Njk4NjkxIDY3Njk4NjkzIDY3Njk4Njg5IDY3Njk4NjkxIDY3Njk4NjkzO30NCkBsaXN0IGwxOmxl
dmVsMQ0KCXttc28tbGV2ZWwtc3RhcnQtYXQ6MDsNCgltc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpi
dWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ6LTsNCgltc28tbGV2ZWwtdGFiLXN0b3A6bm9uZTsNCglt
c28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCWZv
bnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmOw0KCW1zby1mYXJlYXN0LWZvbnQtZmFtaWx5
OkNhbGlicmk7fQ0KQGxpc3QgbDE6bGV2ZWwyDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1
bGxldDsNCgltc28tbGV2ZWwtdGV4dDpvOw0KCW1zby1sZXZlbC10YWItc3RvcDpub25lOw0KCW1z
by1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDotLjI1aW47DQoJZm9u
dC1mYW1pbHk6IkNvdXJpZXIgTmV3Ijt9DQpAbGlzdCBsMTpsZXZlbDMNCgl7bXNvLWxldmVsLW51
bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Ou+CpzsNCgltc28tbGV2ZWwtdGFi
LXN0b3A6bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRl
bnQ6LS4yNWluOw0KCWZvbnQtZmFtaWx5OldpbmdkaW5nczt9DQpAbGlzdCBsMTpsZXZlbDQNCgl7
bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Ou+CtzsNCglt
c28tbGV2ZWwtdGFiLXN0b3A6bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7
DQoJdGV4dC1pbmRlbnQ6LS4yNWluOw0KCWZvbnQtZmFtaWx5OlN5bWJvbDt9DQpAbGlzdCBsMTps
ZXZlbDUNCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0
Om87DQoJbXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlv
bjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCglmb250LWZhbWlseToiQ291cmllciBOZXci
O30NCkBsaXN0IGwxOmxldmVsNg0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1hdDpidWxsZXQ7DQoJ
bXNvLWxldmVsLXRleHQ674KnOw0KCW1zby1sZXZlbC10YWItc3RvcDpub25lOw0KCW1zby1sZXZl
bC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDotLjI1aW47DQoJZm9udC1mYW1p
bHk6V2luZ2RpbmdzO30NCkBsaXN0IGwxOmxldmVsNw0KCXttc28tbGV2ZWwtbnVtYmVyLWZvcm1h
dDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ674K3Ow0KCW1zby1sZXZlbC10YWItc3RvcDpub25l
Ow0KCW1zby1sZXZlbC1udW1iZXItcG9zaXRpb246bGVmdDsNCgl0ZXh0LWluZGVudDotLjI1aW47
DQoJZm9udC1mYW1pbHk6U3ltYm9sO30NCkBsaXN0IGwxOmxldmVsOA0KCXttc28tbGV2ZWwtbnVt
YmVyLWZvcm1hdDpidWxsZXQ7DQoJbXNvLWxldmVsLXRleHQ6bzsNCgltc28tbGV2ZWwtdGFiLXN0
b3A6bm9uZTsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6
LS4yNWluOw0KCWZvbnQtZmFtaWx5OiJDb3VyaWVyIE5ldyI7fQ0KQGxpc3QgbDE6bGV2ZWw5DQoJ
e21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJ
bXNvLWxldmVsLXRhYi1zdG9wOm5vbmU7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0
Ow0KCXRleHQtaW5kZW50Oi0uMjVpbjsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0Kb2wNCgl7
bWFyZ2luLWJvdHRvbTowaW47fQ0KdWwNCgl7bWFyZ2luLWJvdHRvbTowaW47fQ0KLS0+PC9zdHls
ZT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpleHQ9ImVkaXQi
IHNwaWRtYXg9IjEwMjYiIC8+DQo8L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0ZSBtc28gOV0+
PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6ZXh0PSJlZGl0
IiBkYXRhPSIxIiAvPg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwhW2VuZGlmXS0tPg0KPC9oZWFk
Pg0KPGJvZHkgbGFuZz0iRU4tVVMiIGxpbms9ImJsdWUiIHZsaW5rPSJwdXJwbGUiPg0KPGRpdiBj
bGFzcz0iV29yZFNlY3Rpb24xIj4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPkNocmlzdGlhbiw8
bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPjxvOnA+Jm5ic3A7PC9vOnA+
PC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jm5ic3A7IFRoYW5rIHlvdSBmb3IgdGhpcyB1
cGRhdGVkIHJldmlldy4mbmJzcDsgPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5U
ZXh0Ij48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZuYnNw
OyBJIHVuZGVyc3RhbmQgYW5kIGFncmVlIHdpdGggeW91ciBhZGRpdGlvbmFsIGNvbW1lbnRzIG9u
IEFFQUQgYW5kIGhhdmUgcHJvZHVjZWQgYSAtMDggd2hpY2ggSSBob3BlIGNsYXJpZmllcyBvcHRp
b25zIGFyb3VuZCB0aGUgaGFuZGxpbmcgb2YgdGhlIGF1dGhlbnRpY2F0aW9uIHRhZy48bzpwPjwv
bzpwPjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0K
PHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jm5ic3A7IFRocmVlIHF1aWNrIG9ic2VydmF0aW9uczo8
bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPjxvOnA+Jm5ic3A7PC9vOnA+
PC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCIgc3R5bGU9Im1hcmdpbi1sZWZ0Oi41aW47dGV4
dC1pbmRlbnQ6LS4yNWluO21zby1saXN0OmwxIGxldmVsMSBsZm8yIj4NCjwhW2lmICFzdXBwb3J0
TGlzdHNdPjxzcGFuIHN0eWxlPSJtc28tbGlzdDpJZ25vcmUiPi08c3BhbiBzdHlsZT0iZm9udDo3
LjBwdCAmcXVvdDtUaW1lcyBOZXcgUm9tYW4mcXVvdDsiPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw
OyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOw0KPC9zcGFuPjwvc3Bhbj48IVtlbmRpZl0+
Jm5ic3A7VGhlIEJDQi1BRVMtR0NNIHNlY3VyaXR5IGNvbnRleHQgd2lsbCBhbHdheXMgYmUgZG9j
dW1lbnRlZCBmb3IgdGhlIEdDTSBtb2RlIG9mIEFFUyBzbywgYXMgeW91IHNheSwgbWFuYWdpbmcg
dGhpcyBjb21wbGV4aXR5IGZvciBBRVMtR0NNIGlzIHdvcmthYmxlLiBCdXQgYWxzbyBhZ3JlZSB0
aGF0IGZvciBEVE4gYXQgbGFyZ2UsIGFzIHdlIHdvcmsgdG8gaW5jb3Jwb3JhdGUgbmV3ZXIgZW5j
cnlwdGlvbiBhbGdvcml0aG1zLA0KIG5ldyBzZWN1cml0eSBjb250ZXh0IGRvY3VtZW50cyB3aWxs
IGJlIHByb2R1Y2VkIGFuZCBhdXRoZW50aWNhdGlvbi9lbmNyeXB0aW9uIGNhbiBiZSBqb2luZWQg
Zm9yIHRob3NlIGRvY3VtZW50cyBhbmQgYWxnb3JpdGhtcyBpbiBhIGxlc3MgY29tcGxleCB3YXku
PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij48bzpwPiZuYnNwOzwvbzpw
PjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiIHN0eWxlPSJtYXJnaW4tbGVmdDouNWluO3Rl
eHQtaW5kZW50Oi0uMjVpbjttc28tbGlzdDpsMSBsZXZlbDEgbGZvMiI+DQo8IVtpZiAhc3VwcG9y
dExpc3RzXT48c3BhbiBzdHlsZT0ibXNvLWxpc3Q6SWdub3JlIj4tPHNwYW4gc3R5bGU9ImZvbnQ6
Ny4wcHQgJnF1b3Q7VGltZXMgTmV3IFJvbWFuJnF1b3Q7Ij4mbmJzcDsmbmJzcDsmbmJzcDsmbmJz
cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsNCjwvc3Bhbj48L3NwYW4+PCFbZW5kaWZd
PldlIGFyZSBzdGlsbCB3b3JraW5nIHdpdGggKHNvbWUpIGFlcy1nY20gbGlicmFyaWVzIHdob3Nl
IEFQSXMgc2VwYXJhdGUgdGhlIGF1dGhlbnRpY2F0aW9uIHRhZy4gRm9yIGV4YW1wbGUsIHRoZSBt
YmVkdGxzICg8YSBocmVmPSJodHRwczovL3d3dy50cnVzdGVkZmlybXdhcmUub3JnL3Byb2plY3Rz
L21iZWQtdGxzLyI+aHR0cHM6Ly93d3cudHJ1c3RlZGZpcm13YXJlLm9yZy9wcm9qZWN0cy9tYmVk
LXRscy88L2E+KQ0KIEFQSSB1c2VzIHRoZSBmdW5jdGlvbiAmbmJzcDttYmVkdGxzX2djbV9jcnlw
dF9hbmRfdGFnIHdoaWNoIHRha2VzIHRoZSB0YWcgc2VwYXJhdGVseSBmcm9tIHRoZSBjaXBoZXIg
dGV4dC4mbmJzcDsgRm9yIGludGVyb3BlcmFiaWxpdHksIHB1bGxpbmcgdGhlIHRhZyBpbnRvIGEg
c2VjdXJpdHkgcmVzdWx0IGlzIGhlbHBmdWwuIElmIGEgc2VjdXJpdHkgc291cmNlIHdlcmUgdG8g
cHJvZHVjZSBhIGJsb2IgdGhhdCByZXByZXNlbnRlZCBhbiB1bmtub3duIG9yZGVyaW5nDQogb2Yg
Y2lwaGVyIHRleHQgYW5kIGF1dGhlbnRpY2F0aW9uIHRhZywgdGhlbiBhIHNlY3VyaXR5IGRlc3Rp
bmF0aW9uIHVzaW5nIG1iZWR0bHMgd291bGQgbm90IG5lY2Vzc2FyaWx5IGtub3cgd2hlcmUgaW4g
dGhhdCBibG9iIHRvIHB1bGwgdGhlIHRhZyB3aGVuIGNvbnN0cnVjdGluZyB0aGUgY2FsbCB0byBt
YmVkdGxzX2djbV9jcnlwdF9hbmRfdGFnLiBQcmVmZXJyaW5nIHRvIGV4dHJhY3QgdGhlIHRhZyBp
cyBjbGVhcmx5IG1vcmUgY29tcGxleGl0eQ0KIGJ1dCBpdCBhbHNvIG1heSBiZSBoZWxwZnVsIHdo
ZW4gd29ya2luZyBpbiBuZXR3b3JrcyB0aGF0IGhhdmUgZGVwbG95ZWQgZGlmZmVyZW50IEFFUy1H
Q00gaW1wbGVtZW50YXRpb25zIGF0IGRpZmZlcmVudCBub2Rlcy48bzpwPjwvbzpwPjwvcD4NCjxw
IGNsYXNzPSJNc29QbGFpblRleHQiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1z
b1BsYWluVGV4dCIgc3R5bGU9Im1hcmdpbi1sZWZ0Oi41aW47dGV4dC1pbmRlbnQ6LS4yNWluO21z
by1saXN0OmwxIGxldmVsMSBsZm8yIj4NCjwhW2lmICFzdXBwb3J0TGlzdHNdPjxzcGFuIHN0eWxl
PSJtc28tbGlzdDpJZ25vcmUiPi08c3BhbiBzdHlsZT0iZm9udDo3LjBwdCAmcXVvdDtUaW1lcyBO
ZXcgUm9tYW4mcXVvdDsiPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNw
OyZuYnNwOyZuYnNwOw0KPC9zcGFuPjwvc3Bhbj48IVtlbmRpZl0+VGhlcmUgaGFzIGJlZW4gc29t
ZSBkaXNjdXNzaW9uIHdoZXJlIGhhdmluZyBjZXJ0YWluIGV4dGVuc2lvbiBibG9ja3MgYmUgZml4
ZWQtc2l6ZSB3b3VsZCBoZWxwIHdpdGggcHJvY2Vzc2luZywgd2hpY2ggaXMgd2hhdCBtYWRlIHRo
ZSBBRVMtR0NNIGNpcGhlciBzdWl0ZSBhdHRyYWN0aXZlIHRvIHRob3NlIHVzZXMuIEtlZXBpbmcg
dGhlIHRhZyBzZXBhcmF0ZSBpcyBhIHdheSB0byBwcmVzZXJ2ZSB0aGF0IGxlbmd0aA0KIGNvbnN0
cmFpbnQgaW4gdGhlIGZldyBjYXNlcyB3aGVyZSB0aGF0IGlzIGhlbHBmdWwuIDxvOnA+PC9vOnA+
PC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBj
bGFzcz0iTXNvUGxhaW5UZXh0Ij4mbmJzcDsgQWdhaW4sIHRoYW5rIHlvdSBmb3IgeW91ciB0aW1l
OyB0aGVzZSByZXZpZXdzIGhhdmUgbWFkZSB0aGUgZGVmYXVsdCBzZWN1cml0eSBjb250ZXh0IGRv
Y3VtZW50IG11Y2ggbW9yZSBjb21wbGV0ZSBhbmQgdXNlZnVsLg0KPG86cD48L286cD48L3A+DQo8
cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxwIGNsYXNzPSJN
c29QbGFpblRleHQiPi1FZDxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+
PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4tLS08bzpwPjwv
bzpwPjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPkVkd2FyZCBKLiBCaXJyYW5lLCBJSUks
IFBoLkQuPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij5FbWJlZGRlZCBB
cHBsaWNhdGlvbnMgR3JvdXAgU3VwZXJ2aXNvcjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1z
b1BsYWluVGV4dCI+U3BhY2UgRXhwbG9yYXRpb24gU2VjdG9yPG86cD48L286cD48L3A+DQo8cCBj
bGFzcz0iTXNvUGxhaW5UZXh0Ij5Kb2hucyBIb3BraW5zIEFwcGxpZWQgUGh5c2ljcyBMYWJvcmF0
b3J5PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4oVykgNDQzLTc3OC03
NDIzIC8gKEYpIDQ0My0yMjgtMzgzOTxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWlu
VGV4dCI+Jm5ic3A7IDxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+PG86
cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij48bzpwPiZuYnNwOzwv
bzpwPjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgLS0tLS1PcmlnaW5hbCBNZXNz
YWdlLS0tLS08L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IEZyb206IENocmlzdGlh
biBIdWl0ZW1hIHZpYSBEYXRhdHJhY2tlciAmbHQ7bm9yZXBseUBpZXRmLm9yZyZndDs8L3A+DQo8
cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IFNlbnQ6IEZyaWRheSwgTWF5IDI4LCAyMDIxIDI6
MjQgUE08L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IFRvOiBzZWNkaXJAaWV0Zi5v
cmc8L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IENjOiBkcmFmdC1pZXRmLWR0bi1i
cHNlYy1kZWZhdWx0LXNjLmFsbEBpZXRmLm9yZzsgZHRuQGlldGYub3JnOyBsYXN0LTwvcD4NCjxw
IGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgY2FsbEBpZXRmLm9yZzwvcD4NCjxwIGNsYXNzPSJN
c29QbGFpblRleHQiPiZndDsgU3ViamVjdDogW0VYVF0gU2VjZGlyIGxhc3QgY2FsbCByZXZpZXcg
b2YgZHJhZnQtaWV0Zi1kdG4tYnBzZWMtZGVmYXVsdC1zYy0wNzwvcD4NCjxwIGNsYXNzPSJNc29Q
bGFpblRleHQiPiZndDsgPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jmd0OyBBUEwgZXh0
ZXJuYWwgZW1haWwgd2FybmluZzogVmVyaWZ5IHNlbmRlciA8YSBocmVmPSJtYWlsdG86bm9yZXBs
eUBpZXRmLm9yZyI+DQo8c3BhbiBzdHlsZT0iY29sb3I6d2luZG93dGV4dDt0ZXh0LWRlY29yYXRp
b246bm9uZSI+bm9yZXBseUBpZXRmLm9yZzwvc3Bhbj48L2E+IGJlZm9yZSBjbGlja2luZzwvcD4N
CjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgbGlua3Mgb3IgYXR0YWNobWVudHM8L3A+DQo8
cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IDwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQi
PiZndDsgUmV2aWV3ZXI6IENocmlzdGlhbiBIdWl0ZW1hPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWlu
VGV4dCI+Jmd0OyBSZXZpZXcgcmVzdWx0OiBSZWFkeTwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRl
eHQiPiZndDsgPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jmd0OyBJIHJldmlld2VkIGRy
YWZ0LWlldGYtZHRuLWJwc2VjLWRlZmF1bHQtc2MtMDIgYXMgcGFydCBvZiBhbiBlYXJseSBzZWN1
cml0eTwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgcmV2aWV3IHJlcXVlc3RlZCBi
eSB0aGUgdHJhbnNwb3J0IEFELiBUaGlzIGlzIHRoZSBmb2xsb3ctdXAgbGFzdCBjYWxsIHJldmll
dyBvZjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgZHJhZnQtaWV0Zi1kdG4tYnBz
ZWMtZGVmYXVsdC1zYy0wNy48L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IDwvcD4N
CjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgVGhlIGRyYWZ0IGlzIHJlYWR5LCBhbHRob3Vn
aCBJIHdvdWxkIHByZWZlciB0byBzZWUgc29tZWNoYW5nZXMgaW4gdGhlPC9wPg0KPHAgY2xhc3M9
Ik1zb1BsYWluVGV4dCI+Jmd0OyBlbmNvZGluZyBvZiBBRUFEIHRhZ3MgYXMgZXhwbGFpbmVkIGJl
bG93LjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgPC9wPg0KPHAgY2xhc3M9Ik1z
b1BsYWluVGV4dCI+Jmd0OyBUaGUgY2hhbmdlcyBpbiBkcmFmdC0wNyBhZGRyZXNzIG1vc3Qgb2Yg
dGhlIHBvaW50cyBJIG1hZGUgaW4gdGhlIGVhcmx5PC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4
dCI+Jmd0OyByZXZpZXcuPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jmd0OyBUaGUgc21h
bGwgbml0IGNvbmNlcm5pbmcgYSByZWZlcmVuY2UgaW4gdGhlIHRhYmxlIG9mIEJJQi1ITUFDLVNI
QTIgU2VjdXJpdHk8L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IFBhcmFtZXRlcnMg
aXMgZml4ZWQgYW5kIHRoZSBpbXBsZW1lbnRhdGlvbiBvZiBBRUFEIGFsZ29yaXRobXMgaXMgZWFz
eSB0bzwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgcmVhZC48L3A+DQo8cCBjbGFz
cz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IDwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsg
SSBhcHByZWNpYXRlIHRoYXQgdGhlIGRyYWZ0IG5vdyBjb250YWlucyBhbiBlbnRpcmUgYXBwZW5k
aXggZGVzY3JpYmluZzwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgZXhhbXBsZXMg
b2YgbWVzc2FnZXMsIHRoZWlyIGNsZWFyLXRleHQgZW5jb2RpbmcgYW5kIHRoZSByZXN1bHQgb2Y8
L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IGF1dGhlbnRpY2F0aW9uIGFuZCBlbmNy
eXB0aW9uLiBUaGlzIHByb2JhYmx5IHJlcXVpcmVkIHNpZ25pZmljYW50IGVmZm9ydCwgYW5kPC9w
Pg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jmd0OyBpdCBkb2VzIGFkZHJlc3MgbXkgc3VnZ2Vz
dGlvbiB0byBhZGQgdGVzdCB2ZWN0b3JzIGluIG9yZGVyIHRvIG1hbmFnZTwvcD4NCjxwIGNsYXNz
PSJNc29QbGFpblRleHQiPiZndDsgaW1wbGVtZW50YXRpb24gY29tcGxleGl0eS48L3A+DQo8cCBj
bGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IDwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZn
dDsgSSBjb3VsZCBqdXN0IHNheSB0aGF0IHRoZSBkcmFmdCBpcyByZWFkeSwgZXhjZXB0IGZvciBv
bmUgYWRkaXRpb24gdGhhdCBJIGZpbmQgYSBiaXQ8L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0
Ij4mZ3Q7IHNwdXJpb3VzLjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgVGhlIGRl
c2NyaXB0aW9uIG9mIEFFUy1HQ00gc3RhdGVzIHRoYXQgJnF1b3Q7dGhlIGF1dGhlbnRpY2F0aW9u
IHRhZyBwcm9kdWNlZCBieTwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgdGhlIEdD
TTwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgbW9kZSBvZiBBRVMgaXMgbm90IGNv
bnNpZGVyZWQgcGFydCBvZiB0aGUgY2lwaGVyIHRleHQgaXRzZWxmJnF1b3Q7LCBhbmQgdGhhdCAm
cXVvdDt0aGU8L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IDwvcD4NCjxwIGNsYXNz
PSJNc29QbGFpblRleHQiPiZndDsgYXV0aGVudGljYXRpb24gdGFnIGlzIGV4cGVjdGVkIHRvIGJl
IGNhcnJpZWQgaW4gdGhlIEJDQi1BRVMtR0NNPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+
Jmd0OyAmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz
cDsmbmJzcDsmbmJzcDsgc2VjdXJpdHkgYmxvY2smcXVvdDsuIFRoZTwvcD4NCjxwIGNsYXNzPSJN
c29QbGFpblRleHQiPiZndDsgc3RhdGVtZW50IGlzIG5vdCB0ZWNobmljYWxseSBmYWxzZSwgYnV0
IHRoZSBzZXBhcmF0aW9uIG9mIG1lc3NhZ2UgYW5kIHRhZzwvcD4NCjxwIGNsYXNzPSJNc29QbGFp
blRleHQiPiZndDsgZ29lcyBhZ2FpbnN0IHRoZSBkZXNpZ24gb2YgbWFueSBBRUFEIGltcGxlbWVu
dGF0aW9ucywgaW4gd2hpY2ggdGhlPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jmd0OyBh
cHBsaWNhdGlvbiBwcm92aWRlcyB0aGUgY3J5cHRvIEFQSSB3aXRoIGEgY2xlYXIgdGV4dCBvZiBz
b21lIGxlbmd0aCwgYW5kPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jmd0OyByZXRyaWV2
ZXMgYSBjaXBoZXIgdGV4dCBvZiBhIGRpZmZlcmVudCBsZW5ndGgsIGluY2x1ZGluZyB0aGUgdGFn
LiBTZXBhcmF0aW5nIHRoYXQ8L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IHRhZyBh
bmQgbW92aW5nIGl0IHRvIGEgZGlmZmVyZW50IGxvY2F0aW9uIGlzIHlldCBhbm90aGVyIHdheSB0
byBpbnRyb2R1Y2U8L3A+DQo8cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij4mZ3Q7IGNvbXBsZXhpdHku
PC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jmd0OyA8L3A+DQo8cCBjbGFzcz0iTXNvUGxh
aW5UZXh0Ij4mZ3Q7IFRoYXQgY29tcGxleGl0eSBjYW4gcHJvYmFibHkgc3RpbGwgYmUgbWFuYWdl
ZCBmb3IgQUVTLUdDTSwgYnV0IHRoZSBnZW5lcmFsPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4
dCI+Jmd0OyB0cmVuZCBpcyB0byBpbXBsZW1lbnQgZW5jcnlwdGlvbiBhbmQgYXV0aGVudGljYXRp
b24gaW4gYSBzaW5nbGUgb3BlcmF0aW9uLiBJPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+
Jmd0OyBmdWxseSBleHBlY3QgdGhhdCBuZXcgZW5jcnlwdGlvbiBhbGdvcml0aG1zIHdpbGwgY29u
dGludWUgdGhhdCB0cmVuZCwgYW5kIG1heTwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZn
dDsgd2VsbCBkbyBhd2F5IHdpdGggdGhlIGZvcm1hbCBzZXBhcmF0aW9uIGJldHdlZW4gY2lwaGVy
dGV4dCBhbmQgdGFnLjwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgUmVjb2duaXpp
bmcgdGhhdCBlbmNyeXB0aW9uIGFuZCBhdXRoZW50aWNhdGlvbiBhcmUgbm90IHNlcGFyYWJsZSB3
b3VsZDwvcD4NCjxwIGNsYXNzPSJNc29QbGFpblRleHQiPiZndDsgc2ltcGxpZnkgdGhlIERUTiBi
dW5kbGUgcHJvdG9jb2wuPC9wPg0KPHAgY2xhc3M9Ik1zb1BsYWluVGV4dCI+Jmd0OyA8L3A+DQo8
cCBjbGFzcz0iTXNvUGxhaW5UZXh0Ij48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9i
b2R5Pg0KPC9odG1sPg0K

