From nobody Fri Jul 5 07:00:07 2019 Return-Path: X-Original-To: opsec@ietf.org Delivered-To: opsec@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C55EF120026; Fri, 5 Jul 2019 06:59:56 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: Cc: opsec@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 6.98.2 Auto-Submitted: auto-generated Precedence: bulk Reply-To: opsec@ietf.org Message-ID: <156233519675.21736.13702891402685664970@ietfa.amsl.com> Date: Fri, 05 Jul 2019 06:59:56 -0700 Archived-At: Subject: [OPSEC] I-D Action: draft-ietf-opsec-v6-17.txt X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jul 2019 13:59:57 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Operational Security Capabilities for IP Network Infrastructure WG of the IETF. Title : Operational Security Considerations for IPv6 Networks Authors : Eric Vyncke Kiran K. Chittimaneni Merike Kaeo Enno Rey Filename : draft-ietf-opsec-v6-17.txt Pages : 50 Date : 2019-07-05 Abstract: Knowledge and experience on how to operate IPv4 securely is available: whether it is the Internet or an enterprise internal network. However, IPv6 presents some new security challenges. RFC 4942 describes the security issues in the protocol but network managers also need a more practical, operations-minded document to enumerate advantages and/or disadvantages of certain choices. This document analyzes the operational security issues in several places of a network (enterprises, service providers and residential users) and proposes technical and procedural mitigations techniques. Some very specific place of a network such as the Internet of Things are not discussed in this document. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-opsec-v6/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-opsec-v6-17 https://datatracker.ietf.org/doc/html/draft-ietf-opsec-v6-17 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-opsec-v6-17 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Sat Jul 6 09:43:24 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 813EE1200B1 for ; Sat, 6 Jul 2019 09:43:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZTrrrdFaUeVD for ; Sat, 6 Jul 2019 09:43:20 -0700 (PDT) Received: from mx1.ernw.net (mx1.ernw.net [62.159.96.78]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1CB42120024 for ; Sat, 6 Jul 2019 09:43:19 -0700 (PDT) Received: from mail1.ernw.net (unknown [IPv6:fd00:2001:0:d001::30]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail1.ernw.net", Issuer "ernw ca1" (verified OK)) by mx1.ernw.net (Postfix) with ESMTPS id ED12D27304 for ; Sat, 6 Jul 2019 18:43:17 +0200 (CEST) Received: from ws26.ernw.net (ws26.ernw.net [172.31.1.70]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "ws26.ernw.net", Issuer "ernw ca1" (verified OK)) by mail1.ernw.net (Postfix) with ESMTPS id BB1A020FEB9 for ; Sat, 6 Jul 2019 18:43:17 +0200 (CEST) Received: by ws26.ernw.net (Postfix, from userid 1002) id EE5735AC81; Sat, 6 Jul 2019 18:43:16 +0200 (CEST) Date: Sat, 6 Jul 2019 18:43:16 +0200 From: Enno Rey To: opsec@ietf.org Message-ID: <20190706164316.GB53679@ernw.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.11.3 (2019-02-01) Archived-At: Subject: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6) / Asking for WGLC X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Jul 2019 16:43:23 -0000 Dear WG Chairs, All, we've considered & mostly incorporated the input from the mailing list (thanks for the latest reviews and comments!) and from the IETF104 session, and we'd hence like to ask for WGLC of the document. thanks Enno -- Enno Rey ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 Handelsregister Mannheim: HRB 337135 Geschaeftsfuehrer: Florian Grunow, Michael Schaefer ======================================================= Blog: www.insinuator.net || Conference: www.troopers.de Twitter: @Enno_Insinuator ======================================================= From nobody Mon Jul 8 16:38:42 2019 Return-Path: X-Original-To: opsec@ietf.org Delivered-To: opsec@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 90CF6120390; Mon, 8 Jul 2019 16:38:29 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: Cc: opsec@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 6.98.3 Auto-Submitted: auto-generated Precedence: bulk Reply-To: opsec@ietf.org Message-ID: <156262910951.976.18145887985303475096@ietfa.amsl.com> Date: Mon, 08 Jul 2019 16:38:29 -0700 Archived-At: Subject: [OPSEC] I-D Action: draft-ietf-opsec-urpf-improvements-03.txt X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jul 2019 23:38:41 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Operational Security Capabilities for IP Network Infrastructure WG of the IETF. Title : Enhanced Feasible-Path Unicast Reverse Path Filtering Authors : Kotikalapudi Sriram Doug Montgomery Jeffrey Haas Filename : draft-ietf-opsec-urpf-improvements-03.txt Pages : 18 Date : 2019-07-08 Abstract: This document identifies a need for improvement of the unicast Reverse Path Filtering techniques (uRPF) (see BCP 84) for detection and mitigation of source address spoofing (see BCP 38). The strict uRPF is inflexible about directionality, the loose uRPF is oblivious to directionality, and the current feasible-path uRPF attempts to strike a balance between the two (see BCP 84). However, as shown in this draft, the existing feasible-path uRPF still has shortcomings. This document describes an enhanced feasible-path uRPF technique, which aims to be more flexible (in a meaningful way) about directionality than the feasible-path uRPF. It can potentially alleviate ISPs' concerns about the possibility of disrupting service for their customers, and encourage greater deployment of uRPF techniques. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-opsec-urpf-improvements/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-opsec-urpf-improvements-03 https://datatracker.ietf.org/doc/html/draft-ietf-opsec-urpf-improvements-03 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-opsec-urpf-improvements-03 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Wed Jul 10 10:02:00 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F9F4120178; Wed, 10 Jul 2019 10:01:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nist.gov Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eb_M_7T-oi-u; Wed, 10 Jul 2019 10:01:56 -0700 (PDT) Received: from GCC01-CY1-obe.outbound.protection.outlook.com (mail-eopbgr830100.outbound.protection.outlook.com [40.107.83.