--_000_5c607c5d7cf64b998a8bd2e057770ca0aplex01dom1jhuapledu_--


From nobody Wed Jun  9 10:33:06 2021
Return-Path: <new-work-bounces@ietf.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DE193A17D1; Wed,  9 Jun 2021 01:56:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1623229018; bh=5qn/lfHeoMIQSuw6bjPMMa9tufULEN+s6DZKgxCv+ZY=; h=To:From:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=zMADQ2SiKoS+tvhy3Se6JxLLwFao9z4gYHI8lNC0K98YAW7l9WSLjI/ECyE5j5WYL GnlnxnTr73vL+lvWYCX46kY4HTPX0dfgiMi/nYztmev1rRuMqyehGf6esXmnZK7KSC UkI3GWH0I9z89GKI/v+hj1diftAAiJNVquxIW/Hw=
X-Mailbox-Line: From new-work-bounces@ietf.org  Wed Jun  9 01:56:51 2021
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 678E23A179A; Wed,  9 Jun 2021 01:56:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1623229011; bh=5qn/lfHeoMIQSuw6bjPMMa9tufULEN+s6DZKgxCv+ZY=; h=To:From:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=YRDom3AQayT/piCUSiygfwCP+pHMRxTX4MEWPMPsJv2dxrHU7/vL7XWvHpuWyIkWB qJppnhgp9UxFmuyRWQmbtLWBYmSXduefx8W952MlUslnpzgAj+URKyOYqaey59jwJK 89z7B6eRqAcj2Wv3f8UTDTymEeDwFRGkA0JkBN9c=
X-Original-To: new-work@ietfa.amsl.com
Delivered-To: new-work@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEB9C3A1799 for <new-work@ietfa.amsl.com>; Wed,  9 Jun 2021 01:56:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.095
X-Spam-Level: 
X-Spam-Status: No, score=0.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HK_RANDOM_ENVFROM=0.998, HK_RANDOM_FROM=0.998, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7l-fgnMNw6pC for <new-work@ietfa.amsl.com>; Wed,  9 Jun 2021 01:56:35 -0700 (PDT)
Received: from raoul.w3.org (raoul.w3.org [128.30.52.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 561B13A178A for <new-work@ietf.org>; Wed,  9 Jun 2021 01:56:34 -0700 (PDT)
Received: from [45.145.248.144] (helo=jiaxueyuandeMacBook-Pro.local) by raoul.w3.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <xueyuan@w3.org>) id 1lqu0l-00015G-Ka for new-work@ietf.org; Wed, 09 Jun 2021 08:56:32 +0000
To: new-work@ietf.org
From: xueyuan <xueyuan@w3.org>
Message-ID: <ad956b08-a65f-6d68-1e5b-7b2e62cbad20@w3.org>
Date: Wed, 9 Jun 2021 16:56:26 +0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:78.0) Gecko/20100101 Thunderbird/78.10.2
MIME-Version: 1.0
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/new-work/zJVwkez_ch_H--wG3LirrqVA3X0>
X-BeenThere: new-work@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
Content-Transfer-Encoding: base64
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Errors-To: new-work-bounces@ietf.org
Sender: "new-work" <new-work-bounces@ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/bx-z84RFgveMJhDUTeSiuZZG5w8>
X-Mailman-Approved-At: Wed, 09 Jun 2021 10:33:03 -0700
Subject: [secdir] [new-work] Proposed W3C Charter: Web Application Security Working Group (until 2021-07-09/10)
X-BeenThere: secdir@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jun 2021 08:57:02 -0000

SGVsbG8sCgpUb2RheSBXM0MgQWR2aXNvcnkgQ29tbWl0dGVlIFJlcHJlc2VudGF0aXZlcyByZWNl
aXZlZCBhIFByb3Bvc2FsCnRvIHJldmlldyBhIGRyYWZ0IGNoYXJ0ZXIgZm9yIHRoZSBXZWIgQXBw
bGljYXRpb24gU2VjdXJpdHkKKFdlYkFwcFNlYykgV29ya2luZyBHcm91cDoKIMKgIGh0dHBzOi8v
d3d3LnczLm9yZy8yMDIxLzA2L3dlYmFwcHNlYy1wcm9wb3NlZC1jaGFydGVyLTIwMjEuaHRtbAoK
QXMgcGFydCBvZiBlbnN1cmluZyB0aGF0IHRoZSBjb21tdW5pdHkgaXMgYXdhcmUgb2YgcHJvcG9z
ZWQgd29yawphdCBXM0MsIHRoaXMgZHJhZnQgY2hhcnRlciBpcyBwdWJsaWMgZHVyaW5nIHRoZSBB
ZHZpc29yeQpDb21taXR0ZWUgcmV2aWV3IHBlcmlvZC4KClczQyBpbnZpdGVzIHB1YmxpYyBjb21t
ZW50cyB0aHJvdWdoIDAzOjU5IFVUQyBvbiAxMCBKdWx5IDIwMjEKKDIzOjU5LCBFYXN0ZXJuIHRp
bWUgb24gMDkgSnVseSkgb24gdGhlIHByb3Bvc2VkIGNoYXJ0ZXIuClBsZWFzZSBzZW5kIGNvbW1l
bnRzIHRvIHB1YmxpYy1uZXctd29ya0B3My5vcmcsCndoaWNoIGhhcyBhIHB1YmxpYyBhcmNoaXZl
OgogwqAgaHR0cDovL2xpc3RzLnczLm9yZy9BcmNoaXZlcy9QdWJsaWMvcHVibGljLW5ldy13b3Jr
LwoKT3RoZXIgdGhhbiBjb21tZW50cyBzZW50IGluIGZvcm1hbCByZXNwb25zZXMgYnkgVzNDIEFk
dmlzb3J5CkNvbW1pdHRlZSBSZXByZXNlbnRhdGl2ZXMsIFczQyBjYW5ub3QgZ3VhcmFudGVlIGEg
cmVzcG9uc2UgdG8KY29tbWVudHMuIElmIHlvdSB3b3JrIGZvciBhIFczQyBNZW1iZXIgWzFdLCBw
bGVhc2UgY29vcmRpbmF0ZQp5b3VyIGNvbW1lbnRzIHdpdGggeW91ciBBZHZpc29yeSBDb21taXR0
ZWUgUmVwcmVzZW50YXRpdmUuIEZvcgpleGFtcGxlLCB5b3UgbWF5IHdpc2ggdG8gbWFrZSBwdWJs
aWMgY29tbWVudHMgdmlhIHRoaXMgbGlzdCBhbmQKaGF2ZSB5b3VyIEFkdmlzb3J5IENvbW1pdHRl
ZSBSZXByZXNlbnRhdGl2ZSByZWZlciB0byBpdCBmcm9tIGhpcwpvciBoZXIgZm9ybWFsIHJldmll
dyBjb21tZW50cy4KCklmIHlvdSBzaG91bGQgaGF2ZSBhbnkgcXVlc3Rpb25zIG9yIG5lZWQgZnVy
dGhlciBpbmZvcm1hdGlvbiwgcGxlYXNlCmNvbnRhY3QgU2FtdWVsIFdlaWxlciwgV2ViQXBwU2Vj
IFdHIFRlYW0gQ29udGFjdCA8d2VpbGVyQHczLm9yZz4uCgpUaGFuayB5b3UsCgpYdWV5dWFuIEpp
YSzCoCBXM0MgTWFya2V0aW5nICYgQ29tbXVuaWNhdGlvbnMKClsxXSBodHRwOi8vd3d3LnczLm9y
Zy9Db25zb3J0aXVtL01lbWJlci9MaXN0CgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fXwpuZXctd29yayBtYWlsaW5nIGxpc3QKbmV3LXdvcmtAaWV0Zi5vcmcK
aHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9uZXctd29yawo=


From nobody Thu Jun 10 06:41:36 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BD283A41B9 for <secdir@ietf.org>; Thu, 10 Jun 2021 06:41:34 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Tero Kivinen via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 7.31.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: secdir-secretary@mit.edu, Tero Kivinen <kivinen@iki.fi>
Message-ID: <162333249407.23742.1043168715930482887@ietfa.amsl.com>
Date: Thu, 10 Jun 2021 06:41:34 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/bTqvrXTLNLBIsNyxZpSsWJ6o7g4>
Subject: [secdir] Assignments
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jun 2021 13:41:34 -0000

Review instructions and related resources are at:
http://tools.ietf.org/area/sec/trac/wiki/SecDirReview

For telechat 2021-06-17

Reviewer               LC end     Draft
Melinda Shore          2021-05-17 draft-ietf-payload-rtp-jpegxs
Mališa Vučinić         2021-06-10 draft-ietf-httpbis-semantics
Paul Wouters           2021-06-10 draft-ietf-httpbis-messaging

For telechat 2021-07-01

Reviewer               LC end     Draft
Nancy Cam-Winget       2021-06-08 draft-ietf-oauth-par
Chris Lonvick         R2020-07-03 draft-ietf-bess-evpn-inter-subnet-forwarding

Last calls:

Reviewer               LC end     Draft
John Bradley           2021-03-16 draft-ietf-idr-bgp-ls-registry
Nancy Cam-Winget       2021-06-08 draft-ietf-oauth-par
Shaun Cooley           2021-02-25 draft-ietf-v6ops-ipv6-ehs-packet-drops
Alan DeKok             2021-03-24 draft-ietf-cbor-tags-oid
Daniel Gillmor         2021-03-26 draft-ietf-lamps-crmf-update-algs
Phillip Hallam-Baker   2021-06-10 draft-ietf-stir-enhance-rfc8226
Steve Hanna            2021-03-22 draft-ietf-regext-secure-authinfo-transfer
Dan Harkins           R2021-03-22 draft-ietf-6man-spring-srv6-oam
Leif Johansson         None       draft-ietf-netconf-crypto-types
Charlie Kaufman       R2021-06-18 draft-ietf-trans-rfc6962-bis
Scott Kelly            2021-06-18 draft-ietf-6man-grand
Tero Kivinen           2021-06-21 draft-ietf-mpls-lsp-ping-ospfv3-codepoint
Watson Ladd            None       draft-ietf-netconf-tls-client-server
Barry Leiba            None       draft-ietf-netconf-ssh-client-server
Chris Lonvick         R2020-07-03 draft-ietf-bess-evpn-inter-subnet-forwarding
Aanchal Malhotra       None       draft-ietf-opsawg-l3sm-l3nm
Catherine Meadows      2021-04-14 draft-ietf-ntp-interleaved-modes
Kathleen Moriarty      2021-04-27 draft-ietf-bess-mvpn-msdp-sa-interoperation
Russ Mundy             2021-04-20 draft-ietf-dprive-xfr-over-tls
Sandra Murphy         R2021-04-05 draft-ietf-dmarc-psd
Sandra Murphy          2020-10-15 draft-ietf-tls-external-psk-importer
Yoav Nir               2021-04-28 draft-ietf-core-new-block
Melinda Shore          2021-05-17 draft-ietf-payload-rtp-jpegxs
Mališa Vučinić         2021-06-10 draft-ietf-httpbis-semantics
Carl Wallace          R2021-02-22 draft-ietf-tcpm-2140bis
Samuel Weiler          2021-02-22 draft-ietf-tls-dtls13
Brian Weis             2021-02-19 draft-ietf-lamps-cms-aes-gmac-alg
Klaas Wierenga         2020-12-02 draft-ietf-core-echo-request-tag
Klaas Wierenga         2020-05-26 draft-ietf-kitten-krb-spake-preauth
Christopher Wood       2021-06-15 draft-ietf-6man-ipv6-alt-mark
Paul Wouters           2021-06-10 draft-ietf-httpbis-messaging
Liang Xia              2021-03-17 draft-ietf-core-sid

Early review requests:

Reviewer               Due        Draft
Stephen Farrell        2021-06-21 draft-ietf-idr-bgpls-srv6-ext
Daniel Franke          2021-06-30 draft-ietf-anima-constrained-voucher
Tina Tsou              2021-02-15 draft-ietf-idr-eag-distribution
Dacheng Zhang          2020-12-07 draft-ietf-idr-eag-distribution

Next in the reviewer rotation:

  Aanchal Malhotra
  David Mandelberg
  Catherine Meadows
  Alexey Melnikov
  Daniel Migault
  Adam Montville
  Kathleen Moriarty
  Russ Mundy
  Sandra Murphy
  Yoav Nir


From nobody Thu Jun 10 07:20:36 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id EA4563A4260; Thu, 10 Jun 2021 07:20:25 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Tero Kivinen via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: draft-ietf-mpls-lsp-ping-ospfv3-codepoint.all@ietf.org, last-call@ietf.org, mpls@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.31.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162333482591.8235.4418205938937483332@ietfa.amsl.com>
Reply-To: Tero Kivinen <kivinen@iki.fi>
Date: Thu, 10 Jun 2021 07:20:25 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/2BZZpnECOGW1JFTB_e4v2Qa8g48>
Subject: [secdir] Secdir last call review of draft-ietf-mpls-lsp-ping-ospfv3-codepoint-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jun 2021 14:20:26 -0000

Reviewer: Tero Kivinen
Review result: Has Nits

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

This document allocates a code point for OSPFv3 for MPLS LSP Ping and 
updates previous allocation to only cover OSPFv2. It also defines
behavior when using IPv6 with OSPv3.

This document is quite short but hard to ready because of heavy use of acronyms
and just referencing code points with numbers and same with RFCs.

The security considerations section just says:

   This document updates [RFC8287] and does not introduce any additional
   security considerations.

And I am not completely sure if that is true, if this document really allows using
IPv6 when it was not possible before. Quite often having multiple address families do 
cause new security considerations too. Also RFC8287 refers to the RFC8029 for its
security considerations, so perhaps direct reference to RFC8029 would be needed here.

There are several acronyms which are not expanded on their first use (including
in title, and in abstract). Examples of such are IS, TLV, OSPF, IS+IS, IGP, SUb-TLV (is the 
spelling correct in abstract with uppercase u?),  FEC.

The use of just RFC numbers in reference format makes the document hard to read
as not everybody remembers what RFC is RFC number 8287, 8402 etc. It would be 
much nicer to at least on the first time use the format where the text refers to RFC
with title or similar and just has the reference in parenthesis, i.e.:

   RFC5340 "OSPF for IPv6" ([RFC5340]) describes OSPF version 3 (OSPFv3) to 
   support IPv6. RFC5838 "Support of Address Families in OSPFv3" ([RFC5838])
   describes the mechanism to support multiple address families (AFs) in OSPFv3.
   Accordingly, OSPFv3 may be used to advertise IPv6 and IPv4 prefixes.


is easier for reader than current format:

   [RFC5340] describes OSPF version 3 (OSPFv3) to support IPv6.
   [RFC5838] describes the mechanism to support multiple address
   families (AFs) in OSPFv3. Accordingly, OSPFv3 may be used to
   advertise IPv6 and IPv4 prefixes.

Or, as the rfc title tells what the RFC is about you do not need to explain it that much
you can simply say:

   RFC5340 "OSPF for IPv6" ([RFC5340]) describes OSPF version 3 (OSPFv3) and
   RFC5838 "Support of Address Families in OSPFv3" ([RFC5838])
   describes how OSPFv3 may be used to advertise IPv6 and IPv4 prefixes.

Also someone who is not at all familiar with this it is bit hard to know what are
Type 34, 35, and 36 in Segment Id Sub-TLV registry. 

As a personal note, I have never liked to just use the reference inside text
(for example "This document updates [RFC8287] ...") as in case the RFC 
rendering engine decides to render references in some other way than just 
text with [] around it, the text might get unreadable (For example it replaces the
text inside [] with number or footnote or similar). Thats why I myself usually
want to write those either as "This document updates RFC8287 ([RFC8287])..." or 
even "This document updates RFC8287..." as RFC8287 is referenced so many times
in the document that there is no need to make each instance a reference. But this
is just my personal view, and authors might have different views...




From nobody Thu Jun 10 21:21:04 2021
Return-Path: <shawn.emery@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F9E83A2760; Thu, 10 Jun 2021 21:20:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level: 
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZF-zj0hbOsHF; Thu, 10 Jun 2021 21:20:50 -0700 (PDT)
Received: from mail-ej1-x62c.google.com (mail-ej1-x62c.google.com [IPv6:2a00:1450:4864:20::62c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7D933A275F; Thu, 10 Jun 2021 21:20:49 -0700 (PDT)
Received: by mail-ej1-x62c.google.com with SMTP id he7so2442036ejc.13; Thu, 10 Jun 2021 21:20:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8wojJE3RIZ/qthvUvqw35TzJqTjCUUUyrs+CDOfLC3U=; b=rqmjXlPLvo5TV0V1WchWIvIAZ6UE/DLV1ZycBjmWVVkv6fJXCrIpZVA+BJSl2+deCR HVY/0N0J5l+cmkyKghKduNtksuxU9TRFFIpTJ0bO5yINtXSPX2p6fowBX6LkJHNqn1/d g5vQggtzEy4pfMq5WrevqxTiuApMqsTNvaTqMRVBwssv/0M5SSsPOYLaYRZmYLHHOA5K 8z3J0kG66jzXjF+pn3O6397f/ScJCWGvpqHDMZDciR4nfthKvoX8OOjf7ioKWt6jdTRI tCVW6Pr4Z+sHbhNx0g2Z2/2lsWNjcXNLmpPED8IJXqa0lVHjiUG9b1WMq2RWBm6PWp3a uQGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8wojJE3RIZ/qthvUvqw35TzJqTjCUUUyrs+CDOfLC3U=; b=tsWg+hmTw0mQxqrnzT1TTTlSP6Wjdc1aB9ANRyt9BbKccTbyyH9WqgY6sUblSQ/e62 9hhecGLR5pdrzA/23w/Yw34VFBrnX2rE08fq5qv2TUPOv43oCZUkm+x1wv4K4WrCQ+uc MVQhgZdo0G4JuQ8JwyK22GMuuMuCDmuJ8scgB0DVxM9OLh9P0+gq2GCDWsr+jgcy522k Ka5jQy1jiwV0WAFu3je3e0aGPcmwVsLDqJ4t3gcQvlHbhtcUur0jao6rscpIpM2UtkOu ta3PY6Re6Wb7O+r1Qfks2EGrvD1yFHJHf6n9jgcjsxA/SGEb2qCSfMuqDRKcC3msVUNO sFUQ==
X-Gm-Message-State: AOAM530qTlneRS7Y/77/j9ptsduHFBRp/WrfCNIRQqHnQPTpSBD8oiNn y6biJInJhUs1hBzi13syznb9SkQJUJMdeDA9CMS9soCeWTJnrw==
X-Google-Smtp-Source: ABdhPJxcKp7cpKtYndvHjMz1394D5kKf+My67Y8jZMxKHIrEHnYYsjzAE54LctPH90nqfUKiE47/hLkH0MhlXsQDFyo=
X-Received: by 2002:a17:906:5299:: with SMTP id c25mr1724158ejm.85.1623385242823;  Thu, 10 Jun 2021 21:20:42 -0700 (PDT)
MIME-Version: 1.0
References: <162302724403.5524.7530871359171917876@ietfa.amsl.com> <em199c2ab4-ef2f-4756-b044-35572ddfe7c2@sydney>
In-Reply-To: <em199c2ab4-ef2f-4756-b044-35572ddfe7c2@sydney>
From: Shawn Emery <shawn.emery@gmail.com>
Date: Thu, 10 Jun 2021 18:20:25 -1000
Message-ID: <CAChzXmaLej44C8W8pDMvAtLoY+p0NxUsptKEA7WaMRwExa329w@mail.gmail.com>
To: "Paul E. Jones" <paulej@packetizer.com>
Cc: secdir <secdir@ietf.org>, draft-ietf-perc-dtls-tunnel.all@ietf.org,  last-call@ietf.org, perc@ietf.org
Content-Type: multipart/alternative; boundary="000000000000bb6ecb05c475d4a0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/ya0Qx5g7GcHI6k0eTTz-fbI-ro8>
Subject: Re: [secdir] Secdir last call review of draft-ietf-perc-dtls-tunnel-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jun 2021 04:20:55 -0000

--000000000000bb6ecb05c475d4a0
Content-Type: text/plain; charset="UTF-8"

Thank you for incorporating the requested changes into the Security
Considerations section.  Looks better.  A few more nits with the latest
update:

s/the the/the/g
s/"EndpointDisconect"/"EndpointDisconnect"/
s/document rely/document relies/

Shawn.
--

On Mon, Jun 7, 2021 at 4:50 PM Paul E. Jones <paulej@packetizer.com> wrote:

> Shawn,
>
> Thanks for the review.  Russ also had comments on the security
> considerations section.  I have changed that substantially and welcome
> any additional input.  See these changes:
>
> https://github.com/percwg/perc-wg/compare/paulej_ietf_lc
>
> Paul
>
> ------ Original Message ------
> From: "Shawn Emery via Datatracker" <noreply@ietf.org>
> To: secdir@ietf.org
> Cc: draft-ietf-perc-dtls-tunnel.all@ietf.org; last-call@ietf.org;
> perc@ietf.org
> Sent: 6/6/2021 8:54:04 PM
> Subject: Secdir last call review of draft-ietf-perc-dtls-tunnel-08
>
> >Reviewer: Shawn Emery
> >Review result: Not Ready
> >
> >I have reviewed this document as part of the security directorate's
> ongoing
> >effort to review all IETF documents being processed by the IESG.  These
> >comments were written primarily for the benefit of the security area
> directors.
> >Document editors and WG chairs should treat these comments just like any
> other
> >last call comments.
> >
> >This draft specifies a DTLS tunneling protocol for Privacy-Enhanced RTP
> >Conferencing (PERC).  This entails a key exchange between the conference
> >end-points and the key distributor through a delegate, media distributor.
> >
> >The security considerations section does exist and describes that the
> media
> >distributor does not introduce any additional security issues given that
> it is
> >just on-path with the key exchange between the endpoint and the key
> >distributor.  Secondly, the key material between the media distributor
> and key
> >distributor is protected through the mutually authenticated connection
> between
> >the two entities.  Thirdly, the meta data exchanged between the media
> >distributor and key distributor is not sensitive information, but is still
> >protected through the TLS connection.  I agree with the above assertions.
> >Besides the concerns described in the genart review about the impact of
> key
> >material disclosure, the authors should consider the various other forms
> of
> >security issues against the protocol, such as downgrade/DoS attacks from
> >profile negotiation, etc.  The section could list and simply refer to the
> base
> >RFCs, 5764, 8871, etc., to provide remediation against these attacks.
> >
> >General comments:
> >
> >The example message flow and binary coding was helpful, thank you.
> >
> >Editorial comments:
> >
> >s/might might/might/
> >s/!@RFC4566/RFC4566/g
> >s/An value/A value/
> >s/!@RFC8126/RFC8126/
> >s/material This/material.  This/
> >
> >
> >
>
>

--000000000000bb6ecb05c475d4a0
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div><br></div><div>Thank you for incorporating the reques=
ted changes into the Security Considerations section.=C2=A0 Looks better.=
=C2=A0 A few more nits with the latest update:</div><div><br></div><div>s/t=
he the/the/g</div><div>s/&quot;EndpointDisconect&quot;/&quot;EndpointDiscon=
nect&quot;/</div><div>s/<span class=3D"gmail-blob-code-inner gmail-blob-cod=
e-marker">document rely/<span class=3D"gmail-blob-code-inner gmail-blob-cod=
e-marker">document relies/</span></span></div><div><span class=3D"gmail-blo=
b-code-inner gmail-blob-code-marker"><br></span></div><div>Shawn.</div><div=
>--<br></div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D=
"gmail_attr">On Mon, Jun 7, 2021 at 4:50 PM Paul E. Jones &lt;<a href=3D"ma=
ilto:paulej@packetizer.com">paulej@packetizer.com</a>&gt; wrote:<br></div><=
blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l=
eft:1px solid rgb(204,204,204);padding-left:1ex">Shawn,<br>
<br>
Thanks for the review.=C2=A0 Russ also had comments on the security <br>
considerations section.=C2=A0 I have changed that substantially and welcome=
 <br>
any additional input.=C2=A0 See these changes:<br>
<br>
<a href=3D"https://github.com/percwg/perc-wg/compare/paulej_ietf_lc" rel=3D=
"noreferrer" target=3D"_blank">https://github.com/percwg/perc-wg/compare/pa=
ulej_ietf_lc</a><br>
<br>
Paul<br>
<br>
------ Original Message ------<br>
From: &quot;Shawn Emery via Datatracker&quot; &lt;<a href=3D"mailto:noreply=
@ietf.org" target=3D"_blank">noreply@ietf.org</a>&gt;<br>
To: <a href=3D"mailto:secdir@ietf.org" target=3D"_blank">secdir@ietf.org</a=
><br>
Cc: <a href=3D"mailto:draft-ietf-perc-dtls-tunnel.all@ietf.org" target=3D"_=
blank">draft-ietf-perc-dtls-tunnel.all@ietf.org</a>; <a href=3D"mailto:last=
-call@ietf.org" target=3D"_blank">last-call@ietf.org</a>; <br>
<a href=3D"mailto:perc@ietf.org" target=3D"_blank">perc@ietf.org</a><br>
Sent: 6/6/2021 8:54:04 PM<br>
Subject: Secdir last call review of draft-ietf-perc-dtls-tunnel-08<br>
<br>
&gt;Reviewer: Shawn Emery<br>
&gt;Review result: Not Ready<br>
&gt;<br>
&gt;I have reviewed this document as part of the security directorate&#39;s=
 ongoing<br>
&gt;effort to review all IETF documents being processed by the IESG.=C2=A0 =
These<br>
&gt;comments were written primarily for the benefit of the security area di=
rectors.<br>
&gt;Document editors and WG chairs should treat these comments just like an=
y other<br>
&gt;last call comments.<br>
&gt;<br>
&gt;This draft specifies a DTLS tunneling protocol for Privacy-Enhanced RTP=
<br>
&gt;Conferencing (PERC).=C2=A0 This entails a key exchange between the conf=
erence<br>
&gt;end-points and the key distributor through a delegate, media distributo=
r.<br>
&gt;<br>
&gt;The security considerations section does exist and describes that the m=
edia<br>
&gt;distributor does not introduce any additional security issues given tha=
t it is<br>
&gt;just on-path with the key exchange between the endpoint and the key<br>
&gt;distributor.=C2=A0 Secondly, the key material between the media distrib=
utor and key<br>
&gt;distributor is protected through the mutually authenticated connection =
between<br>
&gt;the two entities.=C2=A0 Thirdly, the meta data exchanged between the me=
dia<br>
&gt;distributor and key distributor is not sensitive information, but is st=
ill<br>
&gt;protected through the TLS connection.=C2=A0 I agree with the above asse=
rtions.<br>
&gt;Besides the concerns described in the genart review about the impact of=
 key<br>
&gt;material disclosure, the authors should consider the various other form=
s of<br>
&gt;security issues against the protocol, such as downgrade/DoS attacks fro=
m<br>
&gt;profile negotiation, etc.=C2=A0 The section could list and simply refer=
 to the base<br>
&gt;RFCs, 5764, 8871, etc., to provide remediation against these attacks.<b=
r>
&gt;<br>
&gt;General comments:<br>
&gt;<br>
&gt;The example message flow and binary coding was helpful, thank you.<br>
&gt;<br>
&gt;Editorial comments:<br>
&gt;<br>
&gt;s/might might/might/<br>
&gt;s/!@RFC4566/RFC4566/g<br>
&gt;s/An value/A value/<br>
&gt;s/!@RFC8126/RFC8126/<br>
&gt;s/material This/material.=C2=A0 This/<br>
&gt;<br>
&gt;<br>
&gt;<br>
<br>
</blockquote></div>

--000000000000bb6ecb05c475d4a0--


From nobody Fri Jun 11 10:55:09 2021
Return-Path: <paulej@packetizer.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EDA33A0C49; Fri, 11 Jun 2021 10:55:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.398
X-Spam-Level: 
X-Spam-Status: No, score=-4.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=packetizer.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TxHJi8kaZeWw; Fri, 11 Jun 2021 10:54:58 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [IPv6:2600:1f18:24d6:2e01:e842:9b2b:72a2:d2c6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D94CD3A0C3C; Fri, 11 Jun 2021 10:54:57 -0700 (PDT)
Received: from authuser (localhost [127.0.0.1]) 
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=packetizer.com; s=dublin; t=1623434094; bh=W8S+2aAc8tGPox24RkAR4oooIKJG04G5Kyp/W4ZWG8Q=; h=From:To:Subject:Cc:Date:In-Reply-To:References:Reply-To; b=fbGxtqLm5L7gNnJzq9HKMdhNy4KwX4v3zp+5GL4TraE3z22cEeIJuBPVTOVw2f5D3 GVEBtT2W9FvP8zwECx4NQ6g3QDG2+cDEhI+p3aNP2Y+rl67yJV51FuBdp3TROR78WY +ThKr6f8bIRowVaB1bx7+FM7oB+pPmtxKmMgqHLk=
From: "Paul E. Jones" <paulej@packetizer.com>
To: "Shawn Emery" <shawn.emery@gmail.com>
Cc: secdir <secdir@ietf.org>, draft-ietf-perc-dtls-tunnel.all@ietf.org, last-call@ietf.org, perc@ietf.org
Date: Fri, 11 Jun 2021 17:54:51 +0000
Message-Id: <em064c7e00-0462-478a-930c-0caee8726d63@sydney>
In-Reply-To: <CAChzXmaLej44C8W8pDMvAtLoY+p0NxUsptKEA7WaMRwExa329w@mail.gmail.com>
References: <162302724403.5524.7530871359171917876@ietfa.amsl.com> <em199c2ab4-ef2f-4756-b044-35572ddfe7c2@sydney> <CAChzXmaLej44C8W8pDMvAtLoY+p0NxUsptKEA7WaMRwExa329w@mail.gmail.com>
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
User-Agent: eM_Client/8.2.1473.0
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="------=_MB152C625B-E598-4159-8696-D44D7A117755"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/C7UtC0-7yJUPnsCtB38UMLlPeAo>
Subject: Re: [secdir] Secdir last call review of draft-ietf-perc-dtls-tunnel-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jun 2021 17:55:04 -0000

--------=_MB152C625B-E598-4159-8696-D44D7A117755
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable

Thanks!  I fixed those.

Paul

------ Original Message ------
From: "Shawn Emery" <shawn.emery@gmail.com>
To: "Paul E. Jones" <paulej@packetizer.com>
Cc: "secdir" <secdir@ietf.org>;=20
draft-ietf-perc-dtls-tunnel.all@ietf.org; last-call@ietf.org;=20
perc@ietf.org
Sent: 6/11/2021 12:20:25 AM
Subject: Re: Secdir last call review of draft-ietf-perc-dtls-tunnel-08

>
>Thank you for incorporating the requested changes into the Security=20
>Considerations section.  Looks better.  A few more nits with the latest=20
>update:
>
>s/the the/the/g
>s/"EndpointDisconect"/"EndpointDisconnect"/
>s/document rely/document relies/
>
>Shawn.
>--
>
>On Mon, Jun 7, 2021 at 4:50 PM Paul E. Jones <paulej@packetizer.com>=20
>wrote:
>>Shawn,
>>
>>Thanks for the review.  Russ also had comments on the security
>>considerations section.  I have changed that substantially and welcome
>>any additional input.  See these changes:
>>
>>https://github.com/percwg/perc-wg/compare/paulej_ietf_lc
>>
>>Paul
>>
>>------ Original Message ------
>>From: "Shawn Emery via Datatracker" <noreply@ietf.org>
>>To: secdir@ietf.org
>>Cc: draft-ietf-perc-dtls-tunnel.all@ietf.org; last-call@ietf.org;
>>perc@ietf.org
>>Sent: 6/6/2021 8:54:04 PM
>>Subject: Secdir last call review of draft-ietf-perc-dtls-tunnel-08
>>
>> >Reviewer: Shawn Emery
>> >Review result: Not Ready
>> >
>> >I have reviewed this document as part of the security directorate's=20
>>ongoing
>> >effort to review all IETF documents being processed by the IESG. =20
>>These
>> >comments were written primarily for the benefit of the security area=20
>>directors.
>> >Document editors and WG chairs should treat these comments just like=20
>>any other
>> >last call comments.
>> >
>> >This draft specifies a DTLS tunneling protocol for Privacy-Enhanced=20
>>RTP
>> >Conferencing (PERC).  This entails a key exchange between the=20
>>conference
>> >end-points and the key distributor through a delegate, media=20
>>distributor.
>> >
>> >The security considerations section does exist and describes that the=
=20
>>media
>> >distributor does not introduce any additional security issues given=20
>>that it is
>> >just on-path with the key exchange between the endpoint and the key
>> >distributor.  Secondly, the key material between the media=20
>>distributor and key
>> >distributor is protected through the mutually authenticated=20
>>connection between
>> >the two entities.  Thirdly, the meta data exchanged between the media
>> >distributor and key distributor is not sensitive information, but is=20
>>still
>> >protected through the TLS connection.  I agree with the above=20
>>assertions.
>> >Besides the concerns described in the genart review about the impact=20
>>of key
>> >material disclosure, the authors should consider the various other=20
>>forms of
>> >security issues against the protocol, such as downgrade/DoS attacks=20
>>from
>> >profile negotiation, etc.  The section could list and simply refer to=
=20
>>the base
>> >RFCs, 5764, 8871, etc., to provide remediation against these attacks.
>> >
>> >General comments:
>> >
>> >The example message flow and binary coding was helpful, thank you.
>> >
>> >Editorial comments:
>> >
>> >s/might might/might/
>> >s/!@RFC4566/RFC4566/g
>> >s/An value/A value/
>> >s/!@RFC8126/RFC8126/
>> >s/material This/material.  This/
>> >
>> >
>> >
>>
--------=_MB152C625B-E598-4159-8696-D44D7A117755
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><head><style id=3D"pgp_css" type=3D"text/css"><!----></style><style i=
d=3D"css_styles" type=3D"text/css"><!--blockquote.cite { margin-left: 5px;=
 margin-right: 0px; padding-left: 10px; padding-right:0px; border-left: 1px=
 solid #cccccc }
blockquote.cite2 {margin-left: 5px; margin-right: 0px; padding-left: 10px;=
 padding-right:0px; border-left: 1px solid #cccccc; margin-top: 3px; padding=
-top: 0px; }
a img { border: 0px; }
li[style=3D'text-align: center;'], li[style=3D'text-align: center; '], li[s=
tyle=3D'text-align: right;'], li[style=3D'text-align: right; '] {  list-sty=
le-position: inside;}
body { font-family: Calibri; font-size: 11pt;   }=20
.quote { margin-left: 1em; margin-right: 1em; border-left: 5px #ebebeb soli=
d; padding-left: 0.3em; }--></style></head><body><div>Thanks!=C2=A0 I fixed =
those.</div><div><br /></div><div>Paul</div>
<div><br /></div>
<div>------ Original Message ------</div>
<div>From: "Shawn Emery" &lt;<a href=3D"mailto:shawn.emery@gmail.com">shawn=
.emery@gmail.com</a>&gt;</div>
<div>To: "Paul E. Jones" &lt;<a href=3D"mailto:paulej@packetizer.com">paule=
j@packetizer.com</a>&gt;</div>
<div>Cc: "secdir" &lt;<a href=3D"mailto:secdir@ietf.org">secdir@ietf.org</a=
>&gt;; <a href=3D"mailto:draft-ietf-perc-dtls-tunnel.all@ietf.org">draft-ie=
tf-perc-dtls-tunnel.all@ietf.org</a>; <a href=3D"mailto:last-call@ietf.org"=
>last-call@ietf.org</a>; <a href=3D"mailto:perc@ietf.org">perc@ietf.org</a>=
</div>
<div>Sent: 6/11/2021 12:20:25 AM</div>
<div>Subject: Re: Secdir last call review of draft-ietf-perc-dtls-tunnel-08=
</div><div><br /></div>
<div id=3D"x2c6fbbdfb3bb409"><blockquote cite=3D"CAChzXmaLej44C8W8pDMvAtLoY=
+p0NxUsptKEA7WaMRwExa329w@mail.gmail.com" type=3D"cite" class=3D"cite2">
<div dir=3D"ltr"><div><br /></div><div>Thank you for incorporating the requ=
ested changes into the Security Considerations section.=C2=A0 Looks better.=
=C2=A0 A few more nits with the latest update:</div><div><br /></div><div>s=
/the the/the/g</div><div>s/"EndpointDisconect"/"EndpointDisconnect"/</div><=
div>s/<span class=3D"gmail-blob-code-inner gmail-blob-code-marker">document =
rely/<span class=3D"gmail-blob-code-inner gmail-blob-code-marker">document =
relies/</span></span></div><div><span class=3D"gmail-blob-code-inner gmail=
-blob-code-marker"><br /></span></div><div>Shawn.</div><div>--<br /></div><=
/div><br /><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr"=
>On Mon, Jun 7, 2021 at 4:50 PM Paul E. Jones &lt;<a href=3D"mailto:paulej@=
packetizer.com">paulej@packetizer.com</a>&gt; wrote:<br /></div><blockquote =
class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px so=
lid rgb(204,204,204);padding-left:1ex">Shawn,<br />
<br />
Thanks for the review.=C2=A0 Russ also had comments on the security <br />
considerations section.=C2=A0 I have changed that substantially and welcome =
<br />
any additional input.=C2=A0 See these changes:<br />
<br />
<a href=3D"https://github.com/percwg/perc-wg/compare/paulej_ietf_lc" rel=3D=
"noreferrer">https://github.com/percwg/perc-wg/compare/paulej_ietf_lc</a><b=
r />
<br />
Paul<br />
<br />
------ Original Message ------<br />
From: "Shawn Emery via Datatracker" &lt;<a href=3D"mailto:noreply@ietf.org"=
>noreply@ietf.org</a>&gt;<br />
To: <a href=3D"mailto:secdir@ietf.org">secdir@ietf.org</a><br />
Cc: <a href=3D"mailto:draft-ietf-perc-dtls-tunnel.all@ietf.org">draft-ietf-=
perc-dtls-tunnel.all@ietf.org</a>; <a href=3D"mailto:last-call@ietf.org">la=
st-call@ietf.org</a>; <br />
<a href=3D"mailto:perc@ietf.org">perc@ietf.org</a><br />
Sent: 6/6/2021 8:54:04 PM<br />
Subject: Secdir last call review of draft-ietf-perc-dtls-tunnel-08<br />
<br />
&gt;Reviewer: Shawn Emery<br />
&gt;Review result: Not Ready<br />
&gt;<br />
&gt;I have reviewed this document as part of the security directorate's ong=
oing<br />
&gt;effort to review all IETF documents being processed by the IESG.=C2=A0=
 These<br />
&gt;comments were written primarily for the benefit of the security area di=
rectors.<br />
&gt;Document editors and WG chairs should treat these comments just like an=
y other<br />
&gt;last call comments.<br />
&gt;<br />
&gt;This draft specifies a DTLS tunneling protocol for Privacy-Enhanced RTP=
<br />
&gt;Conferencing (PERC).=C2=A0 This entails a key exchange between the conf=
erence<br />
&gt;end-points and the key distributor through a delegate, media distributo=
r.<br />
&gt;<br />
&gt;The security considerations section does exist and describes that the m=
edia<br />
&gt;distributor does not introduce any additional security issues given tha=
t it is<br />
&gt;just on-path with the key exchange between the endpoint and the key<br=
 />
&gt;distributor.=C2=A0 Secondly, the key material between the media distrib=
utor and key<br />
&gt;distributor is protected through the mutually authenticated connection=
 between<br />
&gt;the two entities.=C2=A0 Thirdly, the meta data exchanged between the me=
dia<br />
&gt;distributor and key distributor is not sensitive information, but is st=
ill<br />
&gt;protected through the TLS connection.=C2=A0 I agree with the above asse=
rtions.<br />
&gt;Besides the concerns described in the genart review about the impact of =
key<br />
&gt;material disclosure, the authors should consider the various other form=
s of<br />
&gt;security issues against the protocol, such as downgrade/DoS attacks fro=
m<br />
&gt;profile negotiation, etc.=C2=A0 The section could list and simply refer =
to the base<br />
&gt;RFCs, 5764, 8871, etc., to provide remediation against these attacks.<b=
r />
&gt;<br />
&gt;General comments:<br />
&gt;<br />
&gt;The example message flow and binary coding was helpful, thank you.<br /=
>
&gt;<br />
&gt;Editorial comments:<br />
&gt;<br />
&gt;s/might might/might/<br />
&gt;s/!@RFC4566/RFC4566/g<br />
&gt;s/An value/A value/<br />
&gt;s/!@RFC8126/RFC8126/<br />
&gt;s/material This/material.=C2=A0 This/<br />
&gt;<br />
&gt;<br />
&gt;<br />
<br />
</blockquote></div>
</blockquote></div>
</body></html>
--------=_MB152C625B-E598-4159-8696-D44D7A117755--