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A15412014E; Wed, 10 Jul 2019 10:01:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H2O/ocLQeLKe4uBF0/aVds1fvDm4GADG44TF8doGWQ3gg2VUNcD9kP5mE0U4QNC99/4E3wtPm4KsFR5wiy06Vejs99xFCAQiUflFbpi3u6pg67hHQ35m9BalAM0xueqY5p9oUIuPT/0vlmey+W+RJrTTNipd007158x0JbSJcvHVBHdQDMmBtNHIzdf0RxNiljNG9RyhywC1mjp5/+8Y3Qey61gD8oR8pLtNnGK4EaLJuVPnaIIoMXZyE6amfRmqlBlL2yTJ/rLIetX6Pzuqvy3yVW9mirZXtaBDiPYcpZ9jY38L7ApgWn/R1KwqEnUavPIWcFR6IiUAjqgYjZPg/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hNeruxmItdRMHuJapakQDL/N0QnSEFgrKAYTdUydF24=; b=AW1KVDVutJMJmf9itIuxsvuKDuLPdSsQBiBoy5GpM4gtMDGG3o0szlot+BwAKNyEdoX9dAhDIIInFRK5xSR63zUHkeUwJxOEj2J7Pl3A5LYplHqFtUZ3ZmRmncxmAaQuPldBgpKJYKu/hQav2g7kePusQkbGlrWPpPDBzn1rRDQVDjGh7CgWkSMTRD1rVNB3jPJkW4QjM0kvMg3W1P/n4poSFgrDZAqupdHQMr5Srzl+rj3+Sw8HLdWsbbuciQn19XzDEy7BRJSqyhYimTaXHm8EF2E8awLmLUyRrJSq/q8VGHwCldH5QslAqaok3DvNPQ31B7nf6tfqCWzGnn0qwA== ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=nist.gov;dmarc=pass action=none header.from=nist.gov;dkim=pass header.d=nist.gov;arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hNeruxmItdRMHuJapakQDL/N0QnSEFgrKAYTdUydF24=; b=rv3dM6Xcp0lc/S3yLF3CWPfdxVoREQfMimvZnC4bzarMZpgE5zQgBFeG+VQjErdtBLQtnCoL7YJBaSJ5ZgrFLPqnxABxlIhEjx0YLre1a3WFRsvZpytTYTcG/VXmqViR+fxGGS24dznMrzL3ao8sZKBqOjEoEpPVZe2+pE+IZQM= Received: from DM6PR09MB3019.namprd09.prod.outlook.com (20.178.2.203) by DM6PR09MB3115.namprd09.prod.outlook.com (20.178.3.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.10; Wed, 10 Jul 2019 17:01:54 +0000 Received: from DM6PR09MB3019.namprd09.prod.outlook.com ([fe80::6973:1f0e:3755:4fc6]) by DM6PR09MB3019.namprd09.prod.outlook.com ([fe80::6973:1f0e:3755:4fc6%6]) with mapi id 15.20.2073.008; Wed, 10 Jul 2019 17:01:54 +0000 From: "Sriram, Kotikalapudi (Fed)" To: "opsec@ietf.org" CC: "Murphy, Sandra (Sandra.Murphy@parsons.com)" , "draft-ietf-opsec-urpf-improvements@ietf.org" , "opsec-chairs@ietf.org" Thread-Topic: [OPSEC] I-D Action: draft-ietf-opsec-urpf-improvements-03.txt Thread-Index: AdU3PtZPJ+cjOJnYSJmMldvqEglSgA== Date: Wed, 10 Jul 2019 17:01:53 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=kotikalapudi.sriram@nist.gov; x-originating-ip: [129.6.140.161] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: d221376b-3d12-46b2-de95-08d705584f68 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:DM6PR09MB3115; x-ms-traffictypediagnostic: DM6PR09MB3115: x-ms-exchange-purlcount: 4 x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8882; x-forefront-prvs: 0094E3478A x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(396003)(366004)(136003)(346002)(376002)(199004)(189003)(4326008)(5640700003)(486006)(2906002)(6506007)(186003)(66066001)(26005)(33656002)(478600001)(3846002)(102836004)(14454004)(6306002)(9686003)(25786009)(54906003)(316002)(6116002)(71190400001)(71200400001)(966005)(53936002)(99286004)(7696005)(14444005)(256004)(8676002)(76116006)(1730700003)(55016002)(229853002)(74316002)(86362001)(8936002)(2501003)(68736007)(7736002)(52536014)(6246003)(2351001)(305945005)(5660300002)(6916009)(476003)(6436002)(66574012)(66446008)(81156014)(81166006)(66556008)(66476007)(66946007)(64756008); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR09MB3115; H:DM6PR09MB3019.namprd09.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: bRBY0d3vfffyXFFoTJFlcO6owU79oh+r854cXcgJAQZKZCca1K/AhhUCScPx5u/2traqQngI8oeKwpexyvN4pNYH6Z/YcTOkVycRja/p0stIJmyhp0vtC2ZJNp8ecCfnW5qBYnZs6b5Ue06pQeZcowz0ZLhI5cKr8oh8CW6edig8IsHWgqEaXKHAT9WJh74A6fQwf2XjIfJIGoF+4pnC56FW6WenwXHe4XX+i2nEJk2oOXaD4Nrs6x6Z/cyQYair3vfH43btmWro7EAi6smqxIHVIyiNZxVSEddTu4UstU5jSoqQVhicZywSx0RTLypLxOKBf22WJm0iEnbQIrXxaj2rPJ6y/7sLJtOojL81j1gw2OfNelK0QBtwpAN9i1BGAy/dejujEBVlzRGdwaIQCPBavBHbdLMF901LAKAibg0= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: nist.gov X-MS-Exchange-CrossTenant-Network-Message-Id: d221376b-3d12-46b2-de95-08d705584f68 X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Jul 2019 17:01:54.1099 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ksriram@nist.gov X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR09MB3115 Archived-At: Subject: Re: [OPSEC] I-D Action: draft-ietf-opsec-urpf-improvements-03.txt X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jul 2019 17:01:59 -0000 VGhpcyByZXZpc2VkIHZlcnNpb24gKC0wMykgaW5jb3Jwb3JhdGVzIGVkaXRvcmlhbCBjb21tZW50 cyANCnRoYXQgdGhlIGF1dGhvcnMgaGF2ZSByZWNlaXZlZCBmcm9tIHRoZSBkb2N1bWVudCBzaGVw aGVyZCAoU2FuZHkgTXVycGh5KS4NCk1hbnkgdGhhbmtzIHRvIFNhbmR5Lg0KDQpTcmlyYW0NCi0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCkRhdGU6IE1vbiwgMDggSnVsIDIwMTkgMTY6 Mzg6MjkgLTA3MDANCkZyb206IGludGVybmV0LWRyYWZ0c0BpZXRmLm9yZw0KVG86IDxpLWQtYW5u b3VuY2VAaWV0Zi5vcmc+DQpDYzogb3BzZWNAaWV0Zi5vcmcNClN1YmplY3Q6IFtPUFNFQ10gSS1E IEFjdGlvbjogZHJhZnQtaWV0Zi1vcHNlYy11cnBmLWltcHJvdmVtZW50cy0wMy50eHQNCg0KQSBO ZXcgSW50ZXJuZXQtRHJhZnQgaXMgYXZhaWxhYmxlIGZyb20gdGhlIG9uLWxpbmUgSW50ZXJuZXQt RHJhZnRzIGRpcmVjdG9yaWVzLg0KVGhpcyBkcmFmdCBpcyBhIHdvcmsgaXRlbSBvZiB0aGUgT3Bl cmF0aW9uYWwgU2VjdXJpdHkgQ2FwYWJpbGl0aWVzIGZvciBJUCBOZXR3b3JrIEluZnJhc3RydWN0 dXJlIFdHIG9mIHRoZSBJRVRGLg0KDQogICAgICAgIFRpdGxlICAgICAgICAgICA6IEVuaGFuY2Vk IEZlYXNpYmxlLVBhdGggVW5pY2FzdCBSZXZlcnNlIFBhdGggRmlsdGVyaW5nDQogICAgICAgIEF1 dGhvcnMgICAgICAgICA6IEtvdGlrYWxhcHVkaSBTcmlyYW0NCiAgICAgICAgICAgICAgICAgICAg ICAgICAgRG91ZyBNb250Z29tZXJ5DQogICAgICAgICAgICAgICAgICAgICAgICAgIEplZmZyZXkg SGFhcw0KCUZpbGVuYW1lICAgICAgICA6IGRyYWZ0LWlldGYtb3BzZWMtdXJwZi1pbXByb3ZlbWVu dHMtMDMudHh0DQoJUGFnZXMgICAgICAgICAgIDogMTgNCglEYXRlICAgICAgICAgICAgOiAyMDE5 LTA3LTA4DQoNCkFic3RyYWN0Og0KICAgVGhpcyBkb2N1bWVudCBpZGVudGlmaWVzIGEgbmVlZCBm b3IgaW1wcm92ZW1lbnQgb2YgdGhlIHVuaWNhc3QNCiAgIFJldmVyc2UgUGF0aCBGaWx0ZXJpbmcg dGVjaG5pcXVlcyAodVJQRikgKHNlZSBCQ1AgODQpIGZvciBkZXRlY3Rpb24NCiAgIGFuZCBtaXRp Z2F0aW9uIG9mIHNvdXJjZSBhZGRyZXNzIHNwb29maW5nIChzZWUgQkNQIDM4KS4gIFRoZSBzdHJp Y3QNCiAgIHVSUEYgaXMgaW5mbGV4aWJsZSBhYm91dCBkaXJlY3Rpb25hbGl0eSwgdGhlIGxvb3Nl IHVSUEYgaXMgb2JsaXZpb3VzDQogICB0byBkaXJlY3Rpb25hbGl0eSwgYW5kIHRoZSBjdXJyZW50 IGZlYXNpYmxlLXBhdGggdVJQRiBhdHRlbXB0cyB0bw0KICAgc3RyaWtlIGEgYmFsYW5jZSBiZXR3 ZWVuIHRoZSB0d28gKHNlZSBCQ1AgODQpLiAgSG93ZXZlciwgYXMgc2hvd24gaW4NCiAgIHRoaXMg ZHJhZnQsIHRoZSBleGlzdGluZyBmZWFzaWJsZS1wYXRoIHVSUEYgc3RpbGwgaGFzIHNob3J0Y29t aW5ncy4NCiAgIFRoaXMgZG9jdW1lbnQgZGVzY3JpYmVzIGFuIGVuaGFuY2VkIGZlYXNpYmxlLXBh dGggdVJQRiB0ZWNobmlxdWUsDQogICB3aGljaCBhaW1zIHRvIGJlIG1vcmUgZmxleGlibGUgKGlu IGEgbWVhbmluZ2Z1bCB3YXkpIGFib3V0DQogICBkaXJlY3Rpb25hbGl0eSB0aGFuIHRoZSBmZWFz aWJsZS1wYXRoIHVSUEYuICBJdCBjYW4gcG90ZW50aWFsbHkNCiAgIGFsbGV2aWF0ZSBJU1BzJyBj b25jZXJucyBhYm91dCB0aGUgcG9zc2liaWxpdHkgb2YgZGlzcnVwdGluZyBzZXJ2aWNlDQogICBm b3IgdGhlaXIgY3VzdG9tZXJzLCBhbmQgZW5jb3VyYWdlIGdyZWF0ZXIgZGVwbG95bWVudCBvZiB1 UlBGDQogICB0ZWNobmlxdWVzLg0KDQpUaGUgSUVURiBkYXRhdHJhY2tlciBzdGF0dXMgcGFnZSBm b3IgdGhpcyBkcmFmdCBpczoNCmh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9jL2RyYWZ0 LWlldGYtb3BzZWMtdXJwZi1pbXByb3ZlbWVudHMvIA0KDQpUaGVyZSBhcmUgYWxzbyBodG1saXpl ZCB2ZXJzaW9ucyBhdmFpbGFibGUgYXQ6DQpodHRwczovL3Rvb2xzLmlldGYub3JnL2h0bWwvZHJh ZnQtaWV0Zi1vcHNlYy11cnBmLWltcHJvdmVtZW50cy0wMyANCmh0dHBzOi8vZGF0YXRyYWNrZXIu aWV0Zi5vcmcvZG9jL2h0bWwvZHJhZnQtaWV0Zi1vcHNlYy11cnBmLWltcHJvdmVtZW50cy0wMyAN Cg0KQSBkaWZmIGZyb20gdGhlIHByZXZpb3VzIHZlcnNpb24gaXMgYXZhaWxhYmxlIGF0Og0KaHR0 cHM6Ly93d3cuaWV0Zi5vcmcvcmZjZGlmZj91cmwyPWRyYWZ0LWlldGYtb3BzZWMtdXJwZi1pbXBy b3ZlbWVudHMtMDMgDQo= From nobody Mon Jul 15 08:22:47 