From nobody Sat Jun 12 16:30:32 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D7F5C3A25A1; Sat, 12 Jun 2021 16:30:22 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Scott Kelly via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: draft-ietf-6man-grand.all@ietf.org, ipv6@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.32.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162354062279.2423.14290767733643508744@ietfa.amsl.com>
Reply-To: Scott Kelly <scott@hyperthought.com>
Date: Sat, 12 Jun 2021 16:30:22 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/7xjhRYhrHQKT1x0I_Lx_-qGyjoU>
Subject: [secdir] Secdir last call review of draft-ietf-6man-grand-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Jun 2021 23:30:23 -0000

Reviewer: Scott Kelly
Review result: Ready

>From the abstract, this document updates RFC4861 to allow routers to
proactively create a Neighbor Cache entry when a new IPv6 address is assigned
to a node.  It also updates RFC4861 and recommends nodes to send unsolicited
Neighbor Advertisements upon assigning a new IPv6 address.

The security considerations section discusses address spoofing and cache
flooding, noting that the proposed change introduces nothing new. I agree.



From nobody Mon Jun 14 07:48:33 2021
Return-Path: <stu.card@axenterprize.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 888B13A2669 for <secdir@ietfa.amsl.com>; Mon, 14 Jun 2021 07:48:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level: 
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=axenterprize.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ll034gqM2Sls for <secdir@ietfa.amsl.com>; Mon, 14 Jun 2021 07:48:22 -0700 (PDT)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02B163A13AC for <secdir@ietf.org>; Mon, 14 Jun 2021 07:48:21 -0700 (PDT)
Received: by mail-ej1-x62d.google.com with SMTP id k7so17118325ejv.12 for <secdir@ietf.org>; Mon, 14 Jun 2021 07:48:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axenterprize.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=fgnbR9fbNBTUlDhnvP01Ll0ql1MbwRFpRrNWSWFFpDo=; b=dN9mjAzXapIX6ptiDdi+9B2ziYlTyk2jD1V15ky9F0E5MM3NUnts0UciQeYqsdO3W1 kwssUlFU5HBwzYhZkHCoek4n9wJZD4jMQunqVM+NaWo2vpq2NtZcI8Xv7Eyf+Wrgk+ln 30WKbIEc6Wh9Z5+uiirbAK2j2NPpTOSeqQ/s0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=fgnbR9fbNBTUlDhnvP01Ll0ql1MbwRFpRrNWSWFFpDo=; b=qNWHKw9oV34Jj/5Et9CjuO2jq5dzOyfCReIUTOYkbC0Q7VehfNY2hXgZFH0NYtKvQv saMSctRZVisPDqgo4G6XY1OqP4CZiMc1hptkhipnt+TnlPGAjM+1vbTpXnHFIkf7He/C Hxa2kpGQCxcbWi2vJ8yXoJfnwrlNsc/rQQceLEbSq4FUVXKce2pgv6pbBU+cIzSsp8Az fN0i8x4RGVhUKO8umFNUmQvoIHSLKj01it/PitHfiFygl4OIWYIAI8A0dajJE29fo+5A 7HAdUDlWEVbis41TfGYzza9tuG6S7k1vkRO40q181z9Ru5n4v83sBIyGXBEczO8Mqqp+ Y+sw==
X-Gm-Message-State: AOAM531KOgZ9aq/6dFJ7x8wyJBDXBRnW5dDFVkmALEy3Tlk7gVnUhLgN 4MBsekHZaBfpTa3CVhOA+CJgPvoDldKUBlLrx5ZBhvyfZO1rQcSQ
X-Google-Smtp-Source: ABdhPJxEt70VuDcdedCO70IZ2o1Zkc1xyES8Y9IBu4dt+KhOwM6ImVLj9thg5eEYKMsm4gY1W493zjPEaST7yFX3Txk=
X-Received: by 2002:a17:906:dfd1:: with SMTP id jt17mr15624231ejc.486.1623682099407;  Mon, 14 Jun 2021 07:48:19 -0700 (PDT)
MIME-Version: 1.0
References: <162284607683.2810.922759741714671925@ietfa.amsl.com> <1fda7554-4396-e2be-6710-9d418d0f9171@axenterprize.com>
In-Reply-To: <1fda7554-4396-e2be-6710-9d418d0f9171@axenterprize.com>
From: "Card, Stu" <stu.card@axenterprize.com>
Date: Mon, 14 Jun 2021 10:48:06 -0400
Message-ID: <CAKM0pYNYonOrtXFhXFoU6fq7EknVXkm=SwGntLCT99DNNaT9EA@mail.gmail.com>
To: Linda Dunbar <linda.dunbar@futurewei.com>, secdir@ietf.org
Cc: draft-ietf-drip-reqs.all@ietf.org, last-call@ietf.org, tm-rid@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c383d005c4baf248"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/axALJHtc6K6yU1yp3uFN1v0QCCI>
Subject: Re: [secdir] Secdir last call review of draft-ietf-drip-reqs-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jun 2021 14:48:28 -0000

--000000000000c383d005c4baf248
Content-Type: text/plain; charset="UTF-8"

DRIP Requirements rev 13 has been posted.
https://datatracker.ietf.org/doc/draft-ietf-drip-reqs/
Thanks for your review, which I hope this rev adequately reflects.


On Mon, Jun 7, 2021 at 11:23 AM Stuart W. Card <stu.card@axenterprize.com>
wrote:

> Good catch: not that the issue has not been addressed, but that where
> (external to IETF) it has been addressed is neither cited nor explained
> in our requirements; those of us more involved in UAS know it was
> addressed elsewhere, so never thought even to mention it here, as we
> should. Thanks!
>
> I previously sent the above reply to a narrower distribution, but just
> learned proper form in this context is to Reply to All.
>
> On 6/4/2021 6:34 PM, Linda Dunbar via Datatracker wrote:
> > Reviewer: Linda Dunbar
> > Review result: Has Issues
> >
> > Reviewer: Linda Dunbar
> > Review result: Has Issues
> >
> > I have reviewed this document as part of the security directorate's
> ongoing
> > effort to review all IETF documents being processed by the IESG.  These
> > comments were written primarily for the benefit of the security area
> directors.
> >   Document editors and WG chairs should treat these comments just like
> any other
> >    last call comments.
> >
> > This document specifies the requirements for Drone Remote Identifiers.
> But it
> > doesn't specify any Authoritative agencies to manage the Remote IDs.
> Section
> > 1.2 states that the Remote IDs are "Self-reports".  Does it mean anyone
> who
> > buys or deploys drones will follow the naming requirements specified by
> this
> > document? How to enforce?
> >
> > Best Regards,
> > Linda Dunbar
> >
> >
> >
>
>
> --
> -----------------------------------------
> Stuart W. Card, PhD, Principal Engineer
> AX Enterprize, LLC  www.axenterprize.com
> 4947 Commercial Drive, Yorkville NY 13495
>

--000000000000c383d005c4baf248
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">DRIP Requirements rev 13 has been posted.<div><a href=3D"h=
ttps://datatracker.ietf.org/doc/draft-ietf-drip-reqs/">https://datatracker.=
ietf.org/doc/draft-ietf-drip-reqs/</a><br></div><div>Thanks for your review=
, which I hope this rev adequately reflects.</div><div><br></div></div><br>=
<div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Mon, Ju=
n 7, 2021 at 11:23 AM Stuart W. Card &lt;<a href=3D"mailto:stu.card@axenter=
prize.com">stu.card@axenterprize.com</a>&gt; wrote:<br></div><blockquote cl=
ass=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid=
 rgb(204,204,204);padding-left:1ex">Good catch: not that the issue has not =
been addressed, but that where <br>
(external to IETF) it has been addressed is neither cited nor explained <br=
>
in our requirements; those of us more involved in UAS know it was <br>
addressed elsewhere, so never thought even to mention it here, as we <br>
should. Thanks!<br>
<br>
I previously sent the above reply to a narrower distribution, but just <br>
learned proper form in this context is to Reply to All.<br>
<br>
On 6/4/2021 6:34 PM, Linda Dunbar via Datatracker wrote:<br>
&gt; Reviewer: Linda Dunbar<br>
&gt; Review result: Has Issues<br>
&gt; <br>
&gt; Reviewer: Linda Dunbar<br>
&gt; Review result: Has Issues<br>
&gt; <br>
&gt; I have reviewed this document as part of the security directorate&#39;=
s ongoing<br>
&gt; effort to review all IETF documents being processed by the IESG.=C2=A0=
 These<br>
&gt; comments were written primarily for the benefit of the security area d=
irectors.<br>
&gt;=C2=A0 =C2=A0Document editors and WG chairs should treat these comments=
 just like any other<br>
&gt;=C2=A0 =C2=A0 last call comments.<br>
&gt; <br>
&gt; This document specifies the requirements for Drone Remote Identifiers.=
 But it<br>
&gt; doesn&#39;t specify any Authoritative agencies to manage the Remote ID=
s. Section<br>
&gt; 1.2 states that the Remote IDs are &quot;Self-reports&quot;.=C2=A0 Doe=
s it mean anyone who<br>
&gt; buys or deploys drones will follow the naming requirements specified b=
y this<br>
&gt; document? How to enforce?<br>
&gt; <br>
&gt; Best Regards,<br>
&gt; Linda Dunbar<br>
&gt; <br>
&gt; <br>
&gt; <br>
<br>
<br>
-- <br>
-----------------------------------------<br>
Stuart W. Card, PhD, Principal Engineer<br>
AX Enterprize, LLC=C2=A0 <a href=3D"http://www.axenterprize.com" rel=3D"nor=
eferrer" target=3D"_blank">www.axenterprize.com</a><br>
4947 Commercial Drive, Yorkville NY 13495<br>
</blockquote></div>

--000000000000c383d005c4baf248--


From nobody Tue Jun 15 16:16:26 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D2C23A41CA; Tue, 15 Jun 2021 16:16:19 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Christopher Wood via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: draft-ietf-6man-ipv6-alt-mark.all@ietf.org, ipv6@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.32.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162379897899.20803.2196921209927070076@ietfa.amsl.com>
Reply-To: Christopher Wood <caw@heapingbits.net>
Date: Tue, 15 Jun 2021 16:16:19 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/7xRW0ejIzR86cfdtnKGaBwSMyxE>
Subject: [secdir] Secdir last call review of draft-ietf-6man-ipv6-alt-mark-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jun 2021 23:16:20 -0000

Reviewer: Christopher Wood
Review result: Has Issues

General comments:

I don't quite understand the need for this mechanism -- why would one use these
markings instead of transport-layer signals a la ECN? -- so I've constrained my
comments to the mechanical details. My only high level comment pertains to the
threat model and value of these metrics. In particular, it's not clear to me
how an operator would distinguish between actual operational problems causing
loss or delay from an attacker that's modifying marking flags to give the
appearance of loss or delay. In untrusted domains, how are these markings
expected to be used reliably? (I guess I just don't understand the threat model
well enough, and I couldn't glean it from the security considerations.)

Specific comments:

Section 2.

        o  In case of Hop-by-Hop Option Header carrying Alternate Marking
        bits, it is not inserted or deleted, but can be read by any node
        along the path.  The intermediate nodes may be configured to
        support this Option or not and the measurement can be done only
        for the nodes configured to read the Option.  Anyway this should
        not affect the traffic throughput on nodes that do not recognize
        the Option, as further discussed in Section 4.

A couple questions come to mind when reading this. In no particular order:

- What stops a hop along the path from inserting or deleting these markings?
What is affected if that happens?

- Does it affect throughput on nodes that _do_ recognize the option?

While the threat model (monitoring within a controlled domain) seems to rule
out these issues, the implications of alterations, even if accidental, seem
worth elaborating upon.

        Flow Label and
        FlowMonID within the same packet have different scope, identify
        different flows, and are intended for different use cases.

Is the set of packets defined by a FlowMonID a subset of those defined by a
Flow Label, do they have some overlap, or are they completely disjoint?
(Writing out the relationship in more detail might help clarify why a new label
is indeed needed for non-experts.) It seems like a shame to redefine yet
another flow field.

As a nit, given the relation to and possible confusion with Flow Label, perhaps
we could rename FlowMonID to something TraceID?

        So, for the purposes of
        this document, both IP addresses and Flow Label should not change in
        flight and, in some cases, they could be considered together with the
        FlowMonID for disambiguation.

The restrictions of a controlled domain, wherein there is assumed to be no
attacker that can modify these fields, is probably worth noting here. It's in
Section 2.1 and the security considerations, in the "harm to measurements"
section, but that is somewhat buried at this point in the document, though
perhaps worth promoting to some point earlier in the document.

Section 2.1.

This should probably point to the security considerations for more information
about controlled domains.

Section 3.1.

   o  Opt Data Len: The length of the Option Data Fields of this Option
      in bytes.

Are there requirements for how long the reserved field in the option data is
supposed to be? It seems that this field must consist of all zeroes, but that
it can be up to 255 bytes long. Given that the data consists of a FlowMonID (20
bits) and two flags (2 bits), would it be useful to recommend (or require) a
size for this?

Section 5.

   It is important to highlight that the definition of the Hop-by-Hop
   Options in this document SHOULD NOT affect the throughput on nodes
   that do not recognize the Option.

This is an interesting requirement. Surely a node that processes the option
does more work before forwarding a packet, which seems like it would affect
throughput, even if that impact is negligible. Perhaps "SHOULD NOT affect the
throughput" could be rephrased as "is designed to minimize throughput impact on
nodes that do not support the option"?

Section 5.1.

   The measurement of the packet loss is really straightforward.  The
   packets of the flow are grouped into batches, and all the packets
   within a batch are marked by setting the L bit (Loss flag) to a same
   value.

Does this require nodes to batch packets in memory before forwarding? (As
written, that seems to be the case, which seems odd.)

        The source node can switch the value of the L bit between 0
        and 1 after a fixed number of packets or according to a fixed timer,
        and this depends on the implementation.

Using a timer for this seems like a very error or noisy implementation
approach. Beyond having tightly synchronized clocks, which is already a
challenging requirement, is the idea that using a counter is somehow more
complex than a timer? (If there's no benefit to using a timer, and it only
introduces operational challenges, I'd recommend just removing the suggestion
altogether, but I may be missing something.)

        In a few words this
        implies that the length of the batches MUST be chosen large enough so
        that the method is not affected by those factors.

There does not seem to be enough guidance here to enforce this MUST, especially
given the different factors that affect batch size. What happens if this MUST
is violated? (Perhaps downgrading to a SHOULD would be better.)

Section 5.2.

How do nodes know if they should measure delay using the single- or
double-marking methodology? Is that determines by some per-domain policy?

        The most efficient and robust mode
        is to select a single double-marked packet for each batch, in
        this way there is no time gap to consider between the double-
        marked packets to avoid their reorder.

I'm having a hard time understanding this guidance. How exactly does one select
a single packet? Is it done at random, or is there another way? (The figures
seem to suggest that the packet is picked from the "middle" of a batch.)

Section 5.3.

   The FlowMon identifier field is to uniquely identify a monitored flow
   within the measurement domain.  The field is set at the source node.
   The FlowMonID can be uniformly assigned by the central controller or
   algorithmically generated by the source node.  The latter approach
   cannot guarantee the uniqueness of FlowMonID but it may be preferred
   for local or private network, where the conflict probability is small
   due to the large FlowMonID space.

What happens when all values in the FlowMonID space are consumed? Are old flows
discarded or overwritten? I would imagine there's some way IDs are recycled
given the finite 2^20 space, but that's not discussed.

Section 5.3.1.

This seems like text that should be moved to the security considerations. In
doing so, it can also be trimmed. (I would claim that the 32-bit FlowMonID
example is irrelevant given that these labels are 20 bits long, for example.)

Section 6.

        Moreover, Alternate Marking should usually be applied in
        a controlled domain and this also helps to limit the problem.

Does this mean to suggest that Alternate Marking can be used in networks where
attackers exist? If so, comments above regarding the integrity of these fields
should be addressed, I think.

   The privacy concerns of network measurement are limited because the
   method only relies on information contained in the Option Header
   without any release of user data.  Although information in the Option
   Header is metadata that can be used to compromise the privacy of
   users, the limited marking technique seems unlikely to substantially
   increase the existing privacy risks from header or encapsulation
   metadata.

The QUIC working group spent a _long_ time trying to understand the privacy
implications of a single latency bit. I'd encourage the authors here to review
the history of that discussion, and then revisit this paragraph. While privacy
implications may not seem obvious, I think it's a mistake to say that it is
unlikely to introduce any new sort of attack vector.

   The Alternate Marking application described in this document relies
   on an time synchronization protocol.  Thus, by attacking the time
   protocol, an attacker can potentially compromise the integrity of the
   measurement.

This seems somewhat buried, and probably worth promoting to the introduction.

Editorial comments:

- Some language is a bit informal, e.g., "Anyway, ...". I recommend removing
such phrasings throughout.

- "Alternate Marking" and "alternate marking" are inconsistently capitalized.
Is that intentional?

- OAM is undefined in Section 4 -- perhaps we can spell it out? (I assume it's
Operations, Administration, and Maintenance.)




From nobody Wed Jun 16 06:20:13 2021
Return-Path: <giuseppe.fioccola@huawei.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE4FA3A16D8; Wed, 16 Jun 2021 06:20:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TI_KNHW46yuS; Wed, 16 Jun 2021 06:20:08 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CA403A16D5; Wed, 16 Jun 2021 06:20:08 -0700 (PDT)
Received: from fraeml715-chm.china.huawei.com (unknown [172.18.147.200]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4G4lsr1Dd4z6K6Ly; Wed, 16 Jun 2021 21:10:24 +0800 (CST)
Received: from fraeml714-chm.china.huawei.com (10.206.15.33) by fraeml715-chm.china.huawei.com (10.206.15.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Wed, 16 Jun 2021 15:20:05 +0200
Received: from fraeml714-chm.china.huawei.com ([10.206.15.33]) by fraeml714-chm.china.huawei.com ([10.206.15.33]) with mapi id 15.01.2176.012; Wed, 16 Jun 2021 15:20:05 +0200
From: Giuseppe Fioccola <giuseppe.fioccola@huawei.com>
To: Christopher Wood <caw@heapingbits.net>, "secdir@ietf.org" <secdir@ietf.org>
CC: "draft-ietf-6man-ipv6-alt-mark.all@ietf.org" <draft-ietf-6man-ipv6-alt-mark.all@ietf.org>, "ipv6@ietf.org" <ipv6@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: Secdir last call review of draft-ietf-6man-ipv6-alt-mark-06
Thread-Index: AQHXYjx3SjL3idLxR0OcSAKtwyLjKKsWa8sA
Date: Wed, 16 Jun 2021 13:20:05 +0000
Message-ID: <51c893a1ff8f47518b435f2ad83dbee8@huawei.com>
References: <162379897899.20803.2196921209927070076@ietfa.amsl.com>
In-Reply-To: <162379897899.20803.2196921209927070076@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.48.208.143]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/DDToXWill57G8ZKA7vLBBK22p4w>
Subject: Re: [secdir] Secdir last call review of draft-ietf-6man-ipv6-alt-mark-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jun 2021 13:20:12 -0000