2019 Return-Path: X-Original-To: opsec@ietf.org Delivered-To: opsec@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B0C1120106; Mon, 15 Jul 2019 08:22:45 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: Ron Bonica via Datatracker To: X-Test-IDTracker: no X-IETF-IDTracker: 6.98.3 Auto-Submitted: auto-generated Precedence: bulk Cc: iesg-secretary@ietf.org, opsec@ietf.org, sandy@tislabs.com, opsec-chairs@ietf.org, Sandra Murphy Message-ID: <156320416556.27233.4864310596044757538.idtracker@ietfa.amsl.com> Date: Mon, 15 Jul 2019 08:22:45 -0700 Archived-At: Subject: [OPSEC] Publication has been requested for draft-ietf-opsec-urpf-improvements-03 X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2019 15:22:46 -0000 Ron Bonica has requested publication of draft-ietf-opsec-urpf-improvements-03 as Best Current Practice on behalf of the OPSEC working group. Please verify the document's state at https://datatracker.ietf.org/doc/draft-ietf-opsec-urpf-improvements/ From nobody Wed Jul 17 01:25:07 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 204E81201E9 for ; Wed, 17 Jul 2019 01:25:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.5 X-Spam-Level: X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=fUWZO2VS; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=ny7f2tfa Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9a70P_P-tykq for ; Wed, 17 Jul 2019 01:25:02 -0700 (PDT) Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B802C12009C for ; Wed, 17 Jul 2019 01:25:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2702; q=dns/txt; s=iport; t=1563351902; x=1564561502; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=M+hActl6ni2rPLeHRZfmkG2s1aoKG2+LEVRKIyvJNXQ=; b=fUWZO2VSASBPaG+rsasYokpiItyJ/y62jCscTbQtg+Gxg7ZeseoQ4BUS NywQO+H6ficpDUmWRgYNl6TZXbLTlnGjdPX+s9lnCKfMzV27l69zcYHfC ajY7bzcRBTNxoo13DFW265RMr+H3OGgnps2JXZv+RTBrvNkAPMzfCmSsi M=; IronPort-PHdr: =?us-ascii?q?9a23=3A7mf6bxL+jv4AlJ6D+dmcpTVXNCE6p7X5OBIU4Z?= =?us-ascii?q?M7irVIN76u5InmIFeBvad2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUg?= =?us-ascii?q?Mdz8AfngguGsmAXEDlPfjhbCESF8VZX1gj9Ha+YgBY?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0B/AADX2i5d/5hdJa1mHgEGBwaBUwk?= =?us-ascii?q?LAYFDUANtVSAECyqEHINHA45PTIFql3WBLhSBEANUCQEBAQwBARgLCgIBAYR?= =?us-ascii?q?AGYItIzQJDgEDAQEEAQECAQVthTwMhUsCAQMBARAREQwBAQcfBgwRAQgODAI?= =?us-ascii?q?mAgQlCxUSBAESIoMAAYFqAx0BAgyhZwKBOIhgcYEygnkBAQWBMgEDAgKBDYJ?= =?us-ascii?q?JGIITCYEMKAGLXheBQD+BEScME4IeLj6CYQEBA4EmIS6CdDKCJo54m28JAoI?= =?us-ascii?q?ZhliNNBuYCo01h0iQCAIEAgQFAg4BAQWBUDiBWHAVOyoBgkEJgjg3gzozhCY?= =?us-ascii?q?7hT9ygSmNDQEB?= X-IronPort-AV: E=Sophos;i="5.64,273,1559520000"; d="scan'208";a="596450472" Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 17 Jul 2019 08:25:01 +0000 Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by rcdn-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id x6H8P1lL025937 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 17 Jul 2019 08:25:01 GMT Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 17 Jul 2019 03:25:01 -0500 Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 17 Jul 2019 03:25:00 -0500 Received: from NAM01-BY2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 17 Jul 2019 03:25:00 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=L80VyrKWxJ4t9Zx4blydkui6IeVIxHuE7lfBBuvnHA8y2graxmIaXjgTVeirAcnP21BOhW+r4mWYd9VV6243UiEK2FmPlhEsWPL5a6xpm1TZY2oNo1Qg4dlkJ+ry9yhaeLUsdIPS8Ecq64HR3MD1sCjOrKMrSeFgFtMLC8sr1jy6aKR0nBStNpSVuugluOMJdkKXekViHyVSWlmeZDWqCE5OAn2YJmac9Or33ha9C5pdvqoyUNOX7C6i6VKzGdIHcb11k0Gr8aMKl5G4rHxjnm320EYGMsNJQT+tFjypEdm5GVk7HDQKMR9JW8TA0G5AbPZiRQhXSUWRjbyi0V87Xw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M+hActl6ni2rPLeHRZfmkG2s1aoKG2+LEVRKIyvJNXQ=; b=hMyVNA5JMn2g8h3k7NPt+JXAzA6LhWRGQ33Tto29+KjzXi/by5R9ibEfEmR25ByRgJSMqFef/oIXWB5cIrAe2dt1VDZWkcP7FS8BSSkvCnICpMfOjPJ12Yf/3i4v5hfnw46raq2u1URnhgDgSW6kCNKpwgkQEJPbuPxBC2lWhowkO7TxTkgRCHWqx9YScFSrB2nLTxxITzeSW/ZlhH0YGRGy7zLSFKrWs7AggEfxzEefo0Pq8SQ5uvCYpxt95c/9f33hnNHbJ9pEtq0CiXgbHJkdMVRmirN3a2WQSQafUdyf5nToqpPSsmSIosAGaskKrI0TtMtT2TMga7GK7hiDDA== ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=cisco.com;dmarc=pass action=none header.from=cisco.com;dkim=pass header.d=cisco.com;arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M+hActl6ni2rPLeHRZfmkG2s1aoKG2+LEVRKIyvJNXQ=; b=ny7f2tfaESkjmPw2dPzk//UVe7/vuBIp5nJze/SiD7VrNjnzNb7iW+Z9eRbXyyxCahZq6DFT5jbDp6pxCQubxh72vjrR7OcpnSIZkUHk8QlnuHaQ+ExG+6DeVj1XbegUKuiigXvL2GC/Q1xHJN7hHncBMc3Wi/NW+pjzVW18eP8= Received: from MN2PR11MB4144.namprd11.prod.outlook.com (20.179.150.210) by MN2PR11MB4032.namprd11.prod.outlook.com (20.179.149.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.14; Wed, 17 Jul 2019 08:24:57 +0000 Received: from MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::cc02:dc35:1f73:653c]) by MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::cc02:dc35:1f73:653c%7]) with mapi id 15.20.2073.012; Wed, 17 Jul 2019 08:24:57 +0000 From: "Eric Vyncke (evyncke)" To: Enno Rey , "opsec@ietf.org" Thread-Topic: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6) Thread-Index: AQHVPHkeVK6pRmxoXk+54ruAULfKog== Date: Wed, 17 Jul 2019 08:24:57 +0000 Message-ID: <851C8B13-6636-4336-82CB-2F2FC92C3FAE@cisco.com> Accept-Language: fr-BE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/10.1a.0.190609 authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com; x-originating-ip: [2001:420:c0c1:36:d03a:3618:ce9a:ce53] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 36ba9bb2-05bb-43b2-0ef3-08d70a9040c6 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MN2PR11MB4032; x-ms-traffictypediagnostic: MN2PR11MB4032: x-ms-exchange-purlcount: 5 x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-forefront-prvs: 01018CB5B3 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(136003)(376002)(39860400002)(366004)(346002)(199004)(189003)(51914003)(6246003)(6512007)(6306002)(5660300002)(33656002)(53936002)(14454004)(229853002)(2501003)(15974865002)(6506007)(478600001)(966005)(58126008)(46003)(66946007)(64756008)(66556008)(66476007)(66446008)(102836004)(81156014)(2616005)(476003)(71190400001)(6116002)(81166006)(71200400001)(486006)(91956017)(186003)(8936002)(256004)(14444005)(2906002)(8676002)(76116006)(15650500001)(7736002)(68736007)(86362001)(99286004)(36756003)(316002)(110136005)(305945005)(25786009)(6436002)(6486002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4032; H:MN2PR11MB4144.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: Rb+35NPGR6FtANuwyZVRulnMnFPrvIJM2HxOLaLuYDQYJ3NJluJ9ooP+VIzVj/+Lzb7+EF59pCMgqAWh7Ztw8DKUF3hbJAiuj/70So8g8NCoZm4G54CluCA5YchSxoI+WLHLV89T7+8Yje+ZsoPA4Dn/tu8gX/3P107z6+vvl0HjOuokeJhZelfvR0JVIPJlTenpt26kgwi6dnrcZigUsbBbCLqYUJohmtb7al+eZX1FRMEsnLRGmgD/jxlFHEjA4aEwljFTGHhw0s/1lN9BDa4jacmkXSekpLOiRFmZM9Ovwf0Fn17yXrbMCNRYgcmQGVjtLvEM1pmjbQcNTxohYBdQJhsI7NhlTgGn1YDfDpzgDuDbyg6LVl3aUGN6ePwvnw4UsDOOAk3mXIwWEdJbfEIU8GUjBf/kcUGXc0QCXGs= Content-Type: text/plain; charset="utf-8" Content-ID: <5E709C0989D0E045AA23D8A5141B091F@namprd11.prod.outlook.com> Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 36ba9bb2-05bb-43b2-0ef3-08d70a9040c6 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jul 2019 08:24:57.3395 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: evyncke@cisco.com X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4032 X-OriginatorOrg: cisco.com X-Outbound-SMTP-Client: 173.37.102.13, xch-rcd-003.cisco.com X-Outbound-Node: rcdn-core-1.cisco.com Archived-At: Subject: Re: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6) X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jul 2019 08:25:05 -0000 SmVuLCBSb24sDQoNCkFzIGNvLWF1dGhvciBvZiB0aGUgZG9jdW1lbnQsIHRoZSBsYXRlc3QgLTE3 IHJldmlzaW9uIGRhdGVkIDIwMTktMDctMDUgYWRkcmVzc2VzIChhdCBsZWFzdCBmcm9tIHRoZSBh dXRob3JzIHBvaW50IG9mIHZpZXcpOg0KLSB0aGUgY29tbWVudHMgcmVjZWl2ZWQgZHVyaW5nIHRo ZSBXRyBtZWV0aW5nIGF0IElFVEYtMTA0DQotIHRoZSBPUFNESVIgcmV2aWV3IGJ5IFRpbSBDaG93 biBkYXRlZCAyMDE4LTA3LTAyDQotIHRoZSBXR0xDIGVuZGVkIGluIDIwMTctMDktMjkNCg0KVGhl IHN0YXRlIG9mIHRoZSBkb2N1bWVudCBpbiB0aGUgZGF0YXRyYWNrZXIgaXMgc3RpbGwgIlJldmlz ZWQgSS1EIE5lZWRlZCAtIElzc3VlIHJhaXNlZCBieSBXR0xDIiBzaW5jZSAyMDE3LTA5LTI5IHRo b3VnaC4gQXMgSSB3YXMgY28tY2hhaXIgYXQgdGhhdCBwb2ludCBvZiB0aW1lLCBJIHNob3VsZCBo YXZlIHJlc2V0IHRoZSBzdGF0ZSB0byBhIG1vcmUgc3VpdGFibGUgb25lLi4uIFdvdWxkIHlvdSBt aW5kIHJlc2V0dGluZyB0aGUgc3RhdGUgdG8gYSBtb3JlIHN1aXRhYmxlIG9uZT8NCg0KTm90ZTog SSBoYXZlIHJlcXVlc3RlZCBhIHNsb3QgdG8gcHJlc2VudCB0aGlzIHdvcmsgYXQgVjZPUFMgaHR0 cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9tZWV0aW5nLzEwNS9tYXRlcmlhbHMvYWdlbmRhLTEw NS12Nm9wcy0wMw0KDQpXaXRoIGFsbCB0aGUgcmV2aWV3cyBhbmQgdGhlIHVwZGF0ZXMsIG1heSBJ IGtpbmRseSBzdWdnZXN0LCBpZiB0aGUgV0cgY2hhaXJzIGFuZCBtZW1iZXJzIGFncmVlLCB0byBy ZXF1ZXN0IHB1YmxpY2F0aW9uPyBIYXBweSB0byB0YWxrIHRvIHlvdSBpbiBNb250cmVhbCBvZiBj b3Vyc2UuDQoNClRoYW5rIHlvdSBmb3IgY29uc2lkZXJpbmcgdGhpcyByZXF1ZXN0LA0KDQotw6ly aWMNCg0K77u/T24gMDYvMDcvMjAxOSwgMTg6NDMsICJPUFNFQyBvbiBiZWhhbGYgb2YgRW5ubyBS ZXkiIDxvcHNlYy1ib3VuY2VzQGlldGYub3JnIG9uIGJlaGFsZiBvZiBlcmV5QGVybncuZGU+IHdy b3RlOg0KDQogICAgRGVhciBXRyBDaGFpcnMsIEFsbCwNCiAgICANCiAgICB3ZSd2ZSBjb25zaWRl cmVkICYgbW9zdGx5IGluY29ycG9yYXRlZCB0aGUgaW5wdXQgZnJvbSB0aGUgbWFpbGluZyBsaXN0 ICh0aGFua3MgZm9yIHRoZSBsYXRlc3QgcmV2aWV3cyBhbmQgY29tbWVudHMhKSBhbmQgZnJvbSB0 aGUgSUVURjEwNCBzZXNzaW9uLCBhbmQgd2UnZCBoZW5jZSBsaWtlIHRvIGFzayBmb3IgV0dMQyBv ZiB0aGUgZG9jdW1lbnQuDQogICAgDQogICAgdGhhbmtzDQogICAgDQogICAgRW5ubw0KICAgIA0K ICAgIA0KICAgIA0KICAgIC0tIA0KICAgIEVubm8gUmV5DQogICAgDQogICAgRVJOVyBHbWJIIC0g Q2FybC1Cb3NjaC1TdHIuIDQgLSA2OTExNSBIZWlkZWxiZXJnIC0gd3d3LmVybncuZGUNCiAgICBU ZWwuICs0OSA2MjIxIDQ4MDM5MCAtIEZheCA2MjIxIDQxOTAwOCAtIENlbGwgKzQ5IDE3MyA2NzQ1 OTAyIA0KICAgIA0KICAgIEhhbmRlbHNyZWdpc3RlciBNYW5uaGVpbTogSFJCIDMzNzEzNQ0KICAg IEdlc2NoYWVmdHNmdWVocmVyOiBGbG9yaWFuIEdydW5vdywgTWljaGFlbCBTY2hhZWZlciANCiAg ICANCiAgICA9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09DQogICAgQmxvZzogd3d3Lmluc2ludWF0b3IubmV0IHx8IENvbmZlcmVuY2U6IHd3dy50 cm9vcGVycy5kZQ0KICAgIFR3aXR0ZXI6IEBFbm5vX0luc2ludWF0b3INCiAgICA9PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQogICAgDQogICAg X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCiAgICBPUFNF QyBtYWlsaW5nIGxpc3QNCiAgICBPUFNFQ0BpZXRmLm9yZw0KICAgIGh0dHBzOi8vd3d3LmlldGYu b3JnL21haWxtYW4vbGlzdGluZm8vb3BzZWMNCiAgICANCg0K From nobody Thu Jul 18 08:02:26 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22A31120779 for ; Thu, 18 Jul 2019 08:02:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yRtDGI9T0zxP for ; Thu, 18 Jul 2019 08:02:17 -0700 (PDT) Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7181F120764 for ; Thu, 18 Jul 2019 08:02:17 -0700 (PDT) Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x6IF0BrF011251; Thu, 18 Jul 2019 08:02:12 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=OrQ2MihqH/MbfrT8hhX163hk1y4UhaSJU4SReHRtEu0=; b=KjFW4d8v/unZbv5jUpG/T9k0pserfgwpLra4HbtJWyNZ9sbzzy/vI9Y2CJL/4kESCgbf qo59P5GU/XHNrGtwASssfEWXT5G6p3b4+jo6tewOSzk3fkEigdcwq5heDIsRUM1fSQ4x 84s+Ar8fFhGRCxHIKUOQqhTuxV+wD2Wd4h0u6WNNwtv3IwxTOffv5jjUQcq3C5hCZEMg dnQzP7HVelI3ga0aFIxHStBDkWmpKw3Rz2H6ddzbkqqknr+oeqp+nW3WteZHTRP1OCzK 6+/hr9rACOmEs1vMa92n4QtxHXGh3hKEafvYdmb53AuVAFfsa4ie9WzEQ3GCiIJIVjwr bg== Received: from nam04-sn1-obe.outbound.protection.outlook.com (mail-sn1nam04lp2059.outbound.protection.outlook.com [104.47.44.59]) by mx0a-00273201.pphosted.com with ESMTP id 2ttr6k0amq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 18 Jul 2019 08:02:12 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BtkT+Ya9XNzVxQZNTakFEiWeRgCW46pl/6fifZnDxG1oSlr4gB1SxwsvHJXakxxN7XOC00d+oZOappKBX3bahCTzxLGRH7SmLNGVjbLgeG5/2Q0Tq5ZOSnvnXegdyIC4xkHhKS1G1oVIaxZx1Hmk8QkTXMkBWWUYcmsEhhHYF9jvKaZT65CaNMNYhTUwJFhFowLvLbLspMqTJ9vjMc/9ASqI4UDVGB6Ma9BPR3MU53WWjZDPaGeNCUOLA63Q7eWlxP5TXmiZU7pEW9l7p7FwJfVI27u9cOLgIAwkUkLRYEvkLok1mv0fQbxTymNpOvrchHTrxgQGSrVPHV6YWEux7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OrQ2MihqH/MbfrT8hhX163hk1y4UhaSJU4SReHRtEu0=; b=GwrTLRGY2pjZGK7IUvimp3RCWV9CGu7iqOEVcrZPIy1TYWSkynOWYX/efc+HO9QYprwzIBaWE8OM2K/rC8z7XRtUc14EwIjL7qnABziCGgLeJXnhH0mk7MZIMm5UEaQF3MOYXu0JWXxyoFXhipiOIOodvhcxW3j3t/gWBbF0lngP7VrB53g2Q/kxpeEi65xoJAHEA79KZtCYAx/fFzgmCKnvjfL+WULRxPZ+xrOjYZsTdnZm2bWRRUt0gUUZAwrgbGIg57BlrrpPU+3K4GIuvpLcmSlFmzXsKSQHifqZM0+COgPvfBhXoleXYnnjs04psj+wVWQJpTMwnicuEcD5kQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=juniper.net;dmarc=pass action=none header.from=juniper.net;dkim=pass header.d=juniper.net;arc=none Received: from SN6PR05MB5424.namprd05.prod.outlook.com (52.135.109.143) by SN6PR05MB5085.namprd05.prod.outlook.com (20.177.249.95) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.8; Thu, 18 Jul 2019 15:02:10 +0000 Received: from SN6PR05MB5424.namprd05.prod.outlook.com ([fe80::a8c7:83ed:3b1d:f33b]) by SN6PR05MB5424.namprd05.prod.outlook.com ([fe80::a8c7:83ed:3b1d:f33b%3]) with mapi id 15.20.2094.009; Thu, 18 Jul 2019 15:02:10 +0000 From: Ron Bonica To: "Eric Vyncke (evyncke)" , Enno Rey , "opsec@ietf.org" Thread-Topic: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6) Thread-Index: AQHVPHkeVK6pRmxoXk+54ruAULfKoqbQeohQ Content-Class: Date: Thu, 18 Jul 2019 15:02:10 +0000 Message-ID: References: <851C8B13-6636-4336-82CB-2F2FC92C3FAE@cisco.com> In-Reply-To: <851C8B13-6636-4336-82CB-2F2FC92C3FAE@cisco.