RGVhciBDaHJpc3RvcGhlciwNClRoYW5rIHlvdSBmb3IgeW91ciBxdWVzdGlvbnMgYW5kIGRldGFp
bGVkIGNvbW1lbnRzLg0KV2UgYXJlIHdvcmtpbmcgb24gYSBuZXcgdmVyc2lvbiB0byBhZGRyZXNz
IGFsbCB0aGUgaW5wdXRzIHJlY2VpdmVkIGR1cmluZyB0aGUgTGFzdCBDYWxsLg0KUGxlYXNlIGZp
bmQgbXkgYW5zd2VycyBpbmxpbmUgdGFnZ2VkIGFzIFtHRl0uDQoNClJlZ2FyZHMsDQoNCkdpdXNl
cHBlDQoNCi0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBDaHJpc3RvcGhlciBXb29k
IHZpYSBEYXRhdHJhY2tlciA8bm9yZXBseUBpZXRmLm9yZz4gDQpTZW50OiBXZWRuZXNkYXksIEp1
bmUgMTYsIDIwMjEgMToxNiBBTQ0KVG86IHNlY2RpckBpZXRmLm9yZw0KQ2M6IGRyYWZ0LWlldGYt
Nm1hbi1pcHY2LWFsdC1tYXJrLmFsbEBpZXRmLm9yZzsgaXB2NkBpZXRmLm9yZzsgbGFzdC1jYWxs
QGlldGYub3JnDQpTdWJqZWN0OiBTZWNkaXIgbGFzdCBjYWxsIHJldmlldyBvZiBkcmFmdC1pZXRm
LTZtYW4taXB2Ni1hbHQtbWFyay0wNg0KDQpSZXZpZXdlcjogQ2hyaXN0b3BoZXIgV29vZA0KUmV2
aWV3IHJlc3VsdDogSGFzIElzc3Vlcw0KDQpHZW5lcmFsIGNvbW1lbnRzOg0KDQpJIGRvbid0IHF1
aXRlIHVuZGVyc3RhbmQgdGhlIG5lZWQgZm9yIHRoaXMgbWVjaGFuaXNtIC0tIHdoeSB3b3VsZCBv
bmUgdXNlIHRoZXNlIG1hcmtpbmdzIGluc3RlYWQgb2YgdHJhbnNwb3J0LWxheWVyIHNpZ25hbHMg
YSBsYSBFQ04/IC0tIHNvIEkndmUgY29uc3RyYWluZWQgbXkgY29tbWVudHMgdG8gdGhlIG1lY2hh
bmljYWwgZGV0YWlscy4gTXkgb25seSBoaWdoIGxldmVsIGNvbW1lbnQgcGVydGFpbnMgdG8gdGhl
IHRocmVhdCBtb2RlbCBhbmQgdmFsdWUgb2YgdGhlc2UgbWV0cmljcy4gSW4gcGFydGljdWxhciwg
aXQncyBub3QgY2xlYXIgdG8gbWUgaG93IGFuIG9wZXJhdG9yIHdvdWxkIGRpc3Rpbmd1aXNoIGJl
dHdlZW4gYWN0dWFsIG9wZXJhdGlvbmFsIHByb2JsZW1zIGNhdXNpbmcgbG9zcyBvciBkZWxheSBm
cm9tIGFuIGF0dGFja2VyIHRoYXQncyBtb2RpZnlpbmcgbWFya2luZyBmbGFncyB0byBnaXZlIHRo
ZSBhcHBlYXJhbmNlIG9mIGxvc3Mgb3IgZGVsYXkuIEluIHVudHJ1c3RlZCBkb21haW5zLCBob3cg
YXJlIHRoZXNlIG1hcmtpbmdzIGV4cGVjdGVkIHRvIGJlIHVzZWQgcmVsaWFibHk/IChJIGd1ZXNz
IEkganVzdCBkb24ndCB1bmRlcnN0YW5kIHRoZSB0aHJlYXQgbW9kZWwgd2VsbCBlbm91Z2gsIGFu
ZCBJIGNvdWxkbid0IGdsZWFuIGl0IGZyb20gdGhlIHNlY3VyaXR5IGNvbnNpZGVyYXRpb25zLikN
Cg0KW0dGXTogVGhlIEFsdGVybmF0ZS1NYXJraW5nIG1ldGhvZG9sb2d5LCBkZXNjcmliZWQgaW4g
UkZDIDgzMjEgYW5kIFJGQyA4ODg5LCBpcyBkaWZmZXJlbnQgZnJvbSBFQ04uIEl0IGlzIGFuIG9u
LXBhdGggdGVsZW1ldHJ5IHRlY2huaXF1ZSBhbmQgcGVybWl0cyB2ZXJ5IGRldGFpbGVkIHBhY2tl
dCBsb3NzLCBkZWxheSBhbmQgZGVsYXkgdmFyaWF0aW9uIG1lYXN1cmVtZW50cyBib3RoIGhvcC1i
eS1ob3AgYW5kIGVuZC10by1lbmQuIFNvIHlvdSBjYW4gZ2V0IG11Y2ggbW9yZSBpbmZvcm1hdGlv
biB0aGFuIHRoZSBlbmQtdG8tZW5kIG5vdGlmaWNhdGlvbiBvZiBuZXR3b3JrIGNvbmdlc3Rpb24u
IFRoZSB0ZWNobmlxdWUgY29uc2lzdHMgaW4gc3luY2hyb25pemluZyB0aGUgbWVhc3VyZW1lbnRz
IGluIGRpZmZlcmVudCBwb2ludHMgb2YgYSBuZXR3b3JrIGJ5IHN3aXRjaGluZyB0aGUgdmFsdWUg
b2YgYSBtYXJraW5nIGJpdCBhbmQgdGhlcmVmb3JlIGRpdmlkZSB0aGUgcGFja2V0IGZsb3cgaW50
byBiYXRjaGVzLiBFYWNoIGJhdGNoIHJlcHJlc2VudHMgYSBtZWFzdXJhYmxlIGVudGl0eSB1bmFt
YmlndW91c2x5IHJlY29nbml6YWJsZSBieSBhbGwgbmV0d29yayBub2RlcyBhbG9uZyB0aGUgcGF0
aC4gQnkgY291bnRpbmcgdGhlIG51bWJlciBvZiBwYWNrZXRzIGluIGVhY2ggYmF0Y2ggYW5kIGNv
bXBhcmluZyB0aGUgdmFsdWVzIG1lYXN1cmVkIGJ5IGRpZmZlcmVudCBub2RlcywgaXQgaXMgcG9z
c2libGUgdG8gbWVhc3VyZSBwcmVjaXNlIGxvc3MuIEluIGEgc2ltaWxhciB3YXkgdGhlIGFsdGVy
bmF0aW9uIG9mIHRoZSB2YWx1ZXMgb2YgdGhlIG1hcmtpbmcgYml0cyBjYW4gYmUgdXNlZCBhcyBh
IHRpbWUgcmVmZXJlbmNlIHRvIGNhbGN1bGF0ZSB0aGUgZGVsYXkgYW5kIGRlbGF5IHZhcmlhdGlv
bi4gVGhlIHZhbHVlIGZvciBvcGVyYXRvciBpcyB0aGUgcG9zc2liaWxpdHkgdG8gZXhhY3RseSBs
b2NhdGUgdGhlIGlzc3VlcyBpbiB0aGUgbmV0d29yay4gUmVnYXJkaW5nIHRoZSB0aHJlYXQgbW9k
ZWwsIHRoZSBwb3NzaWJpbGl0eSBvZiBhbiBhdHRhY2sgYnkgbW9kaWZ5aW5nIHRoZSBmbGFncyB0
byBnaXZlIHRoZSBhcHBlYXJhbmNlIG9mIGxvc3Mgb3IgZGVsYXksIGlzIGEgY29tbW9uIGlzc3Vl
IGZvciBhbGwgdGhlIG9uLXBhdGggdGVsZW1ldHJ5IHRlY2huaXF1ZSAoZS5nLiBJbi1zaXR1IE9B
TSkuIFRoZSBvbmx5IGRlZmluaXRpdmUgc29sdXRpb24gaXMgdGhhdCB0aGlzIG1ldGhvZG9sb2d5
IE1VU1QgYmUgYXBwbGllZCBpbiBhIGNvbnRyb2xsZWQgZG9tYWluIGFzIGFsc28gbWVudGlvbmVk
IGluIFJGQyA4Nzk5LiBBbHNvIHRoZSBhcHBsaWNhdGlvbiB0byB1bnRydXN0ZWQgZG9tYWluIGlz
IE5PVCBSRUNPTU1FTkRFRC4gV2Ugd2lsbCBoaWdobGlnaHQgdGhpcyBzdHJvbmcgcmVxdWlyZW1l
bnQgaW4gdGhlIG5leHQgdmVyc2lvbi4NCg0KU3BlY2lmaWMgY29tbWVudHM6DQoNClNlY3Rpb24g
Mi4NCg0KICAgICAgICBvICBJbiBjYXNlIG9mIEhvcC1ieS1Ib3AgT3B0aW9uIEhlYWRlciBjYXJy
eWluZyBBbHRlcm5hdGUgTWFya2luZw0KICAgICAgICBiaXRzLCBpdCBpcyBub3QgaW5zZXJ0ZWQg
b3IgZGVsZXRlZCwgYnV0IGNhbiBiZSByZWFkIGJ5IGFueSBub2RlDQogICAgICAgIGFsb25nIHRo
ZSBwYXRoLiAgVGhlIGludGVybWVkaWF0ZSBub2RlcyBtYXkgYmUgY29uZmlndXJlZCB0bw0KICAg
ICAgICBzdXBwb3J0IHRoaXMgT3B0aW9uIG9yIG5vdCBhbmQgdGhlIG1lYXN1cmVtZW50IGNhbiBi
ZSBkb25lIG9ubHkNCiAgICAgICAgZm9yIHRoZSBub2RlcyBjb25maWd1cmVkIHRvIHJlYWQgdGhl
IE9wdGlvbi4gIEFueXdheSB0aGlzIHNob3VsZA0KICAgICAgICBub3QgYWZmZWN0IHRoZSB0cmFm
ZmljIHRocm91Z2hwdXQgb24gbm9kZXMgdGhhdCBkbyBub3QgcmVjb2duaXplDQogICAgICAgIHRo
ZSBPcHRpb24sIGFzIGZ1cnRoZXIgZGlzY3Vzc2VkIGluIFNlY3Rpb24gNC4NCg0KQSBjb3VwbGUg
cXVlc3Rpb25zIGNvbWUgdG8gbWluZCB3aGVuIHJlYWRpbmcgdGhpcy4gSW4gbm8gcGFydGljdWxh
ciBvcmRlcjoNCg0KLSBXaGF0IHN0b3BzIGEgaG9wIGFsb25nIHRoZSBwYXRoIGZyb20gaW5zZXJ0
aW5nIG9yIGRlbGV0aW5nIHRoZXNlIG1hcmtpbmdzPw0KV2hhdCBpcyBhZmZlY3RlZCBpZiB0aGF0
IGhhcHBlbnM/DQoNCltHRl06IFRoZSBzb3VyY2Ugbm9kZSBpcyB0aGUgb25seSBvbmUgdGhhdCB3
cml0ZXMgdGhlIE9wdGlvbiBIZWFkZXIgdG8gbWFyayBhbHRlcm5hdGVseSB0aGUgZmxvdyAoZm9y
IGJvdGggSG9wLWJ5LUhvcCBhbmQgRGVzdGluYXRpb24gT3B0aW9uKS4gVGhlIGludGVybWVkaWF0
ZSBub2RlcyBhbmQgZGVzdGluYXRpb24gbm9kZSBtdXN0IG9ubHkgcmVhZCB0aGUgbWFya2luZyB2
YWx1ZXMgb2YgdGhlIG9wdGlvbiB3aXRob3V0IG1vZGlmeWluZyB0aGUgT3B0aW9uIEhlYWRlci4g
T2YgY291cnNlLCBhbiBhdHRhY2tlciBjYW4gbW9kaWZ5LCBpbnNlcnQgb3IgZGVsZXRlIHRoZXNl
IG1hcmtpbmdzLCBhbmQgaWYgdGhhdCBoYXBwZW5zIGl0IGFmZmVjdHMgdGhlIHJlc3VsdHMgb2Yg
dGhlIG1lYXN1cmVtZW50cywgY2F1c2luZywgZm9yIGV4YW1wbGUsIGFuIGludGVydmVudGlvbiB3
aGVyZSBpdCBpcyBub3QgbmVjZXNzYXJ5IG9yIHZpY2UgdmVyc2EuIEluIG15IG9waW5pb24gaWYg
YW4gYXR0YWNrZXIgY2FuIG1vZGlmeSB0aGUgcGFja2V0IGl0IG1heSBoYXZlIGFkZGl0aW9uYWwg
bWFsaWNpb3VzIHB1cnBvc2UgbW9yZSBoYXJtZnVsIHRoYW4gYWZmZWN0aW5nIG9ubHkgdGhlIHBl
cmZvcm1hbmNlIHJlc3VsdHMuIEluIGFueSBjYXNlIHRoZSByZXF1aXJlbWVudCBvZiB0aGUgY29u
dHJvbGxlZCBkb21haW4gbWl0aWdhdGVzIHRoaXMga2luZCBvZiBhdHRhY2suIEkgd2lsbCBpbmNs
dWRlIG1vcmUgZGV0YWlscyBvbiB0aGlzIGluIHRoZSBuZXh0IHZlcnNpb24uDQoNCi0gRG9lcyBp
dCBhZmZlY3QgdGhyb3VnaHB1dCBvbiBub2RlcyB0aGF0IF9kb18gcmVjb2duaXplIHRoZSBvcHRp
b24/DQoNCltHRl06IEluIHRoZW9yeSwgaXQgc2hvdWxkIG5vdCBhZmZlY3QgdGhlIHRocm91Z2hw
dXQuIEJ1dCwgb2YgY291cnNlLCB0aGVyZSBpcyBhIGRpZmZlcmVuY2UgYmV0d2VlbiB0aGUgdGhl
b3J5IGFuZCB0aGUgaW1wbGVtZW50YXRpb24gYW5kLCBpbiB0aGUgZHJhZnQsIHdlIGFsc28gaGln
aGxpZ2h0ZWQgdGhhdCBpdCBjYW4gaGFwcGVuIHRoYXQgcGFja2V0cyB3aXRoIEhvcC1ieS1Ib3Ag
YXJlIGZvcmNlZCBvbnRvIHRoZSBzbG93IHBhdGguIEFueXdheSB0aGlzIGlzIGEgZ2VuZXJhbCBp
c3N1ZSBhbmQgaW4gVjZPUFMgYW5kIDZNQU4gdGhlcmUgYXJlIGRyYWZ0cyB0cnlpbmcgdG8gYWRk
cmVzcyB0aGlzIHByb2JsZW0gKGUuZy4gZHJhZnQtcGVuZy12Nm9wcy1oYmgsIGRyYWZ0LWhpbmRl
bi02bWFuLWhiaC1wcm9jZXNzaW5nLC4uLikNCg0KV2hpbGUgdGhlIHRocmVhdCBtb2RlbCAobW9u
aXRvcmluZyB3aXRoaW4gYSBjb250cm9sbGVkIGRvbWFpbikgc2VlbXMgdG8gcnVsZSBvdXQgdGhl
c2UgaXNzdWVzLCB0aGUgaW1wbGljYXRpb25zIG9mIGFsdGVyYXRpb25zLCBldmVuIGlmIGFjY2lk
ZW50YWwsIHNlZW0gd29ydGggZWxhYm9yYXRpbmcgdXBvbi4NCg0KW0dGXTogQWdyZWUsIHdlIGNh
biBhZGQgbW9yZSBjb25zaWRlcmF0aW9uIG9uIHRoYXQgaW4gdGhlIFNlY3VyaXR5IHBhcnQuDQoN
CiAgICAgICAgRmxvdyBMYWJlbCBhbmQNCiAgICAgICAgRmxvd01vbklEIHdpdGhpbiB0aGUgc2Ft
ZSBwYWNrZXQgaGF2ZSBkaWZmZXJlbnQgc2NvcGUsIGlkZW50aWZ5DQogICAgICAgIGRpZmZlcmVu
dCBmbG93cywgYW5kIGFyZSBpbnRlbmRlZCBmb3IgZGlmZmVyZW50IHVzZSBjYXNlcy4NCg0KSXMg
dGhlIHNldCBvZiBwYWNrZXRzIGRlZmluZWQgYnkgYSBGbG93TW9uSUQgYSBzdWJzZXQgb2YgdGhv
c2UgZGVmaW5lZCBieSBhIEZsb3cgTGFiZWwsIGRvIHRoZXkgaGF2ZSBzb21lIG92ZXJsYXAsIG9y
IGFyZSB0aGV5IGNvbXBsZXRlbHkgZGlzam9pbnQ/DQooV3JpdGluZyBvdXQgdGhlIHJlbGF0aW9u
c2hpcCBpbiBtb3JlIGRldGFpbCBtaWdodCBoZWxwIGNsYXJpZnkgd2h5IGEgbmV3IGxhYmVsIGlz
IGluZGVlZCBuZWVkZWQgZm9yIG5vbi1leHBlcnRzLikgSXQgc2VlbXMgbGlrZSBhIHNoYW1lIHRv
IHJlZGVmaW5lIHlldCBhbm90aGVyIGZsb3cgZmllbGQuDQoNCltHRl06IFllcywgRmxvdyBMYWJl
bCBhbmQgRmxvd01vbklEIGFyZSB0b3RhbGx5IGRpc2pvaW50LiBJbmRlZWQgdGhlIEZsb3dNb25J
RCBhbHNvIGVuYWJsZXMgYSBmaW5lciBncmFudWxhcml0eSBmb3IgdGhlIGZsb3cgZGVmaW5pdGlv
biwgd2hpbGUgRmxvdyBMYWJlbCBpcyB1c2VkIGZvciBFQ01QLiBXZSBjYW4gZXhwbGFpbiBieSBh
ZGRpbmcgc29tZSBleGFtcGxlcy4gDQoNCkFzIGEgbml0LCBnaXZlbiB0aGUgcmVsYXRpb24gdG8g
YW5kIHBvc3NpYmxlIGNvbmZ1c2lvbiB3aXRoIEZsb3cgTGFiZWwsIHBlcmhhcHMgd2UgY291bGQg
cmVuYW1lIEZsb3dNb25JRCB0byBzb21ldGhpbmcgVHJhY2VJRD8NCg0KW0dGXTogR29vZCBwb2lu
dC4gVGhpcyBjYW4gYmUgc29tZXRoaW5nIHRvIGNvbnNpZGVyLg0KDQogICAgICAgIFNvLCBmb3Ig
dGhlIHB1cnBvc2VzIG9mDQogICAgICAgIHRoaXMgZG9jdW1lbnQsIGJvdGggSVAgYWRkcmVzc2Vz
IGFuZCBGbG93IExhYmVsIHNob3VsZCBub3QgY2hhbmdlIGluDQogICAgICAgIGZsaWdodCBhbmQs
IGluIHNvbWUgY2FzZXMsIHRoZXkgY291bGQgYmUgY29uc2lkZXJlZCB0b2dldGhlciB3aXRoIHRo
ZQ0KICAgICAgICBGbG93TW9uSUQgZm9yIGRpc2FtYmlndWF0aW9uLg0KDQpUaGUgcmVzdHJpY3Rp
b25zIG9mIGEgY29udHJvbGxlZCBkb21haW4sIHdoZXJlaW4gdGhlcmUgaXMgYXNzdW1lZCB0byBi
ZSBubyBhdHRhY2tlciB0aGF0IGNhbiBtb2RpZnkgdGhlc2UgZmllbGRzLCBpcyBwcm9iYWJseSB3
b3J0aCBub3RpbmcgaGVyZS4gSXQncyBpbiBTZWN0aW9uIDIuMSBhbmQgdGhlIHNlY3VyaXR5IGNv
bnNpZGVyYXRpb25zLCBpbiB0aGUgImhhcm0gdG8gbWVhc3VyZW1lbnRzIg0Kc2VjdGlvbiwgYnV0
IHRoYXQgaXMgc29tZXdoYXQgYnVyaWVkIGF0IHRoaXMgcG9pbnQgaW4gdGhlIGRvY3VtZW50LCB0
aG91Z2ggcGVyaGFwcyB3b3J0aCBwcm9tb3RpbmcgdG8gc29tZSBwb2ludCBlYXJsaWVyIGluIHRo
ZSBkb2N1bWVudC4NCg0KW0dGXTogQWdyZWUsIHdlIGNhbiBtYWtlIHRoZSByZXF1aXJlbWVudCBv
ZiB0aGUgY29udHJvbGxlZCBkb21haW4gY2xlYXJlciBpbiB0aGUgZG9jdW1lbnQgYW5kIGl0IG1h
a2VzIHNlbnNlIHRvIG1lbnRpb24gZWFybGllciBhcyB3ZWxsLg0KDQpTZWN0aW9uIDIuMS4NCg0K
VGhpcyBzaG91bGQgcHJvYmFibHkgcG9pbnQgdG8gdGhlIHNlY3VyaXR5IGNvbnNpZGVyYXRpb25z
IGZvciBtb3JlIGluZm9ybWF0aW9uIGFib3V0IGNvbnRyb2xsZWQgZG9tYWlucy4NCg0KW0dGXTog
U3VyZS4gV2lsbCBkby4NCg0KU2VjdGlvbiAzLjEuDQoNCiAgIG8gIE9wdCBEYXRhIExlbjogVGhl
IGxlbmd0aCBvZiB0aGUgT3B0aW9uIERhdGEgRmllbGRzIG9mIHRoaXMgT3B0aW9uDQogICAgICBp
biBieXRlcy4NCg0KQXJlIHRoZXJlIHJlcXVpcmVtZW50cyBmb3IgaG93IGxvbmcgdGhlIHJlc2Vy
dmVkIGZpZWxkIGluIHRoZSBvcHRpb24gZGF0YSBpcyBzdXBwb3NlZCB0byBiZT8gSXQgc2VlbXMg
dGhhdCB0aGlzIGZpZWxkIG11c3QgY29uc2lzdCBvZiBhbGwgemVyb2VzLCBidXQgdGhhdCBpdCBj
YW4gYmUgdXAgdG8gMjU1IGJ5dGVzIGxvbmcuIEdpdmVuIHRoYXQgdGhlIGRhdGEgY29uc2lzdHMg
b2YgYSBGbG93TW9uSUQgKDIwDQpiaXRzKSBhbmQgdHdvIGZsYWdzICgyIGJpdHMpLCB3b3VsZCBp
dCBiZSB1c2VmdWwgdG8gcmVjb21tZW5kIChvciByZXF1aXJlKSBhIHNpemUgZm9yIHRoaXM/DQoN
CltHRl06IEl0IG1ha2VzIHNlbnNlLiBXZSBjYW4gYXNzaWduIHRoZSB2YWx1ZSBiYXNlZCBvbiB0
aGUgZGVzaWduIG9mIHRoZSBPcHRpb24uDQoNClNlY3Rpb24gNS4NCg0KICAgSXQgaXMgaW1wb3J0
YW50IHRvIGhpZ2hsaWdodCB0aGF0IHRoZSBkZWZpbml0aW9uIG9mIHRoZSBIb3AtYnktSG9wDQog
ICBPcHRpb25zIGluIHRoaXMgZG9jdW1lbnQgU0hPVUxEIE5PVCBhZmZlY3QgdGhlIHRocm91Z2hw
dXQgb24gbm9kZXMNCiAgIHRoYXQgZG8gbm90IHJlY29nbml6ZSB0aGUgT3B0aW9uLg0KDQpUaGlz
IGlzIGFuIGludGVyZXN0aW5nIHJlcXVpcmVtZW50LiBTdXJlbHkgYSBub2RlIHRoYXQgcHJvY2Vz
c2VzIHRoZSBvcHRpb24gZG9lcyBtb3JlIHdvcmsgYmVmb3JlIGZvcndhcmRpbmcgYSBwYWNrZXQs
IHdoaWNoIHNlZW1zIGxpa2UgaXQgd291bGQgYWZmZWN0IHRocm91Z2hwdXQsIGV2ZW4gaWYgdGhh
dCBpbXBhY3QgaXMgbmVnbGlnaWJsZS4gUGVyaGFwcyAiU0hPVUxEIE5PVCBhZmZlY3QgdGhlIHRo
cm91Z2hwdXQiIGNvdWxkIGJlIHJlcGhyYXNlZCBhcyAiaXMgZGVzaWduZWQgdG8gbWluaW1pemUg
dGhyb3VnaHB1dCBpbXBhY3Qgb24gbm9kZXMgdGhhdCBkbyBub3Qgc3VwcG9ydCB0aGUgb3B0aW9u
Ij8NCg0KW0dGXTogWWVzLCB0aGFua3MgZm9yIHRoZSBzdWdnZXN0aW9uLiBJIHdpbGwgcmVwbGFj
ZSB0aGF0IHNlbnRlbmNlLg0KDQpTZWN0aW9uIDUuMS4NCg0KICAgVGhlIG1lYXN1cmVtZW50IG9m
IHRoZSBwYWNrZXQgbG9zcyBpcyByZWFsbHkgc3RyYWlnaHRmb3J3YXJkLiAgVGhlDQogICBwYWNr
ZXRzIG9mIHRoZSBmbG93IGFyZSBncm91cGVkIGludG8gYmF0Y2hlcywgYW5kIGFsbCB0aGUgcGFj
a2V0cw0KICAgd2l0aGluIGEgYmF0Y2ggYXJlIG1hcmtlZCBieSBzZXR0aW5nIHRoZSBMIGJpdCAo
TG9zcyBmbGFnKSB0byBhIHNhbWUNCiAgIHZhbHVlLg0KDQpEb2VzIHRoaXMgcmVxdWlyZSBub2Rl
cyB0byBiYXRjaCBwYWNrZXRzIGluIG1lbW9yeSBiZWZvcmUgZm9yd2FyZGluZz8gKEFzIHdyaXR0
ZW4sIHRoYXQgc2VlbXMgdG8gYmUgdGhlIGNhc2UsIHdoaWNoIHNlZW1zIG9kZC4pDQoNCltHRl06
IE5vLCBhcyBzYWlkLCB0aGUgc291cmNlIG5vZGUgaXMgdGhlIG9ubHkgb25lIHRoYXQgbWFya3Mg
dGhlIHBhY2tldHMgdG8gY3JlYXRlIHRoZSBiYXRjaGVzLiBUaGUgaW50ZXJtZWRpYXRlIG5vZGVz
IG9ubHkgcmVhZCB0aGUgbWFya2luZyB2YWx1ZXMuIEkgd2lsbCBtb2RpZnkgdGhpcyBzZW50ZW5j
ZSB0byBhdm9pZCBjb25mdXNpb24uDQoNCiAgICAgICAgVGhlIHNvdXJjZSBub2RlIGNhbiBzd2l0
Y2ggdGhlIHZhbHVlIG9mIHRoZSBMIGJpdCBiZXR3ZWVuIDANCiAgICAgICAgYW5kIDEgYWZ0ZXIg
YSBmaXhlZCBudW1iZXIgb2YgcGFja2V0cyBvciBhY2NvcmRpbmcgdG8gYSBmaXhlZCB0aW1lciwN
CiAgICAgICAgYW5kIHRoaXMgZGVwZW5kcyBvbiB0aGUgaW1wbGVtZW50YXRpb24uDQoNClVzaW5n
IGEgdGltZXIgZm9yIHRoaXMgc2VlbXMgbGlrZSBhIHZlcnkgZXJyb3Igb3Igbm9pc3kgaW1wbGVt
ZW50YXRpb24gYXBwcm9hY2guIEJleW9uZCBoYXZpbmcgdGlnaHRseSBzeW5jaHJvbml6ZWQgY2xv
Y2tzLCB3aGljaCBpcyBhbHJlYWR5IGEgY2hhbGxlbmdpbmcgcmVxdWlyZW1lbnQsIGlzIHRoZSBp
ZGVhIHRoYXQgdXNpbmcgYSBjb3VudGVyIGlzIHNvbWVob3cgbW9yZSBjb21wbGV4IHRoYW4gYSB0
aW1lcj8gKElmIHRoZXJlJ3Mgbm8gYmVuZWZpdCB0byB1c2luZyBhIHRpbWVyLCBhbmQgaXQgb25s
eSBpbnRyb2R1Y2VzIG9wZXJhdGlvbmFsIGNoYWxsZW5nZXMsIEknZCByZWNvbW1lbmQganVzdCBy
ZW1vdmluZyB0aGUgc3VnZ2VzdGlvbiBhbHRvZ2V0aGVyLCBidXQgSSBtYXkgYmUgbWlzc2luZyBz
b21ldGhpbmcuKQ0KDQpbR0ZdOiBCb3RoIGNhbiBiZSB1c2VkLiBBcyBleHBsYWluZWQgaW4gUkZD
IDgzMjEsIHVzaW5nIGEgZml4ZWQgdGltZXIgZm9yIHRoZSBzd2l0Y2hpbmcgb2ZmZXJzIGJldHRl
ciBjb250cm9sIG92ZXIgdGhlIG1ldGhvZCwgaW5kZWVkIHRoZSBsZW5ndGggb2YgdGhlIGJhdGNo
ZXMgY2FuIGJlIGNob3NlbiBsYXJnZSBlbm91Z2ggdG8gc2ltcGxpZnkgdGhlIGNvbGxlY3Rpb24g
YW5kIHRoZSBjb21wYXJpc29uIG9mIHRoZSBtZWFzdXJlcyB0YWtlbiBieSBkaWZmZXJlbnQgbmV0
d29yayBub2Rlcy4gSW4gc2VjdGlvbiAzLjIgb2YgUkZDIDgzMjEsIGl0IGlzIGFsc28gaGlnaGxp
Z2h0ZWQgdGhhdCB5b3UgZG8gbm90IG5lY2Vzc2FyaWx5IG5lZWQgdGlnaHRseSBzeW5jaHJvbml6
ZWQgY2xvY2tzIHRvIGFwcGx5IHRoZSBtZXRob2RvbG9neS4NCg0KICAgICAgICBJbiBhIGZldyB3
b3JkcyB0aGlzDQogICAgICAgIGltcGxpZXMgdGhhdCB0aGUgbGVuZ3RoIG9mIHRoZSBiYXRjaGVz
IE1VU1QgYmUgY2hvc2VuIGxhcmdlIGVub3VnaCBzbw0KICAgICAgICB0aGF0IHRoZSBtZXRob2Qg
aXMgbm90IGFmZmVjdGVkIGJ5IHRob3NlIGZhY3RvcnMuDQoNClRoZXJlIGRvZXMgbm90IHNlZW0g
dG8gYmUgZW5vdWdoIGd1aWRhbmNlIGhlcmUgdG8gZW5mb3JjZSB0aGlzIE1VU1QsIGVzcGVjaWFs
bHkgZ2l2ZW4gdGhlIGRpZmZlcmVudCBmYWN0b3JzIHRoYXQgYWZmZWN0IGJhdGNoIHNpemUuIFdo
YXQgaGFwcGVucyBpZiB0aGlzIE1VU1QgaXMgdmlvbGF0ZWQ/IChQZXJoYXBzIGRvd25ncmFkaW5n
IHRvIGEgU0hPVUxEIHdvdWxkIGJlIGJldHRlci4pDQoNCltHRl06IEFncmVlLiBJIHdpbGwgYWxz
byBhZGQgYSBwb2ludGVyIHRvIHNlY3Rpb24gMy4yIG9mIFJGQyA4MzIxLCB3aGVyZSBpdCBpcyBw
b3NzaWJsZSB0byBmaW5kIHRoZSBtYXRoZW1hdGljYWwgZm9ybXVsYXRpb24gZm9yIHRoaXMuIA0K
DQpTZWN0aW9uIDUuMi4NCg0KSG93IGRvIG5vZGVzIGtub3cgaWYgdGhleSBzaG91bGQgbWVhc3Vy
ZSBkZWxheSB1c2luZyB0aGUgc2luZ2xlLSBvciBkb3VibGUtbWFya2luZyBtZXRob2RvbG9neT8g
SXMgdGhhdCBkZXRlcm1pbmVzIGJ5IHNvbWUgcGVyLWRvbWFpbiBwb2xpY3k/DQoNCltHRl06IFll
cywgd2UgYXJlIHdvcmtpbmcgb24gY29tcGFuaW9uIGRvY3VtZW50cyBvbiB0aGUgY29udHJvbCBw
bGFuZSBtZWNoYW5pc21zLCBlLmcuIGRyYWZ0LWlldGYtaWRyLXNyLXBvbGljeS1pZml0LCBkcmFm
dC1jaGVuLXBjZS1wY2VwLWlmaXQuDQoNCiAgICAgICAgVGhlIG1vc3QgZWZmaWNpZW50IGFuZCBy
b2J1c3QgbW9kZQ0KICAgICAgICBpcyB0byBzZWxlY3QgYSBzaW5nbGUgZG91YmxlLW1hcmtlZCBw
YWNrZXQgZm9yIGVhY2ggYmF0Y2gsIGluDQogICAgICAgIHRoaXMgd2F5IHRoZXJlIGlzIG5vIHRp
bWUgZ2FwIHRvIGNvbnNpZGVyIGJldHdlZW4gdGhlIGRvdWJsZS0NCiAgICAgICAgbWFya2VkIHBh
Y2tldHMgdG8gYXZvaWQgdGhlaXIgcmVvcmRlci4NCg0KSSdtIGhhdmluZyBhIGhhcmQgdGltZSB1
bmRlcnN0YW5kaW5nIHRoaXMgZ3VpZGFuY2UuIEhvdyBleGFjdGx5IGRvZXMgb25lIHNlbGVjdCBh
IHNpbmdsZSBwYWNrZXQ/IElzIGl0IGRvbmUgYXQgcmFuZG9tLCBvciBpcyB0aGVyZSBhbm90aGVy
IHdheT8gKFRoZSBmaWd1cmVzIHNlZW0gdG8gc3VnZ2VzdCB0aGF0IHRoZSBwYWNrZXQgaXMgcGlj
a2VkIGZyb20gdGhlICJtaWRkbGUiIG9mIGEgYmF0Y2guKQ0KDQpbR0ZdOiBZZXMgaXQgaXMgdXN1
YWxseSBpbiB0aGUgbWlkZGxlIG9mIGEgYmF0Y2guIEluIHNlY3Rpb24gMy4yIG9mIFJGQyA4MzIx
IGl0IGlzIGNhbGxlZCAiYXZhaWxhYmxlIGNvdW50aW5nIGludGVydmFsIiBvZiBhIGJhdGNoLiBJ
IHRoaW5rIHdlIGNhbiBhZGQgbW9yZSBkZXRhaWxzIGluIHRoZSBuZXh0IHZlcnNpb24uDQoNClNl
Y3Rpb24gNS4zLg0KDQogICBUaGUgRmxvd01vbiBpZGVudGlmaWVyIGZpZWxkIGlzIHRvIHVuaXF1
ZWx5IGlkZW50aWZ5IGEgbW9uaXRvcmVkIGZsb3cNCiAgIHdpdGhpbiB0aGUgbWVhc3VyZW1lbnQg
ZG9tYWluLiAgVGhlIGZpZWxkIGlzIHNldCBhdCB0aGUgc291cmNlIG5vZGUuDQogICBUaGUgRmxv
d01vbklEIGNhbiBiZSB1bmlmb3JtbHkgYXNzaWduZWQgYnkgdGhlIGNlbnRyYWwgY29udHJvbGxl
ciBvcg0KICAgYWxnb3JpdGhtaWNhbGx5IGdlbmVyYXRlZCBieSB0aGUgc291cmNlIG5vZGUuICBU
aGUgbGF0dGVyIGFwcHJvYWNoDQogICBjYW5ub3QgZ3VhcmFudGVlIHRoZSB1bmlxdWVuZXNzIG9m
IEZsb3dNb25JRCBidXQgaXQgbWF5IGJlIHByZWZlcnJlZA0KICAgZm9yIGxvY2FsIG9yIHByaXZh
dGUgbmV0d29yaywgd2hlcmUgdGhlIGNvbmZsaWN0IHByb2JhYmlsaXR5IGlzIHNtYWxsDQogICBk
dWUgdG8gdGhlIGxhcmdlIEZsb3dNb25JRCBzcGFjZS4NCg0KV2hhdCBoYXBwZW5zIHdoZW4gYWxs
IHZhbHVlcyBpbiB0aGUgRmxvd01vbklEIHNwYWNlIGFyZSBjb25zdW1lZD8gQXJlIG9sZCBmbG93
cyBkaXNjYXJkZWQgb3Igb3ZlcndyaXR0ZW4/IEkgd291bGQgaW1hZ2luZSB0aGVyZSdzIHNvbWUg
d2F5IElEcyBhcmUgcmVjeWNsZWQgZ2l2ZW4gdGhlIGZpbml0ZSAyXjIwIHNwYWNlLCBidXQgdGhh
dCdzIG5vdCBkaXNjdXNzZWQuDQoNCltHRl06IEFncmVlLCB0aGlzIGlzIGEgY29uc2lkZXJhdGlv
biB3ZSBjYW4gYWRkLiBBIGNlbnRyYWxpemVkIGNvbnRyb2xsZXIgY2FuIGtlZXAgdHJhY2sgb2Yg
dGhlc2UsIHdoaWxlIGlmIHRoZXkgYXJlIHBzZXVkbyByYW5kb21seSBnZW5lcmF0ZWQgYnkgdGhl
IHNvdXJjZSBpdCBpcyBoYXJkZXIuIEFueXdheSwgd2UgY2FuIGFkZCBtb3JlIGNvbnNpZGVyYXRp
b25zLg0KDQpTZWN0aW9uIDUuMy4xLg0KDQpUaGlzIHNlZW1zIGxpa2UgdGV4dCB0aGF0IHNob3Vs
ZCBiZSBtb3ZlZCB0byB0aGUgc2VjdXJpdHkgY29uc2lkZXJhdGlvbnMuIEluIGRvaW5nIHNvLCBp
dCBjYW4gYWxzbyBiZSB0cmltbWVkLiAoSSB3b3VsZCBjbGFpbSB0aGF0IHRoZSAzMi1iaXQgRmxv
d01vbklEIGV4YW1wbGUgaXMgaXJyZWxldmFudCBnaXZlbiB0aGF0IHRoZXNlIGxhYmVscyBhcmUg
MjAgYml0cyBsb25nLCBmb3IgZXhhbXBsZS4pDQoNCltHRl06IFllcywgaXQgY2FuIG1ha2Ugc2Vu
c2UuIE9mIGNvdXJzZSBJIHdpbGwgcmVtb3ZlIHRoZSBzdGF0ZW1lbnQgYWJvdXQgdGhlIDMyLWJp
dCBGbG93TW9uSUQuDQoNClNlY3Rpb24gNi4NCg0KICAgICAgICBNb3Jlb3ZlciwgQWx0ZXJuYXRl
IE1hcmtpbmcgc2hvdWxkIHVzdWFsbHkgYmUgYXBwbGllZCBpbg0KICAgICAgICBhIGNvbnRyb2xs
ZWQgZG9tYWluIGFuZCB0aGlzIGFsc28gaGVscHMgdG8gbGltaXQgdGhlIHByb2JsZW0uDQoNCkRv
ZXMgdGhpcyBtZWFuIHRvIHN1Z2dlc3QgdGhhdCBBbHRlcm5hdGUgTWFya2luZyBjYW4gYmUgdXNl
ZCBpbiBuZXR3b3JrcyB3aGVyZSBhdHRhY2tlcnMgZXhpc3Q/IElmIHNvLCBjb21tZW50cyBhYm92
ZSByZWdhcmRpbmcgdGhlIGludGVncml0eSBvZiB0aGVzZSBmaWVsZHMgc2hvdWxkIGJlIGFkZHJl
c3NlZCwgSSB0aGluay4NCg0KW0dGXTogV2Ugd2lsbCBkZWZpbml0ZWx5IHJldmlzZSB0aGUgc2Vj
dXJpdHkgc2VjdGlvbi4gVGhlIHByZWNvbmRpdGlvbiBmb3IgdGhlIGFwcGxpY2F0aW9uIG9mIHRo
ZSBBbHRlcm5hdGUgTWFya2luZyBpcyB0aGF0IGl0IE1VU1QgYmUgYXBwbGllZCBpbiBhIGNvbnRy
b2xsZWQgZG9tYWluLiANCg0KICAgVGhlIHByaXZhY3kgY29uY2VybnMgb2YgbmV0d29yayBtZWFz
dXJlbWVudCBhcmUgbGltaXRlZCBiZWNhdXNlIHRoZQ0KICAgbWV0aG9kIG9ubHkgcmVsaWVzIG9u
IGluZm9ybWF0aW9uIGNvbnRhaW5lZCBpbiB0aGUgT3B0aW9uIEhlYWRlcg0KICAgd2l0aG91dCBh
bnkgcmVsZWFzZSBvZiB1c2VyIGRhdGEuICBBbHRob3VnaCBpbmZvcm1hdGlvbiBpbiB0aGUgT3B0
aW9uDQogICBIZWFkZXIgaXMgbWV0YWRhdGEgdGhhdCBjYW4gYmUgdXNlZCB0byBjb21wcm9taXNl
IHRoZSBwcml2YWN5IG9mDQogICB1c2VycywgdGhlIGxpbWl0ZWQgbWFya2luZyB0ZWNobmlxdWUg
c2VlbXMgdW5saWtlbHkgdG8gc3Vic3RhbnRpYWxseQ0KICAgaW5jcmVhc2UgdGhlIGV4aXN0aW5n
IHByaXZhY3kgcmlza3MgZnJvbSBoZWFkZXIgb3IgZW5jYXBzdWxhdGlvbg0KICAgbWV0YWRhdGEu
DQoNClRoZSBRVUlDIHdvcmtpbmcgZ3JvdXAgc3BlbnQgYSBfbG9uZ18gdGltZSB0cnlpbmcgdG8g
dW5kZXJzdGFuZCB0aGUgcHJpdmFjeSBpbXBsaWNhdGlvbnMgb2YgYSBzaW5nbGUgbGF0ZW5jeSBi
aXQuIEknZCBlbmNvdXJhZ2UgdGhlIGF1dGhvcnMgaGVyZSB0byByZXZpZXcgdGhlIGhpc3Rvcnkg
b2YgdGhhdCBkaXNjdXNzaW9uLCBhbmQgdGhlbiByZXZpc2l0IHRoaXMgcGFyYWdyYXBoLiBXaGls
ZSBwcml2YWN5IGltcGxpY2F0aW9ucyBtYXkgbm90IHNlZW0gb2J2aW91cywgSSB0aGluayBpdCdz
IGEgbWlzdGFrZSB0byBzYXkgdGhhdCBpdCBpcyB1bmxpa2VseSB0byBpbnRyb2R1Y2UgYW55IG5l
dyBzb3J0IG9mIGF0dGFjayB2ZWN0b3IuDQoNCltHRl06IFN1cmUsIEkga25vdyB0aGUgZGlzY3Vz
c2lvbiBvbiB0aGUgUVVJQyBTcGluIEJpdCBzaW5jZSBJJ20gYWxzbyBhY3RpdmUgb24gdGhhdC4g
SSB3aWxsIHN1cmVseSBpbXByb3ZlIHRoaXMgcGFydCBhbmQgcmV2aXNlIHRoaXMgcGFyYWdyYXBo
LiBUaGUgc3Ryb25nIHJlcXVpcmVtZW50IG9mIHRoZSBjb250cm9sbGVkIGRvbWFpbiBhbHNvIGhl
bHBzIHRvIG1pdGlnYXRlIHRoZSBwcml2YWN5IGNvbmNlcm5zLiANCg0KICAgVGhlIEFsdGVybmF0
ZSBNYXJraW5nIGFwcGxpY2F0aW9uIGRlc2NyaWJlZCBpbiB0aGlzIGRvY3VtZW50IHJlbGllcw0K
ICAgb24gYW4gdGltZSBzeW5jaHJvbml6YXRpb24gcHJvdG9jb2wuICBUaHVzLCBieSBhdHRhY2tp
bmcgdGhlIHRpbWUNCiAgIHByb3RvY29sLCBhbiBhdHRhY2tlciBjYW4gcG90ZW50aWFsbHkgY29t
cHJvbWlzZSB0aGUgaW50ZWdyaXR5IG9mIHRoZQ0KICAgbWVhc3VyZW1lbnQuDQoNClRoaXMgc2Vl
bXMgc29tZXdoYXQgYnVyaWVkLCBhbmQgcHJvYmFibHkgd29ydGggcHJvbW90aW5nIHRvIHRoZSBp
bnRyb2R1Y3Rpb24uDQoNCltHRl06IE9rIHdpbGwgZG8uDQoNCkVkaXRvcmlhbCBjb21tZW50czoN
Cg0KLSBTb21lIGxhbmd1YWdlIGlzIGEgYml0IGluZm9ybWFsLCBlLmcuLCAiQW55d2F5LCAuLi4i
LiBJIHJlY29tbWVuZCByZW1vdmluZyBzdWNoIHBocmFzaW5ncyB0aHJvdWdob3V0Lg0KDQpbR0Zd
OiBPaw0KDQotICJBbHRlcm5hdGUgTWFya2luZyIgYW5kICJhbHRlcm5hdGUgbWFya2luZyIgYXJl
IGluY29uc2lzdGVudGx5IGNhcGl0YWxpemVkLg0KSXMgdGhhdCBpbnRlbnRpb25hbD8NCg0KW0dG
XTogT2suIFdlIHdpbGwgdXNlIGEgY29uc2lzdGVudCBub3RhdGlvbi4NCg0KLSBPQU0gaXMgdW5k
ZWZpbmVkIGluIFNlY3Rpb24gNCAtLSBwZXJoYXBzIHdlIGNhbiBzcGVsbCBpdCBvdXQ/IChJIGFz
c3VtZSBpdCdzIE9wZXJhdGlvbnMsIEFkbWluaXN0cmF0aW9uLCBhbmQgTWFpbnRlbmFuY2UuKQ0K
DQpbR0ZdOiBPayB3aWxsIGRvLg0KDQo=