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.2.0.14 dlp-reaction: no-action msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbonica@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-07-18T15:02:08.9913175Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=312a487f-82f4-4203-9e4d-1128ab79765c; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic x-originating-ip: [66.129.241.11] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 0de7c116-3211-40f6-760a-08d70b90e8b2 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:SN6PR05MB5085; x-ms-traffictypediagnostic: SN6PR05MB5085: x-ms-exchange-purlcount: 5 x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:1051; x-forefront-prvs: 01026E1310 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(366004)(376002)(39860400002)(136003)(346002)(396003)(51914003)(13464003)(199004)(189003)(33656002)(26005)(99286004)(9686003)(102836004)(53546011)(966005)(15650500001)(6506007)(68736007)(7736002)(6306002)(14444005)(11346002)(86362001)(7696005)(55016002)(305945005)(74316002)(186003)(6116002)(3846002)(66066001)(76176011)(229853002)(446003)(81166006)(2501003)(81156014)(256004)(8676002)(8936002)(76116006)(66446008)(486006)(64756008)(66946007)(66476007)(25786009)(53936002)(110136005)(2906002)(66556008)(52536014)(15974865002)(6246003)(71190400001)(6436002)(71200400001)(14454004)(478600001)(316002)(476003)(5660300002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR05MB5085; H:SN6PR05MB5424.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: wD0IUHaMkoqzgbGpx2p8jwzWLnye9sXWIhWeDuBE18KG3UbQlzqEgU0rFyLLi4y1JCC4JG2IdujysAimt2ojW6xa63/NHP0Ja/43qXUbBgkmhkGHvmgYnbB6LuxyZr1s9NsprmB/y7Gua1YWO3C8OnhUbhuFrHNwpOkdW55RlUPjKEG04Ej2FQjU5WPZtnZw+GWjPqF12PhMYVqueae8sKsprmpLnL/aOWogBdD5uyGGV0JH1rVNCO/MjIO8Kti7myEjPetiLO+7uqCGUpVAgpY/8M6Axx9GEyb8SSNFuS7Lu19Eo/Yu/wt+aTd45l2qaPFHAMJjuVKMf2lHQswiJ33+nvVLiF7EqNZWLzJY4JsKu7HD6bttrE8laggemym+HcGcyn4vckuYQ5aCUrIRdd2UEnb8UfV5vn1mZxFEqjk= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-Network-Message-Id: 0de7c116-3211-40f6-760a-08d70b90e8b2 X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jul 2019 15:02:10.2341 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: rbonica@juniper.net X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR05MB5085 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-07-18_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1907180157 Archived-At: Subject: Re: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6) X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jul 2019 15:02:25 -0000 TGV0J3MgY2hhdCBhYm91dCB0aGlzIGRyYWZ0IG5leHQgd2Vlay4NCg0KICAgICAgICAgICAgICAg ICAgIFJvbg0KDQoNCg0KSnVuaXBlciBCdXNpbmVzcyBVc2UgT25seQ0KDQotLS0tLU9yaWdpbmFs IE1lc3NhZ2UtLS0tLQ0KRnJvbTogT1BTRUMgPG9wc2VjLWJvdW5jZXNAaWV0Zi5vcmc+IE9uIEJl aGFsZiBPZiBFcmljIFZ5bmNrZSAoZXZ5bmNrZSkNClNlbnQ6IFdlZG5lc2RheSwgSnVseSAxNywg MjAxOSA0OjI1IEFNDQpUbzogRW5ubyBSZXkgPGVyZXlAZXJudy5kZT47IG9wc2VjQGlldGYub3Jn DQpTdWJqZWN0OiBSZTogW09QU0VDXSBPcGVyYXRpb25hbCBTZWN1cml0eSBDb25zaWRlcmF0aW9u cyBmb3IgSVB2NiBOZXR3b3JrcyAoZHJhZnQtaWV0Zi1vcHNlYy12NikNCg0KSmVuLCBSb24sDQoN CkFzIGNvLWF1dGhvciBvZiB0aGUgZG9jdW1lbnQsIHRoZSBsYXRlc3QgLTE3IHJldmlzaW9uIGRh dGVkIDIwMTktMDctMDUgYWRkcmVzc2VzIChhdCBsZWFzdCBmcm9tIHRoZSBhdXRob3JzIHBvaW50 IG9mIHZpZXcpOg0KLSB0aGUgY29tbWVudHMgcmVjZWl2ZWQgZHVyaW5nIHRoZSBXRyBtZWV0aW5n IGF0IElFVEYtMTA0DQotIHRoZSBPUFNESVIgcmV2aWV3IGJ5IFRpbSBDaG93biBkYXRlZCAyMDE4 LTA3LTAyDQotIHRoZSBXR0xDIGVuZGVkIGluIDIwMTctMDktMjkNCg0KVGhlIHN0YXRlIG9mIHRo ZSBkb2N1bWVudCBpbiB0aGUgZGF0YXRyYWNrZXIgaXMgc3RpbGwgIlJldmlzZWQgSS1EIE5lZWRl ZCAtIElzc3VlIHJhaXNlZCBieSBXR0xDIiBzaW5jZSAyMDE3LTA5LTI5IHRob3VnaC4gQXMgSSB3 YXMgY28tY2hhaXIgYXQgdGhhdCBwb2ludCBvZiB0aW1lLCBJIHNob3VsZCBoYXZlIHJlc2V0IHRo ZSBzdGF0ZSB0byBhIG1vcmUgc3VpdGFibGUgb25lLi4uIFdvdWxkIHlvdSBtaW5kIHJlc2V0dGlu ZyB0aGUgc3RhdGUgdG8gYSBtb3JlIHN1aXRhYmxlIG9uZT8NCg0KTm90ZTogSSBoYXZlIHJlcXVl c3RlZCBhIHNsb3QgdG8gcHJlc2VudCB0aGlzIHdvcmsgYXQgVjZPUFMgaHR0cHM6Ly91cmxkZWZl bnNlLnByb29mcG9pbnQuY29tL3YyL3VybD91PWh0dHBzLTNBX19kYXRhdHJhY2tlci5pZXRmLm9y Z19tZWV0aW5nXzEwNV9tYXRlcmlhbHNfYWdlbmRhLTJEMTA1LTJEdjZvcHMtMkQwMyZkPUR3SUdh USZjPUhBa1l1aDYzcnN1aHI2U2NiZmgwVWpCWGVNSy1uZGIzdm9EVFhjV3pvQ0kmcj1GY2g5RlE4 MnNpci1Cb0x4ODRoS3VLd2wtQVdGMkVmcEhjQXdyRFRoS1A4Jm09dEtEYmVMMUNvQTYxY09ZQjRx ZXMtcVBsQTZPb0YtSnBITDhpNE4tODRSNCZzPVdGc3ZMbmRTa0hlUlZyeFVFUTVYRDFydWQ5YUVy SThXcFVfZC1mR0c4RjgmZT0gDQoNCldpdGggYWxsIHRoZSByZXZpZXdzIGFuZCB0aGUgdXBkYXRl cywgbWF5IEkga2luZGx5IHN1Z2dlc3QsIGlmIHRoZSBXRyBjaGFpcnMgYW5kIG1lbWJlcnMgYWdy ZWUsIHRvIHJlcXVlc3QgcHVibGljYXRpb24/IEhhcHB5IHRvIHRhbGsgdG8geW91IGluIE1vbnRy ZWFsIG9mIGNvdXJzZS4NCg0KVGhhbmsgeW91IGZvciBjb25zaWRlcmluZyB0aGlzIHJlcXVlc3Qs DQoNCi3DqXJpYw0KDQrvu79PbiAwNi8wNy8yMDE5LCAxODo0MywgIk9QU0VDIG9uIGJlaGFsZiBv ZiBFbm5vIFJleSIgPG9wc2VjLWJvdW5jZXNAaWV0Zi5vcmcgb24gYmVoYWxmIG9mIGVyZXlAZXJu dy5kZT4gd3JvdGU6DQoNCiAgICBEZWFyIFdHIENoYWlycywgQWxsLA0KICAgIA0KICAgIHdlJ3Zl IGNvbnNpZGVyZWQgJiBtb3N0bHkgaW5jb3Jwb3JhdGVkIHRoZSBpbnB1dCBmcm9tIHRoZSBtYWls aW5nIGxpc3QgKHRoYW5rcyBmb3IgdGhlIGxhdGVzdCByZXZpZXdzIGFuZCBjb21tZW50cyEpIGFu ZCBmcm9tIHRoZSBJRVRGMTA0IHNlc3Npb24sIGFuZCB3ZSdkIGhlbmNlIGxpa2UgdG8gYXNrIGZv ciBXR0xDIG9mIHRoZSBkb2N1bWVudC4NCiAgICANCiAgICB0aGFua3MNCiAgICANCiAgICBFbm5v DQogICAgDQogICAgDQogICAgDQogICAgLS0gDQogICAgRW5ubyBSZXkNCiAgICANCiAgICBFUk5X IEdtYkggLSBDYXJsLUJvc2NoLVN0ci4gNCAtIDY5MTE1IEhlaWRlbGJlcmcgLSB3d3cuZXJudy5k ZQ0KICAgIFRlbC4gKzQ5IDYyMjEgNDgwMzkwIC0gRmF4IDYyMjEgNDE5MDA4IC0gQ2VsbCArNDkg MTczIDY3NDU5MDIgDQogICAgDQogICAgSGFuZGVsc3JlZ2lzdGVyIE1hbm5oZWltOiBIUkIgMzM3 MTM1DQogICAgR2VzY2hhZWZ0c2Z1ZWhyZXI6IEZsb3JpYW4gR3J1bm93LCBNaWNoYWVsIFNjaGFl ZmVyIA0KICAgIA0KICAgID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT0NCiAgICBCbG9nOiB3d3cuaW5zaW51YXRvci5uZXQgfHwgQ29uZmVyZW5j ZTogd3d3LnRyb29wZXJzLmRlDQogICAgVHdpdHRlcjogQEVubm9fSW5zaW51YXRvcg0KICAgID09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NCiAg ICANCiAgICBfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0K ICAgIE9QU0VDIG1haWxpbmcgbGlzdA0KICAgIE9QU0VDQGlldGYub3JnDQogICAgaHR0cHM6Ly91 cmxkZWZlbnNlLnByb29mcG9pbnQuY29tL3YyL3VybD91PWh0dHBzLTNBX193d3cuaWV0Zi5vcmdf bWFpbG1hbl9saXN0aW5mb19vcHNlYyZkPUR3SUdhUSZjPUhBa1l1aDYzcnN1aHI2U2NiZmgwVWpC WGVNSy1uZGIzdm9EVFhjV3pvQ0kmcj1GY2g5RlE4MnNpci1Cb0x4ODRoS3VLd2wtQVdGMkVmcEhj QXdyRFRoS1A4Jm09dEtEYmVMMUNvQTYxY09ZQjRxZXMtcVBsQTZPb0YtSnBITDhpNE4tODRSNCZz PU1NSE5ab0k4bU8wMFVwS3ZJa1NkTUVKRFZNaUhJeGpCREt1VG1yRkJRMzAmZT0gDQogICAgDQoN Cl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fDQpPUFNFQyBt YWlsaW5nIGxpc3QNCk9QU0VDQGlldGYub3JnDQpodHRwczovL3VybGRlZmVuc2UucHJvb2Zwb2lu dC5jb20vdjIvdXJsP3U9aHR0cHMtM0FfX3d3dy5pZXRmLm9yZ19tYWlsbWFuX2xpc3RpbmZvX29w c2VjJmQ9RHdJR2FRJmM9SEFrWXVoNjNyc3VocjZTY2JmaDBVakJYZU1LLW5kYjN2b0RUWGNXem9D SSZyPUZjaDlGUTgyc2lyLUJvTHg4NGhLdUt3bC1BV0YyRWZwSGNBd3JEVGhLUDgmbT10S0RiZUwx Q29BNjFjT1lCNHFlcy1xUGxBNk9vRi1KcEhMOGk0Ti04NFI0JnM9TU1ITlpvSThtTzAwVXBLdklr U2RNRUpEVk1pSEl4akJES3VUbXJGQlEzMCZlPSANCg== From nobody Sun Jul 21 08:49:34 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40527120020 for ; Sun, 21 Jul 2019 08:49:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=consulintel.es Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dtqQ2ofHJ3UP for ; Sun, 21 Jul 2019 08:49:29 -0700 (PDT) Received: from mail.consulintel.es (mail.consulintel.es [IPv6:2001:470:1f09:495::5]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D2F1120019 for ; Sun, 21 Jul 2019 08:49:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=consulintel.es; s=MDaemon; t=1563724166; x=1564328966; i=jordi.palet@consulintel.es; q=dns/txt; h=User-Agent:Date: Subject:From:To:Message-ID:Thread-Topic:References:In-Reply-To: Mime-version:Content-type:Content-transfer-encoding; bh=AdcT60Ne M6SOWVkvLiwJig59ToJ2Q5O1vY9e8xUmSB8=; b=XHKdezHHAaAhdBTqgmt/mRnW DAK4EUXuiVFkJi/JACxsgpp0Etecdq57CdN7Ozbe7hpVOuuVkkPKy9z+RSX0jNvo 5dWkTwNfl0fIzxCaZO5lbWhD4gKytLMQTw5FRYtH4Jjx2cV3TOGvBhCo8K8Ktxmh Xl51fhbzfyjZBBKMzKY= X-MDAV-Result: clean X-MDAV-Processed: mail.consulintel.es, Sun, 21 Jul 2019 17:49:26 +0200 X-Spam-Processed: mail.consulintel.es, Sun, 21 Jul 2019 17:49:26 +0200 Received: from [31.133.129.166] by mail.consulintel.es (MDaemon PRO v16.5.2) with ESMTPA id md50006332021.msg for ; Sun, 21 Jul 2019 17:49:25 +0200 X-MDRemoteIP: 2001:67c:370:128:9065:52c2:6349:39f8 X-MDHelo: [31.133.129.166] X-MDArrival-Date: Sun, 21 Jul 2019 17:49:25 +0200 X-Authenticated-Sender: jordi.palet@consulintel.es X-Return-Path: prvs=1105e7c234=jordi.palet@consulintel.es X-Envelope-From: jordi.palet@consulintel.es X-MDaemon-Deliver-To: opsec@ietf.org User-Agent: Microsoft-MacOutlook/10.10.c.190715 Date: Sun, 21 Jul 2019 11:49:21 -0400 From: JORDI PALET MARTINEZ To: "Eric Vyncke (evyncke)" , Enno Rey , "opsec@ietf.org" Message-ID: Thread-Topic: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6) References: <851C8B13-6636-4336-82CB-2F2FC92C3FAE@cisco.com> In-Reply-To: <851C8B13-6636-4336-82CB-2F2FC92C3FAE@cisco.com> Mime-version: 1.0 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable Archived-At: Subject: Re: [OPSEC] Operational Security Considerations for IPv6 Networks (draft-ietf-opsec-v6) X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Jul 2019 15:49:32 -0000 Hi Eric, Thanks for considering my previous inputs. However, I think it is still important to remark the different implications= of MAP-T vs MAP-E and also consider lw4o6. Same for the implications of not having a DNS proxy in some transition mech= anism, as stated in RFC8585. Also, in section 5. Residential Users Security Considerations =20 Replace If the Residential Gateway has IPv6 connectivity, [RFC7084] defines the requirements of an IPv6 CPE and does not take position on the debate of default IPv6 security policy as defined in [RFC6092]: =20 with=20 If the Residential Gateway has IPv6 connectivity, [RFC7084] and [RFC858= 5]=20 define the requirements of an IPv6 CPE and does not take position on th= e=20 debate of default IPv6 security policy as defined in [RFC6092]: =20 I think in this section, it makes sense a reference to Section 5. UPnP= Support of draft-ietf-v6ops-transition-ipv4aas, which also includes a refe= rence to PCP support. Does it make sense to mention a specific operator or should this paragraph = be anonymized? There is also an alternate solution which has been deployed notably by Swisscom: open to all outbound and inbound connections at the exception of an handful of TCP and UDP ports known as vulnerable. In any case "an handful" -> "a handful"? Some nits: 2.1.1 more feasable -> more feasible ? 2.7.2 some bullets finish with ";" others with "." 3.2 Missing ending "." for paragraph at the end of "provided in Section 2.8= " Regards, Jordi @jordipalet =20 =20 =EF=BB=BFEl 17/7/19 4:25, "OPSEC en nombre de Eric Vyncke (evyncke)" escribi=C3=B3: Jen, Ron, =20 As co-author of the document, the latest -17 revision dated 2019-07-05 = addresses (at least from the authors point of view): - the comments received during the WG meeting at IETF-104 - the OPSDIR review by Tim Chown dated 2018-07-02 - the WGLC ended in 2017-09-29 =20 The state of the document in the datatracker is still "Revised I-D Need= ed - Issue raised by WGLC" since 2017-09-29 though. As I was co-chair at th= at point of time, I should have reset the state to a more suitable one... W= ould you mind resetting the state to a more suitable one? =20 Note: I have requested a slot to present this work at V6OPS https://dat= atracker.ietf.org/meeting/105/materials/agenda-105-v6ops-03 =20 With all the reviews and the updates, may I kindly suggest, if the WG c= hairs and members agree, to request publication? Happy to talk to you in Mo= ntreal of course. =20 Thank you for considering this request, =20 -=C3=A9ric =20 =EF=BB=BFOn 06/07/2019, 18:43, "OPSEC on behalf of Enno Rey" wrote: =20 Dear WG Chairs, All, =20 we've considered & mostly incorporated the input from the mailing l= ist (thanks for the latest reviews and comments!) and from the IETF104 sess= ion, and we'd hence like to ask for WGLC of the document. =20 thanks =20 Enno =20 =20 =20 --=20 Enno Rey =20 ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902=20 =20 Handelsregister Mannheim: HRB 337135 Geschaeftsfuehrer: Florian Grunow, Michael Schaefer=20 =20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D Blog: www.insinuator.net || Conference: www.troopers.de Twitter: @Enno_Insinuator =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D =20 _______________________________________________ OPSEC mailing list OPSEC@ietf.org https://www.ietf.org/mailman/listinfo/opsec =20 =20 _______________________________________________ OPSEC mailing list OPSEC@ietf.org https://www.ietf.org/mailman/listinfo/opsec =20 ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.theipv6company.com The IPv6 Company This electronic message contains information which may be privileged or con= fidential. The information is intended to be for the exclusive use of the i= ndividual(s) named above and further non-explicilty authorized disclosure, = copying, distribution or use of the contents of this information, even if p= artially, including attached files, is strictly prohibited and will be cons= idered a criminal offense. If you are not the intended recipient be aware t= hat any disclosure, copying, distribution or use of the contents of this in= formation, even if partially, including attached files, is strictly prohibi= ted, will be considered a criminal offense, so you must reply to the origin= al sender to inform about this communication and delete it. From nobody Mon Jul 22 15:12:11 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E66A1200B8 for ; Mon, 22 Jul 2019 15:12:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.501 X-Spam-Level: X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Cv8d7xUj; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=zEW2nAl8 Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U4A-XwgKvbpe for ; Mon, 22 Jul 2019 15:12:07 -0700 (PDT) Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFD751200B1 for ; Mon, 22 Jul 2019 15:12:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1072; q=dns/txt; s=iport; t=1563833526; x=1565043126; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=W/TKpcm9unFkH2SUOSk8v1Yh8PgEjylK6GS2Ljm3dpU=; b=Cv8d7xUj0Ri8PXa5CQVHxzbrClgtyS5bF2xc2fzyCy3dzppvoE75fZUc rsx2QLMv4ZePwBAeJOPszneLsZmgXi1e7F0anRE1eif/IzvzCZgj1GCR/ EE/3CzxrYDw9m298LWCjxNDtd7Cq154swo8b20oVyhtVqY/bciKMWqBuv w=; IronPort-PHdr: =?us-ascii?q?9a23=3Ai15juBw3vzaqCQ3XCy+N+z0EezQntrPoPwUc9p?= =?us-ascii?q?sgjfdUf7+++4j5YRGN/u1j2VnOW4iTq+lJjebbqejBYSQB+t7A+GsHbIQKUh?= =?us-ascii?q?YEjcsMmAl1HsmBG2XwLeXhaGoxG8ERHFI=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AIAAB7MzZd/5NdJa1cChoBAQEBAQI?= =?us-ascii?q?BAQEBBwIBAQEBgVMFAQEBAQsBgUNQA4FCIAQLFhQKh1oDhFKJK5orgS6BJAN?= =?us-ascii?q?UCQEBAQwBAS0CAQGEQAKCYyM0CQ4BAwEBBAEBAgEGbYUeDIVLAgEDEigGAQE?= =?us-ascii?q?3AQ8CAT4QMiUBAQQODRqEawMdAQKgUQKBOIhggiOCeQEBBYUMGIITCYE0AYt?= =?us-ascii?q?eF4F/gRFGhxoJLYM7giaqZwkCghmUJ5gKpQUCBAIEBQIOAQEFgVA4gVhwFYM?= =?us-ascii?q?ngkKDcYpTcoEpjUwBgSABAQ?= X-IronPort-AV: E=Sophos;i="5.64,296,1559520000"; d="scan'208";a="600092276" Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 22 Jul 2019 22:12:06 +0000 Received: from XCH-ALN-011.cisco.com (xch-aln-011.cisco.com [173.36.7.21]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id x6MMC6Ui011375 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL) for ; Mon, 22 Jul 2019 22:12:06 GMT Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-ALN-011.cisco.com (173.36.7.21) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 22 Jul 2019 17:12:05 -0500 Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 22 Jul 2019 17:12:05 -0500 Received: from NAM01-SN1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 22 Jul 2019 17:12:05 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n3IAVsgdJS2a1kEtmxg9DImEpk5pVUHtJlbshNIFngwUpkKvMLtnwW9TOuXfrh+PSekUGXPvNTdosu78FuxxPVC5R/Z1dQcdkBh5xAIUtfv/ut2bG4dHz4fjvFN/zS3rrdwD3y7mbbXRymUht83V9KVlP2DCucnlZ6e6C4oKPKpljT6wGQXrJtUXJ4GbC1rwePqIum2NiJvjimOrZRfSzsKgzxOoK3b++vRBc/H5oojKDzn/IWRzJgQF5AtinpB2R5eFT6u7tiNBt7ydkzbfhzEv1wpQWPt2VqxzsuNg2BcXoOfz2+rFBPlyY1lD/3LtUwHIOeWf8+mQCk1gizBdKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=W/TKpcm9unFkH2SUOSk8v1Yh8PgEjylK6GS2Ljm3dpU=; b=SWSOtDBpTtPw/9rgnpoIA5sucrLiCF9FBF4k2KvhkaHkTaHRFsTOsp2bXyiiC1m30rgB2ojnM+0E2wb1vegDeNDhMkpkWbmSq837yg8lSlzVpTGOIclBooz8tLfEMn/salaTSYeRKkbzc72S1cBss1T0xDR5dqIzLADrj53kmsHMXecY3CjQyvg4Q8/pLU44xB6dv6jJZXxG49SP+tfBOENsqVCTPOcF5dvaZDlndE/2BzMzvHWQQ3j3JLA+UW+OkFkLya0pTQJMkSH1nn/E6fe5Lee6L+VaSvTcFte5IQigeMN1TipPh8l2zrMCFnGSrBD1qiA9bbhps3d7Hnh+ng== ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=cisco.com;dmarc=pass action=none header.from=cisco.com;dkim=pass header.d=cisco.com;arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=W/TKpcm9unFkH2SUOSk8v1Yh8PgEjylK6GS2Ljm3dpU=; b=zEW2nAl8RYKkyI/TIy/uBLCrFvtIvajPfxQq8XwiuMP0jlBBFSA5MKyqNtj41Abh6DSijTgFl4rRn9T1DUILn2y4J5yhZCGJOnhyRqHTaQXAuGQyTyEUxsnPCAniikoIf29cQZ4J7SSqW47KHXPz8tk+BHdjVSu674cpVUG+Srw= Received: from BN8PR11MB3601.namprd11.prod.outlook.com (20.178.219.23) by BN8PR11MB3602.namprd11.prod.outlook.com (20.178.219.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.16; Mon, 22 Jul 2019 22:12:04 +0000 Received: from BN8PR11MB3601.namprd11.prod.outlook.com ([fe80::78f2:2e3e:7140:d829]) by BN8PR11MB3601.namprd11.prod.outlook.com ([fe80::78f2:2e3e:7140:d829%7]) with mapi id 15.20.2094.017; Mon, 22 Jul 2019 22:12:04 +0000 From: "Bernie Volz (volz)" To: "Eric Vyncke (evyncke)" CC: "opsec@ietf.org" Thread-Topic: draft-ietf-opsec-v6-17 Thread-Index: AdVA131ZRg7Av2Q1S0WVN4M41LlOvgAAumVg Date: Mon, 22 Jul 2019 22:12:04 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=volz@cisco.com; x-originating-ip: [173.38.117.80] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a3dd361e-503c-4f52-8601-08d70ef1a0c0 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BN8PR11MB3602; x-ms-traffictypediagnostic: BN8PR11MB3602: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:2512; x-forefront-prvs: 01068D0A20 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(346002)(136003)(366004)(39860400002)(396003)(199004)(189003)(33656002)(74316002)(99286004)(14444005)(66446008)(256004)(64756008)(66556008)(76116006)(66946007)(66476007)(2940100002)(71190400001)(316002)(8936002)(486006)(6116002)(3846002)(2906002)(71200400001)(81166006)(81156014)(6862004)(478600001)(26005)(52536014)(9686003)(7736002)(55016002)(186003)(476003)(25786009)(11346002)(66066001)(305945005)(8676002)(53936002)(5660300002)(446003)(102836004)(6636002)(76176011)(4326008)(68736007)(7696005)(86362001)(6436002)(14454004)(6506007); DIR:OUT; SFP:1101; SCL:1; SRVR:BN8PR11MB3602; H:BN8PR11MB3601.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: 40ABLUcXQVW2FSYbDDOxE1yq+WMzO6jXGNDrH5VT8arlQqCCyMK9XmkpEbEpbOXZgFdCnhLta+/4b6rbDBLqNf0voynmfOHol3X4DZxxfSxK7F4I4MFrDwNzezhxi8U5C+eXXcnDx1ESQ1e6QEIwUj45M+nrdbtduVroi616fZBhe4LGCosqSfKWN14YxjaEiSrR49TpfNSa0l4msaV8jZQBgZ9ChqamEfrkfyywqo/I/65/ZfyXrBXl3FWcZvQ9Pv0axgagPTRg3WWKr0ofABdW1STHJ8pBjS64k0yYeS0mLzCHHzY1rgRMHQ1RtNy8FNcDOoLjzsIWxQRypLdm1BhQNMhkJboGQhA4LNeU6QXkfVPOkQOllnB0fNMRKN3JCuLzq/0UvPeDD+WdcDVzNQZ2e+LmveweJTu6/i+h5m4= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: a3dd361e-503c-4f52-8601-08d70ef1a0c0 X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jul 2019 22:12:04.2743 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: volz@cisco.com X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR11MB3602 X-OriginatorOrg: cisco.com X-Outbound-SMTP-Client: 173.36.7.21, xch-aln-011.cisco.com X-Outbound-Node: rcdn-core-11.cisco.com Archived-At: Subject: [OPSEC] draft-ietf-opsec-v6-17 X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Jul 2019 22:12:09 -0000 Hi: Here's some very minor nits (RFC editor would correct): 1. s/feasable/feasible/ 2. s/section Section 2.6./Section 2.6./ 3. s/connectivity.Disabling/connectivity. Disabling/ 4. s/it has lead to no= des/it has led to nodes/ 5. s/formated/formatted/ 6. s/occurences/occurrenc= es/ 7. s/ bypassed by an hostile party/ bypassed by a hostile party/ 8. s/b= e be/be/ 9. s/explicitely/explicitly/ 10. s/to identifity the interface/ to= identify the interface/ 11. s/seperation/separation/ 12. s/hardened agains= miscreant/hardened against miscreant/ 13. s/exception of an handful/except= ion of a handful/ Perhaps I missed it, but the document doesn't mention anything about using = a random link-layer address (other than in the context of generating IPv6 a= ddresses). Perhaps that's OK as this is an IPv6 document and that really is= a separate link-layer security issue -- and you do have to draw the line s= omewhere otherwise it will never get done. In all the document does look very good and hopefully can move to WGLC soon= ! - Bernie From nobody Tue Jul 23 07:11:56 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06D1F120310 for ; Tue, 23 Jul 2019 07:11:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.5 X-Spam-Level: X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=fVDrmWwd; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=ZbKtVU/l Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ED8ALXd53knO for ; Tue, 23 Jul 2019 07:11:49 -0700 (PDT) Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B47012031D for ; Tue, 23 Jul 2019 07:11:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1774; q=dns/txt; s=iport; t=1563891109; x=1565100709; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=gkZ/5hu6Pw12BQDdrKWOJHb53fG62gxtwKu0y6c0+BY=; b=fVDrmWwd7lqKoTPSVL7Z0WW86V43JmudmmCM6I43/6Rl/rJCcGFLTgDy MzV2etJayrj3+CqThB2H5x0asUS8t8+lgIAih4Jap4lUgnziTsgrJVCeh jzhDHF00pMw7yyc819V4rSa194M6rjOpPYgb2HGFRx2lxDmaBYzStFQTC k=; IronPort-PHdr: =?us-ascii?q?9a23=3A8mWkkhwM40FyZF/XCy+N+z0EezQntrPoPwUc9p?