From nobody Sun Jun 20 10:33:51 2021
Return-Path: <new-work-bounces@ietf.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 95A513A389C; Tue, 15 Jun 2021 11:11:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1623780672; bh=fanIKWK2giZ+g4h+U1bywkVDZsRpk6eegnbP/XAlooQ=; h=From:To:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:Cc; b=pDq33VuqKEr2RnFPVN4+SX3I+49ddsh8ON3F/UwMp9wOkf02YQEUsfLM6vHQDrYcF Rzdmqk4Fh9KU9xMg/B3rbmZeJwxeObw1kj2O91/M1N3FnpxHjeBkfUEZr5YGM2Nc3e qKaU3mbnCfuhdj/oWpJYtMXNAq37MaarTj2Btmc8=
X-Mailbox-Line: From new-work-bounces@ietf.org  Tue Jun 15 11:11:12 2021
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B10053A389D; Tue, 15 Jun 2021 11:11:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1623780671; bh=fanIKWK2giZ+g4h+U1bywkVDZsRpk6eegnbP/XAlooQ=; h=From:To:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:Cc; b=BmPLlcqjJpnq+ueBqvUQdMDuGmBUTbYLj0qK1UruVtG6okloPz1VQ8to6HWg5JhKT h4lQFqMntA8kJB2DiuZQVkE0WpOUNmB7L1OsH+JNn0bYxMBb9RXj7rpxtLW57KnHPJ ycZnL8hqGIXRYlU8GimBQLYHLoQ581BZ8JCV1hcw=
X-Original-To: new-work@ietfa.amsl.com
Delivered-To: new-work@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C3AD3A389D for <new-work@ietfa.amsl.com>; Tue, 15 Jun 2021 11:11:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level: 
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aijaUeWKLlOj for <new-work@ietfa.amsl.com>; Tue, 15 Jun 2021 11:11:03 -0700 (PDT)
Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 388A83A389C for <new-work@ietf.org>; Tue, 15 Jun 2021 11:11:03 -0700 (PDT)
Received: by mail-qt1-x832.google.com with SMTP id e3so12004770qte.0 for <new-work@ietf.org>; Tue, 15 Jun 2021 11:11:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=from:to:cc:subject:date:message-id:mime-version:thread-index :content-language; bh=zkN4pA3htRhyCJUqlquH0VWZrMAFlNfNoGEhkw5XbVo=; b=RF9YzT7ObId8qSMFoFjDaeMlNjR/ySwrj8JfH5y4rXbU8Yg7uLWqNz8iomxg3BtEcW 9UXk3Fr5ESyYxwqaKE1eEd/uukBTqN192mIWULfsmwru/lmLOM9M9JSH8ZUytnX9cSTf j46bRyaor5mC4Ev4F9Z5f2um6oA8Xib1/WBEmRc3ACXkq2/fKXubitH+keyXkSl1sqIp vCAuTp10xVfCxjWYV2uX1TkrXaXpjmokJcKROcnN7hAULI4BIZQHJvcBx5zq/mD/t07Q gkKH4cwHIfbqbhp2Xw+8KqxXXz8q2dqeJ6SCwNFmhCrWnzCxHfYCFOAALE+qhMeFZ7dK WZyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :thread-index:content-language; bh=zkN4pA3htRhyCJUqlquH0VWZrMAFlNfNoGEhkw5XbVo=; b=Ng6M25OBBjXDjrXO28N/StN+u236ZsdTL4wWiR91MT7zpgWSt7QLu1HHFTU2KQMcme rdJgXdf5ZrEOfFXzaS1P7aGOXQ5oa7w0a/UjKMuTjMswScYSrGlQpjd21dY50fOf6oA2 Bt5mkpYklz5oe4X+zvRGl0109jJ6AXUEkjlxckT+rTw7EYaKJ6GwloP3B8fO4bXzI/8q MhC1/Hwio+/EiQsCXfSqJ9zoYgGz/IN4CyxNL0rJl7YcLXy1YvFaygxAlxordzqTkfcg 2N48lZTgQFliwi1az4JGKM4CDkx20f1rzijy20ZZYogwCgX+i0T3yxGCsa1dOFa6v12c chDw==
X-Gm-Message-State: AOAM5302XwbC0fJuSy06KvGssKxvhVJXCJHHbS8DGFOqACs83CF+LdM0 nEFHKuMOVRBqFVHFBkjO2Bs=
X-Google-Smtp-Source: ABdhPJy+7i1g1RrF1KJqR6jq0wcm9vrpjCCZyJJy4e/9cb6wgX9JrAoe/e+YNTyPK9fZHuGFz8SbgQ==
X-Received: by 2002:ac8:684:: with SMTP id f4mr882307qth.79.1623780661916; Tue, 15 Jun 2021 11:11:01 -0700 (PDT)
Received: from DESKTOP6VF5FH7 (pool-96-249-149-147.hrbgpa.fios.verizon.net. [96.249.149.147]) by smtp.gmail.com with ESMTPSA id d23sm12207271qto.74.2021.06.15.11.11.01 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 15 Jun 2021 11:11:01 -0700 (PDT)
From: <jdambrosia@gmail.com>
To: <new-work@ietf.org>
Date: Tue, 15 Jun 2021 14:11:00 -0400
Message-ID: <15d201d76211$cc751430$655f3c90$@gmail.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AddiET5jlMsU2zYhTMqo9vwJyo3VkA==
Content-Language: en-us
Archived-At: <https://mailarchive.ietf.org/arch/msg/new-work/m8Fdlh8VvHk9NnXcYIHmlzGuSdQ>
X-BeenThere: new-work@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
Cc: "'Stanley, Dorothy'" <dorothy.stanley@hpe.com>, Paul Nikolich <paul.nikolich@ATT.NET>
Content-Type: multipart/mixed; boundary="===============3562640598552390481=="
Errors-To: new-work-bounces@ietf.org
Sender: "new-work" <new-work-bounces@ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/0u7YEkU2y0iqkw0ZAYot7_2dqCY>
X-Mailman-Approved-At: Sun, 20 Jun 2021 10:33:51 -0700
Subject: [secdir] [new-work] IEEE 802 PARs under Consideration - Jul 2021 Plenary
X-BeenThere: secdir@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jun 2021 18:11:14 -0000

This is a multipart message in MIME format.

--===============3562640598552390481==
Content-Type: multipart/alternative;
 boundary="----=_NextPart_000_15D3_01D761F0.4564FAD0"
Content-Language: en-us

This is a multipart message in MIME format.

------=_NextPart_000_15D3_01D761F0.4564FAD0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit

All,

The following Project Authorization Requests (PARs) and ICAID will be
considered at the IEEE 802 July 2021 Plenary, which will be held
electronically -  

*	802.1Qcw - Amendment: YANG Data Models for Scheduled Traffic, Frame
Preemption, and Per-Stream Filtering and Policing, PAR Extension
<https://www.ieee802.org/1/files/public/docs2021/cw-PAR-extension-0521-v01.p
df>  and CSD
<https://www.ieee802.org/1/files/public/docs2017/cw-draft-CSD-0517-v02.pdf> 
*	802.1Qcj - Amendment: Automatic Attachment to Provider Backbone
Bridging (PBB) services, PAR Extension
<https://www.ieee802.org/1/files/public/docs2021/cj-PAR-extension-0521-v01.p
df>  and CSD
<https://www.ieee802.org/1/files/public/docs2015/new-autoattach-romascanu-cs
d-0315-v01.pptx> 
*	802.1 - Industry Connections: Nendica ICAID
<https://mentor.ieee.org/802.1/dcn/21/1-21-0011-05-ICne-draft-nendica-icaid-
renewal.docx> 
*	802.3de - Amendment: Enhancements to the MAC Merge function and the
Time Synchronization Service Interface (TSSI) to include Point-to-Point 10
Mb/s Single Pair Ethernet, PAR
<https://mentor.ieee.org/802-ec/dcn/21/ec-21-0113-01-00EC-ieee-p802-3de-draf
t-par-responses.pdf>  and CSD
<https://mentor.ieee.org/802-ec/dcn/21/ec-21-0112-00-00EC-ieee-p802-3de-draf
t-csd-responses.pdf> 
*	802.15.13 Standard: Multi-Gigabit per Second Optical Wireless
Communications (OWC), with Ranges up to 200 meters, for both stationary and
mobile devices, PAR Extension
<https://mentor.ieee.org/802.15/dcn/21/15-21-0267-01-0000-par-extension-requ
est-for-p802-15-13.docx>  and CSD
<https://mentor.ieee.org/802-ec/dcn/17/ec-17-0073-00-ACSD-802-15-13.docx> 
*	802.15.4-2020/Cor1 Corrigendum 1:Correction of errors preventing
backward compatibility, PAR Modification
<https://mentor.ieee.org/802.15/dcn/21/15-21-0270-04-Cor2-tg4-2020-cor1-par-
modification-draft.docx> 
*	802.15.4ab Amendment: Enhanced Ultra Wide-Band (UWB) Physical Layers
(PHYs) and Associated MAC Enhancements,
<https://mentor.ieee.org/802.15/dcn/21/15-21-0126-02-nuwb-p802-15-4ab-par-dr
aft-from-myproject.pdf>  PAR and CSD
<https://mentor.ieee.org/802.15/dcn/21/15-21-0047-05-nuwb-draft-csd-ng-uwb.d
ocx> 
*	802.15.6a Amendment: Dependable Human and Vehicle Body Area
Networks, PAR
<https://mentor.ieee.org/802.15/dcn/21/15-21-0259-03-006a-ieee-802-15-6a-par
-draft.pdf>  and CSD
<https://mentor.ieee.org/802.15/dcn/21/15-21-0260-02-006a-ieee-802-15-6a-csd
-draft.docx> 
*	802.15.14 Standard: Ad-Hoc Impulse Radio Ultra Wideband Wireless
Networks, PAR
<https://mentor.ieee.org/802.15/dcn/21/15-21-0274-04-0014-sg14-ns-uwb-par-wo
rking-draft.docx>  and CSD
<https://mentor.ieee.org/802.15/dcn/21/15-21-0278-04-0014-sg14-draft-csd-for
-ns-uwb.docx> 
*	802.15.15 Standard: Ad-Hoc Low-Rate Wireless Networks, PAR
<https://mentor.ieee.org/802.15/dcn/21/15-21-0265-03-0015-sg15-ns-nb-par-wor
king-draft.docx>  and CSD
<https://mentor.ieee.org/802.15/dcn/21/15-21-0301-00-0015-sg15-draft-csd-for
-ns-nb.docx> 

The PARs and ICAID can be found at http://www.ieee802.org/PARs.shtml along
with the supporting IEEE 802 Criteria for Standards Development, or CSD,
(which includes the 5 criteria, i.e. the explanations of how they fit the
IEEE 802 criteria for initiating new work).

 

Any comments on a proposed PAR / ICAID should be sent to the Working Group
chair identified on the respective document to be received by 14 Jul 2021,
AoE

Regards,

John D'Ambrosia

Recording Secretary, IEEE 802 LMSC 

 


------=_NextPart_000_15D3_01D761F0.4564FAD0
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><META =
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 15 =
(filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:Wingdings;
	panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:#0563C1;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri",sans-serif;
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri",sans-serif;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
/* List Definitions */
@list l0
	{mso-list-id:788862038;
	mso-list-template-ids:-1566392994;}
@list l0:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l0:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:1.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:"Courier New";
	mso-bidi-font-family:"Times New Roman";}
@list l0:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:1.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l0:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:2.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l0:level5
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:2.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l0:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:3.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l0:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:3.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l0:level8
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:4.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l0:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:4.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1
	{mso-list-id:957566928;
	mso-list-template-ids:1425465684;}
@list l1:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Symbol;}
@list l1:level2
	{mso-level-number-format:bullet;
	mso-level-text:o;
	mso-level-tab-stop:1.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:"Courier New";
	mso-bidi-font-family:"Times New Roman";}
@list l1:level3
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:1.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level4
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:2.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level5
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:2.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level6
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:3.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level7
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:3.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level8
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:4.0in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
@list l1:level9
	{mso-level-number-format:bullet;
	mso-level-text:\F0A7;
	mso-level-tab-stop:4.5in;
	mso-level-number-position:left;
	text-indent:-.25in;
	mso-ansi-font-size:10.0pt;
	font-family:Wingdings;}
ol
	{margin-bottom:0in;}
ul
	{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US =
link=3D"#0563C1" vlink=3D"#954F72" style=3D'word-wrap:break-word'><div =
class=3DWordSection1><p style=3D'margin:0in'><span =
style=3D'font-size:10.0pt'>All,<o:p></o:p></span></p><p =
style=3D'margin:0in'><span style=3D'font-size:10.0pt'>The following =
Project Authorization Requests (PARs) and ICAID will be considered at =
the IEEE 802 July 2021 Plenary, which will be held electronically =
&#8211; &nbsp;<o:p></o:p></span></p><ul type=3Ddisc><li =
class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span style=3D'font-size:10.0pt'>802.1Qcw - =
Amendment: YANG Data Models for Scheduled Traffic, Frame Preemption, and =
Per-Stream Filtering and Policing,&nbsp;<a =
href=3D"https://www.ieee802.org/1/files/public/docs2021/cw-PAR-extension-=
0521-v01.pdf">PAR Extension</a>&nbsp;and&nbsp;<a =
href=3D"https://www.ieee802.org/1/files/public/docs2017/cw-draft-CSD-0517=
-v02.pdf">CSD</a><o:p></o:p></span></li><li class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span style=3D'font-size:10.0pt'>802.1Qcj - =
Amendment: Automatic Attachment to Provider Backbone Bridging (PBB) =
services,&nbsp;<a =
href=3D"https://www.ieee802.org/1/files/public/docs2021/cj-PAR-extension-=
0521-v01.pdf">PAR Extension</a>&nbsp;and&nbsp;<a =
href=3D"https://www.ieee802.org/1/files/public/docs2015/new-autoattach-ro=
mascanu-csd-0315-v01.pptx">CSD</a><o:p></o:p></span></li><li =
class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span style=3D'font-size:10.0pt'>802.1 - =
Industry Connections: Nendica&nbsp;<a =
href=3D"https://mentor.ieee.org/802.1/dcn/21/1-21-0011-05-ICne-draft-nend=
ica-icaid-renewal.docx">ICAID</a><o:p></o:p></span></li><li =
class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span style=3D'font-size:10.0pt'>802.3de - =
Amendment: Enhancements to the MAC Merge function and the Time =
Synchronization Service Interface (TSSI) to include Point-to-Point 10 =
Mb/s Single Pair Ethernet,&nbsp;<a =
href=3D"https://mentor.ieee.org/802-ec/dcn/21/ec-21-0113-01-00EC-ieee-p80=
2-3de-draft-par-responses.pdf">PAR</a>&nbsp;and&nbsp;<a =
href=3D"https://mentor.ieee.org/802-ec/dcn/21/ec-21-0112-00-00EC-ieee-p80=
2-3de-draft-csd-responses.pdf">CSD</a><o:p></o:p></span></li><li =
class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span style=3D'font-size:10.0pt'>802.15.13 =
Standard: Multi-Gigabit per Second Optical Wireless Communications =
(OWC), with Ranges up to 200 meters, for both stationary and mobile =
devices,&nbsp;<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0267-01-0000-par-exte=
nsion-request-for-p802-15-13.docx">PAR Extension</a>&nbsp;and&nbsp;<a =
href=3D"https://mentor.ieee.org/802-ec/dcn/17/ec-17-0073-00-ACSD-802-15-1=
3.docx">CSD</a><o:p></o:p></span></li><li class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span =
style=3D'font-size:10.0pt'>802.15.4-2020/Cor1 Corrigendum 1:Correction =
of errors preventing backward compatibility,&nbsp;<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0270-04-Cor2-tg4-2020=
-cor1-par-modification-draft.docx">PAR =
Modification</a><o:p></o:p></span></li><li class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span style=3D'font-size:10.0pt'>802.15.4ab =
Amendment: Enhanced Ultra Wide-Band (UWB) Physical Layers (PHYs) and =
Associated MAC Enhancements,<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0126-02-nuwb-p802-15-=
4ab-par-draft-from-myproject.pdf">&nbsp;PAR</a>&nbsp;and&nbsp;<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0047-05-nuwb-draft-cs=
d-ng-uwb.docx">CSD</a><o:p></o:p></span></li><li class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span style=3D'font-size:10.0pt'>802.15.6a =
Amendment: Dependable Human and Vehicle Body Area Networks,&nbsp;<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0259-03-006a-ieee-802=
-15-6a-par-draft.pdf">PAR</a>&nbsp;and&nbsp;<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0260-02-006a-ieee-802=
-15-6a-csd-draft.docx">CSD</a><o:p></o:p></span></li><li =
class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span style=3D'font-size:10.0pt'>802.15.14 =
Standard: Ad-Hoc Impulse Radio Ultra Wideband Wireless Networks,&nbsp;<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0274-04-0014-sg14-ns-=
uwb-par-working-draft.docx">PAR</a>&nbsp;and&nbsp;<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0278-04-0014-sg14-dra=
ft-csd-for-ns-uwb.docx">CSD</a><o:p></o:p></span></li><li =
class=3DMsoNormal =
style=3D'color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;m=
so-list:l0 level1 lfo2'><span style=3D'font-size:10.0pt'>802.15.15 =
Standard: Ad-Hoc Low-Rate Wireless Networks,&nbsp;<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0265-03-0015-sg15-ns-=
nb-par-working-draft.docx">PAR</a>&nbsp;and&nbsp;<a =
href=3D"https://mentor.ieee.org/802.15/dcn/21/15-21-0301-00-0015-sg15-dra=
ft-csd-for-ns-nb.docx">CSD</a><o:p></o:p></span></li></ul><p =
style=3D'mso-margin-top-alt:9.0pt;margin-right:0in;margin-bottom:0in;marg=
in-left:0in'><span style=3D'font-size:10.0pt'>The PARs and ICAID can be =
found at <a =
href=3D"http://www.ieee802.org/PARs.shtml">http://www.ieee802.org/PARs.sh=
tml</a> along with the supporting IEEE 802 Criteria for Standards =
Development, or CSD, (which includes the 5 criteria, i.e. the =
explanations of how they fit the IEEE 802 criteria for initiating new =
work).<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:10.0pt'><o:p>&nbsp;</o:p></span></p><p =
class=3DMsoNormal><span style=3D'font-size:10.0pt'>Any comments on a =
proposed PAR / ICAID should be sent to the Working Group chair =
identified on the respective document to be received by 14 Jul 2021, =
AoE<o:p></o:p></span></p><p =
style=3D'mso-margin-top-alt:9.0pt;margin-right:0in;margin-bottom:0in;marg=
in-left:0in'><span =
style=3D'font-size:10.0pt'>Regards,<o:p></o:p></span></p><p =
style=3D'mso-margin-top-alt:9.0pt;margin-right:0in;margin-bottom:0in;marg=
in-left:0in'><span style=3D'font-size:10.0pt'>John =
D&#8217;Ambrosia<o:p></o:p></span></p><p style=3D'margin:0in'><span =
style=3D'font-size:10.0pt'>Recording Secretary, IEEE 802 LMSC =
<o:p></o:p></span></p><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p></div></body></html>
------=_NextPart_000_15D3_01D761F0.4564FAD0--


--===============3562640598552390481==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
new-work mailing list
new-work@ietf.org
https://www.ietf.org/mailman/listinfo/new-work

--===============3562640598552390481==--


From nobody Wed Jun 23 22:34:36 2021
Return-Path: <new-work-bounces@ietf.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 90BD13A449D; Wed, 23 Jun 2021 22:26:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1624512399; bh=zHQhcalQ0Vdrd8nzXKbov51lHvZDOHjquUcxhf6TDPo=; h=To:From:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=qlNRGIDisQkHNO3p2P8u9TkTtZ58Ng2Xc2g/VCCrv632DOfIX4rpkPEmFUsnFL/Gh W2NQXlXqWKQ1Yk5bN1kuQKiENtAWoIicYZHmiuv6oO0DQRUky/Up7pGIGk2TxkUe83 +cIssH0SyBuPrtLMfY5I/YIUuJbI6Gye9wH8uu3U=
X-Mailbox-Line: From new-work-bounces@ietf.org  Wed Jun 23 22:26:37 2021
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 897DE3A44C7; Wed, 23 Jun 2021 22:26:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1624512397; bh=zHQhcalQ0Vdrd8nzXKbov51lHvZDOHjquUcxhf6TDPo=; h=To:From:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=iBqq+3cVAQAhDQFHmv/ctm8LrXryOTj1gypqTHr0p2WCQZ9PcUMxb07oDEWGZ66CD uaA6x/6/sDxA5wYWYvHhh4IpTZokej/uPHHAz+0EbwxwEGWJabJ5+uXbfIJRW2r/zr 1MZNfPFw5+FJNkiZ0Cyr48OhzGRLpmnYyyHJjyfo=
X-Original-To: new-work@ietfa.amsl.com
Delivered-To: new-work@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 655173A44B7 for <new-work@ietfa.amsl.com>; Wed, 23 Jun 2021 22:26:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.095
X-Spam-Level: 
X-Spam-Status: No, score=0.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HK_RANDOM_ENVFROM=0.998, HK_RANDOM_FROM=0.998, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zql3g4umcpJv for <new-work@ietfa.amsl.com>; Wed, 23 Jun 2021 22:26:27 -0700 (PDT)
Received: from raoul.w3.org (raoul.w3.org [128.30.52.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0669C3A448F for <new-work@ietf.org>; Wed, 23 Jun 2021 22:26:26 -0700 (PDT)
Received: from [210.76.34.35] (helo=[192.168.0.101]) by raoul.w3.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <xueyuan@w3.org>) id 1lwHse-0002qB-Hr for new-work@ietf.org; Thu, 24 Jun 2021 05:26:24 +0000
To: new-work@ietf.org
From: xueyuan <xueyuan@w3.org>
Message-ID: <7464619a-f24f-7ba0-09e5-8c720214262e@w3.org>
Date: Thu, 24 Jun 2021 13:26:21 +0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
MIME-Version: 1.0
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/new-work/sUMbPyt2Wlf7xijjSxKyDzy3Mfw>
X-BeenThere: new-work@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
Content-Transfer-Encoding: base64
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Errors-To: new-work-bounces@ietf.org
Sender: "new-work" <new-work-bounces@ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/T07rCiC5iZ1QU1yOHVkIEsHMoHo>
X-Mailman-Approved-At: Wed, 23 Jun 2021 22:34:35 -0700
Subject: [secdir] [new-work] Proposed W3C Charter: Devices and Sensors Working Group (until 2021-07-23/24)
X-BeenThere: secdir@ietf.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jun 2021 05:26:42 -0000

CkhlbGxvLAoKVG9kYXkgVzNDIEFkdmlzb3J5IENvbW1pdHRlZSBSZXByZXNlbnRhdGl2ZXMgcmVj
ZWl2ZWQgYSBQcm9wb3NhbAp0byByZXZpZXcgYSBkcmFmdCBjaGFydGVyIGZvciB0aGUgRGV2aWNl
cyBhbmQgU2Vuc29ycyBXb3JraW5nIEdyb3VwOgogwqAgaHR0cHM6Ly93d3cudzMub3JnLzIwMjEv
MDYvREFTQ2hhcnRlci1hYy5odG1sCgpBcyBwYXJ0IG9mIGVuc3VyaW5nIHRoYXQgdGhlIGNvbW11
bml0eSBpcyBhd2FyZSBvZiBwcm9wb3NlZCB3b3JrCmF0IFczQywgdGhpcyBkcmFmdCBjaGFydGVy
IGlzIHB1YmxpYyBkdXJpbmcgdGhlIEFkdmlzb3J5CkNvbW1pdHRlZSByZXZpZXcgcGVyaW9kLgoK
VzNDIGludml0ZXMgcHVibGljIGNvbW1lbnRzIHRocm91Z2ggMDM6NTkgVVRDIG9uIDI0IEp1bHkg
MjAyMQooMjM6NTksIEVhc3Rlcm4gdGltZSBvbiAyMyBKdWx5KSBvbiB0aGUgcHJvcG9zZWQgY2hh
cnRlci4KUGxlYXNlIHNlbmQgY29tbWVudHMgdG8gcHVibGljLW5ldy13b3JrQHczLm9yZywKd2hp
Y2ggaGFzIGEgcHVibGljIGFyY2hpdmU6CiDCoCBodHRwOi8vbGlzdHMudzMub3JnL0FyY2hpdmVz
L1B1YmxpYy9wdWJsaWMtbmV3LXdvcmsvCgpPdGhlciB0aGFuIGNvbW1lbnRzIHNlbnQgaW4gZm9y
bWFsIHJlc3BvbnNlcyBieSBXM0MgQWR2aXNvcnkKQ29tbWl0dGVlIFJlcHJlc2VudGF0aXZlcywg
VzNDIGNhbm5vdCBndWFyYW50ZWUgYSByZXNwb25zZSB0bwpjb21tZW50cy4gSWYgeW91IHdvcmsg
Zm9yIGEgVzNDIE1lbWJlciBbMV0sIHBsZWFzZSBjb29yZGluYXRlCnlvdXIgY29tbWVudHMgd2l0
aCB5b3VyIEFkdmlzb3J5IENvbW1pdHRlZSBSZXByZXNlbnRhdGl2ZS4gRm9yCmV4YW1wbGUsIHlv
dSBtYXkgd2lzaCB0byBtYWtlIHB1YmxpYyBjb21tZW50cyB2aWEgdGhpcyBsaXN0IGFuZApoYXZl
IHlvdXIgQWR2aXNvcnkgQ29tbWl0dGVlIFJlcHJlc2VudGF0aXZlIHJlZmVyIHRvIGl0IGZyb20g
aGlzCm9yIGhlciBmb3JtYWwgcmV2aWV3IGNvbW1lbnRzLgoKSWYgeW91IHNob3VsZCBoYXZlIGFu
eSBxdWVzdGlvbnMgb3IgbmVlZCBmdXJ0aGVyIGluZm9ybWF0aW9uLCBwbGVhc2UKY29udGFjdCBG
dXFpYW8gWHVlLCBEZXZpY2VzIGFuZCBTZW5zb3JzIFdvcmtpbmcgR3JvdXAgVGVhbSBDb250YWN0
LAphdCA8eGZxQHczLm9yZz4uCgpUaGFuayB5b3UsCgpYdWV5dWFuIEppYSzCoCBXM0MgTWFya2V0
aW5nICYgQ29tbXVuaWNhdGlvbnMKClsxXSBodHRwOi8vd3d3LnczLm9yZy9Db25zb3J0aXVtL01l
bWJlci9MaXN0CgoKX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X18KbmV3LXdvcmsgbWFpbGluZyBsaXN0Cm5ldy13b3JrQGlldGYub3JnCmh0dHBzOi8vd3d3Lmll
dGYub3JnL21haWxtYW4vbGlzdGluZm8vbmV3LXdvcmsK


From nobody Thu Jun 24 12:12:56 2021
Return-Path: <dharkins@lounge.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF01C3A2803 for <secdir@ietfa.amsl.com>; Thu, 24 Jun 2021 12:12:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.238
X-Spam-Level: 
X-Spam-Status: No, score=-2.238 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.338, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ksETwkrRo0CV for <secdir@ietfa.amsl.com>; Thu, 24 Jun 2021 12:12:48 -0700 (PDT)
Received: from www.goatley.com (www.goatley.com [198.137.202.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3A793A27F7 for <secdir@ietf.org>; Thu, 24 Jun 2021 12:12:48 -0700 (PDT)
Received: from trixy.bergandi.net (cpe-76-176-14-122.san.res.rr.com [76.176.14.122]) by wwwlocal.goatley.com (PMDF V6.8 #2433) with ESMTP id <0QV804G3E01BR9@wwwlocal.goatley.com> for secdir@ietf.org; Thu, 24 Jun 2021 14:12:47 -0500 (CDT)
Received: from blockhead.local ([69.12.173.8]) by trixy.bergandi.net (PMDF V6.7-x01 #2433) with ESMTPSA id <0QV8002KK0101N@trixy.bergandi.net> for secdir@ietf.org; Thu, 24 Jun 2021 12:12:36 -0700 (PDT)
Received: from 69-12-173-8.static.dsltransport.net ([69.12.173.8] EXTERNAL) (EHLO blockhead.local) with TLS/SSL by trixy.bergandi.net ([10.0.42.18]) (PreciseMail V3.3); Thu, 24 Jun 2021 12:12:36 -0700
Date: Thu, 24 Jun 2021 12:12:45 -0700
From: Dan Harkins <dharkins@lounge.org>
In-reply-to: <fbcb12d4-bac4-ea55-7af4-43a5616fe1c1@lounge.org>
To: "secdir@ietf.org" <secdir@ietf.org>
Message-id: <f97b763b-1fa2-ad2b-9d82-c946a05c9fe0@lounge.org>
MIME-version: 1.0
Content-type: text/plain; charset=utf-8; format=flowed
Content-language: en-US
Content-transfer-encoding: 8BIT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.7.1
X-PMAS-SPF: SPF check skipped for authenticated session (recv=trixy.bergandi.net, send-ip=69.12.173.8)
X-PMAS-External-Auth: 69-12-173-8.static.dsltransport.net [69.12.173.8] (EHLO blockhead.local)
References: <162214820520.7182.12901551158997050207@ietfa.amsl.com> <fbcb12d4-bac4-ea55-7af4-43a5616fe1c1@lounge.org>
X-PMAS-Software: PreciseMail V3.3 [210624a] (trixy.bergandi.net)
X-PMAS-Allowed: system rule (rule allow header:X-PMAS-External noexists)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/EaZXwyP9uU0BDwNaRrwKR2DewlI>
Subject: Re: [secdir] Fwd: Secdir Telechat assignment: draft-ietf-6man-spring-srv6-oam
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jun 2021 19:12:55 -0000

   I sent this email on 1 June (before the telechat) and addressed it to
the IESG and the draft authors. I failed to include secdir. Mea culpa.
But I guess I need to send this to the list in order to get the draft
cleared out of the assignments email that gets sent out periodically.

   Consider it addressed, please.

   Dan.

On 6/1/21 6:50 AM, Dan Harkins wrote:
>
>   The changes in -10 address my comments from -09. Thanks,
>
>   Dan.
>
> -------- Forwarded Message --------
>
> Telechat review of: draft-ietf-6man-spring-srv6-oam (no specific version)
> Deadline: 2021-06-01
> Pages: 23
> Requested by: (System)
>
> https://datatracker.ietf.org/doc/draft-ietf-6man-spring-srv6-oam/reviewrequest/14681/login/ 
>
>
> Tero Kivinen has assigned Dan Harkins as a reviewer for this document.
>
> This team has completed other reviews of this document:
> - 2021-04-08 14:53 PDT Dan Harkins -09 Has Issues
>
>
>
>


From nobody Tue Jun 29 15:30:25 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 162163A1550; Tue, 29 Jun 2021 15:30:17 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Chris Lonvick via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: bess@ietf.org, draft-ietf-bess-evpn-inter-subnet-forwarding.all@ietf.org,  last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.33.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162500581702.14479.10740784349692238870@ietfa.amsl.com>
Reply-To: Chris Lonvick <lonvick.ietf@gmail.com>
Date: Tue, 29 Jun 2021 15:30:17 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/MpfHlAz25yLpmXGuhUWZxQiFODg>
Subject: [secdir] Secdir telechat review of draft-ietf-bess-evpn-inter-subnet-forwarding-14
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jun 2021 22:30:17 -0000

Reviewer: Chris Lonvick
Review result: Ready

Hi,

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
last call comments.

The summary of the review is READY.

This is a re-review. The Security Considerations section has been updated and
addresses the issues I noted from the version -09 I previously reviewed. The
additions to the section do a very good job of addressing the adherence to or
differences from the security considerations sections of the referenced RFCs.

Regards,
Chris



From nobody Wed Jun 30 09:37:42 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C44CB3A2266; Wed, 30 Jun 2021 09:37:32 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Phillip Hallam-Baker via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: draft-ietf-stir-enhance-rfc8226.all@ietf.org, last-call@ietf.org, stir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.33.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162507105275.13238.11164075795882105631@ietfa.amsl.com>
Reply-To: Phillip Hallam-Baker <hallam@gmail.com>
Date: Wed, 30 Jun 2021 09:37:32 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/hzZ3FmvvW0OMhUYCRgdhrPsny-4>
Subject: [secdir] Secdir last call review of draft-ietf-stir-enhance-rfc8226-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Jun 2021 16:37:33 -0000

Reviewer: Phillip Hallam-Baker
Review result: Ready

This document presents an extension to the JWT Claim Constraints capabilities
described in  RFC 8226. The changes proposed do not substantially change the
security model of the original, they merely provide additional expressive power.

This document is part of an effort to establish a post-facto security
infrastructure for the legacy telephone system which predates any security
technology that could have been used to secure it. As such the principal source
of insecurity is going to be in the quality of the data being used to make
security assertions rather than the expressive power of the assertions
themselves.



From nobody Wed Jun 30 17:04:48 2021
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 315F63A30DC; Wed, 30 Jun 2021 17:04:41 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Daniel Franke via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: anima@ietf.org, draft-ietf-anima-constrained-voucher.all@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.33.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162509788114.10193.4485290358108899416@ietfa.amsl.com>
Reply-To: Daniel Franke <dfoxfranke@gmail.com>
Date: Wed, 30 Jun 2021 17:04:41 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/JjzYESeYlkXat-GEu0N3NT9o4_A>
Subject: [secdir] Secdir early review of draft-ietf-anima-constrained-voucher-11
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Jul 2021 00:04:41 -0000

Reviewer: Daniel Franke
Review result: Not Ready

I'm reviewing this document as a member of SecDir per the request for early
review.

I'm marking this as "Not Ready" principally because the whole Security
Considerations section is "TBD".

Having no prior familiarity with the ANIMA WG or its output, I found the
introductory section of this draft rather bewildering. The document I wanted to
read for background, RFC 8366, is cited a few sentences in, but the context
didn't make it clear that this was where I wanted to look. Please provide a
paragraph or so worth of background about the ecosystem that this draft lives
in before launching into protocol-specific jargon like "voucher" and "pledge".

You mention trying to conserve both network bandwidth and code size. I see how
you're saving a bit of bandwidth by shortening URLs, using CBOR instead of
JSON, and in some cases avoiding retransmission of public keys. But I'm not
following where the code size wins come from. The procedure described in
section 5.3.1 doesn't seem to save anything significant, since you still need a
whole RFC 5280 implementation for the fallback path.

You've given "ECDSA" as a mandatory-to-implement algorithm, but haven't
specified what particular curves must be supported. Without this, you haven't
gotten any closer to assuring interoperability.

Appendix A looks like a funny thing to find in an RFC. Are you planning to have
the RFC Editor remove this prior to publication, like you'd do for an
"Implementation Status" section? If so, you should include an explicit
instruction to that effect.