= =?us-ascii?q?sgjfdUf7+++4j5YhSN/u1j2VnOW4iTq+lJjebbqejBYSQB+t7A1RJKa5lQT1?= =?us-ascii?q?kAgMQSkRYnBZuIF1z9J/3nRyc7B89FElRi+iLzPA=3D=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AXAAC2FDdd/5xdJa1cChsBAQEBAwE?= =?us-ascii?q?BAQcDAQEBgVMGAQEBCwGBQ1ADgUIgBAsWFIQdg0cDhFKJLZorgS6BJANUCQE?= =?us-ascii?q?BAQwBAS0CAQGEQAIXgjcjNAkOAQMBAQQBAQIBBm2FHgyFSwIEEhERDAEBNwE?= =?us-ascii?q?PAgEIGgImAgICMBUQAQEEDgUigwCBawMdAQKfWQKBOIhgcYEygnkBAQWCR4J?= =?us-ascii?q?AGIITCYEMKAGLXheBQD+BEScfgkw+hBAJKxeCdDKCJo54m28JAoIZlAwbmAq?= =?us-ascii?q?lBQIEAgQFAg4BAQWBUDiBWHAVZQGCQYJCg3GKU3KBKY4lAQE?= X-IronPort-AV: E=Sophos;i="5.64,299,1559520000"; d="scan'208";a="600924368" Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 23 Jul 2019 14:11:48 +0000 Received: from XCH-RCD-010.cisco.com (xch-rcd-010.cisco.com [173.37.102.20]) by rcdn-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id x6NEBmpZ019710 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL) for ; Tue, 23 Jul 2019 14:11:48 GMT Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-010.cisco.com (173.37.102.20) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 23 Jul 2019 09:11:47 -0500 Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 23 Jul 2019 10:11:46 -0400 Received: from NAM05-CO1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 23 Jul 2019 09:11:46 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XauNA4263YAaMAshHf2R4h3jpqhzsaZIOchd2e1ueGKy8cfs+P1hqhb7wE3mYPZ4eQN52GXxzeUbDv/fd+RJGdiX6p7bl2GiQ0d2a4+0CwdN3iTNP9qQSROYigq5buS3si05abT5NGNIqJifcjawe57/TX63/xGOL3PGSe1iv6/+S1oBQu5cENeb+fGmiKKmGgU+KQRJdcAVFtzEuoqoMi1fyNdjXxOdtetQMvGbnHFIpCSxdARsmJvtzlYkywqCORsvCmKGcrSwtNxkNQcnFdCwbLfonFdd/oujzl35qJSKIGE+V8BOzEMpFEyRA58zSVwXoG6PXuLzB06yi7/zSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gkZ/5hu6Pw12BQDdrKWOJHb53fG62gxtwKu0y6c0+BY=; b=N9cba4PW68p6Rrfy+M3B6G9zZwIhktPTFD1R9uZtI3jNAW6a9SIlHQmjAMURB3aY76ovO+9OH1z/Gu/bXI4sO3EUnZVliw8K6X6hNiiLinv58IN03Af6FRsQ8sDxQfJ1Q8tt1va06twxUERKFowFCRVd7cmlwTa502Ec5dlpxjLaZhJCCNzswLDFyEfmprKxaPGVaMwFJxXBci7Bm6WSeeODjQdll2oAFcoMIxhaeqh+D2GZhYl6sfdYnDPAWgNO1MtlzLkJRRKc3CLER6qFwKWNmYi31SUOziYBgoLoFcjmgSb4h8nrcO8y/gYDHI+9JMVH1Hyf+HDXUF1aGYj3XA== ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=cisco.com;dmarc=pass action=none header.from=cisco.com;dkim=pass header.d=cisco.com;arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gkZ/5hu6Pw12BQDdrKWOJHb53fG62gxtwKu0y6c0+BY=; b=ZbKtVU/lD9+JUGhEebBpSJaAO6b+ezYWkslTWz30SLwqqnJkIT4XYycCPnUGis0zDtzQSO5So/83jTljLWZvoaKXBiwrlWG1Xe6gfCdkFr3D9knBNXLxzaKTQOXpQo3L6uszwzYX5DicRZxxQOYVoraWm/LPqHgwfh35E0ec3yQ= Received: from MN2PR11MB4144.namprd11.prod.outlook.com (20.179.150.210) by MN2PR11MB3885.namprd11.prod.outlook.com (20.179.150.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.16; Tue, 23 Jul 2019 14:11:45 +0000 Received: from MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::cc02:dc35:1f73:653c]) by MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::cc02:dc35:1f73:653c%7]) with mapi id 15.20.2094.017; Tue, 23 Jul 2019 14:11:44 +0000 From: "Eric Vyncke (evyncke)" To: "Bernie Volz (volz)" CC: "opsec@ietf.org" Thread-Topic: draft-ietf-opsec-v6-17 Thread-Index: AdVA131ZRg7Av2Q1S0WVN4M41LlOvgAAumVgABkoHQA= Date: Tue, 23 Jul 2019 14:11:44 +0000 Message-ID: References: In-Reply-To: Accept-Language: fr-BE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/10.1b.0.190715 authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com; x-originating-ip: [2001:420:c0c8:1002::ee] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: cbb9dc04-9484-4197-c2b2-08d70f77b181 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MN2PR11MB3885; x-ms-traffictypediagnostic: MN2PR11MB3885: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:4303; x-forefront-prvs: 0107098B6C x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(39860400002)(346002)(366004)(396003)(136003)(189003)(199004)(6512007)(86362001)(6486002)(6436002)(81156014)(2906002)(36756003)(6246003)(33656002)(6116002)(81166006)(229853002)(68736007)(6862004)(8936002)(53936002)(4326008)(71200400001)(71190400001)(5660300002)(14444005)(14454004)(66946007)(99286004)(476003)(58126008)(11346002)(2616005)(66556008)(64756008)(316002)(66446008)(66476007)(256004)(76176011)(91956017)(25786009)(6636002)(7736002)(76116006)(446003)(478600001)(37006003)(102836004)(486006)(46003)(6506007)(186003)(305945005)(8676002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3885; H:MN2PR11MB4144.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: ZvShF6umpje4t4CB2cR6D+E9HCgoktUwCNFDwScxl8/05x4ZqVERqSYQVxPdHygLZ8GU5tA8nX2CdsZK6yFnehi1vRSrduCA47QRylN3+J3mV85ZG/yio0QETCS+MXd9S7SDIqyKeijAIR3W2dxFMX8LBDrAYhdKmX0OqMGIw9xLk3QVDuR9Xkrix3gOvxILkC/u3U+UfoEvirLNnqgQDfTAF82/53A0MdCJhQvU2DlXaqEBmTX5STw5gnbTES+CXSLarcJZ0TuTw1RhFosvcERAZpjN2kzJyZ7wQuj+N0BJE3UcyPTMKFORfeWjwAyUQdpn+i5ojrbqkf6qxzTWz9R/aEWP36X4AY+XLveA/Dr2/4VfYMDg2wZW/HEHZZMICiW/hLaqnpq65jVn2zSgZ7xoM/9x/7ipnBLwpki8CHc= Content-Type: text/plain; charset="utf-8" Content-ID: <74A7AF2B124FED44BBA83B0D0B13E5AB@namprd11.prod.outlook.com> Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: cbb9dc04-9484-4197-c2b2-08d70f77b181 X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jul 2019 14:11:44.9250 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: evyncke@cisco.com X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3885 X-OriginatorOrg: cisco.com X-Outbound-SMTP-Client: 173.37.102.20, xch-rcd-010.cisco.com X-Outbound-Node: rcdn-core-5.cisco.com Archived-At: Subject: Re: [OPSEC] draft-ietf-opsec-v6-17 X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Jul 2019 14:11:51 -0000 VGhhbmsgeW91IEJlcm5pZSBmb3IgdGhlIHJldmlldy4NCg0KV2Ugd2lsbCBmaXggdGhpcyBuaXRz IHdpdGggYW55IG90aGVyIGNvbW1lbnRzIHJlY2VpdmVkIGR1cmluZyB0aGUgV0dMQy4NCg0KLcOp cmljDQoNCu+7v09uIDIyLzA3LzIwMTksIDE4OjEyLCAiQmVybmllIFZvbHogKHZvbHopIiA8dm9s ekBjaXNjby5jb20+IHdyb3RlOg0KDQogICAgSGk6DQogICAgDQogICAgSGVyZeKAmXMgc29tZSB2 ZXJ5IG1pbm9yIG5pdHMgKFJGQyBlZGl0b3Igd291bGQgY29ycmVjdCk6DQogICAgDQogICAgMS4g cy9mZWFzYWJsZS9mZWFzaWJsZS8NCiAgICAyLiBzL3NlY3Rpb24gU2VjdGlvbiAyLjYuL1NlY3Rp b24gMi42Li8NCiAgICAzLiBzL2Nvbm5lY3Rpdml0eS5EaXNhYmxpbmcvY29ubmVjdGl2aXR5LiBE aXNhYmxpbmcvIDQuIHMvaXQgaGFzIGxlYWQgdG8gbm9kZXMvaXQgaGFzIGxlZCB0byBub2Rlcy8g NS4gcy9mb3JtYXRlZC9mb3JtYXR0ZWQvIDYuIHMvb2NjdXJlbmNlcy9vY2N1cnJlbmNlcy8gNy4g cy8gYnlwYXNzZWQgYnkgYW4gaG9zdGlsZSBwYXJ0eS8gYnlwYXNzZWQgYnkgYSBob3N0aWxlIHBh cnR5LyA4LiBzL2JlIGJlL2JlLyA5LiBzL2V4cGxpY2l0ZWx5L2V4cGxpY2l0bHkvIDEwLiBzL3Rv IGlkZW50aWZpdHkgdGhlIGludGVyZmFjZS8gdG8gaWRlbnRpZnkgdGhlIGludGVyZmFjZS8gMTEu IHMvc2VwZXJhdGlvbi9zZXBhcmF0aW9uLyAxMi4gcy9oYXJkZW5lZCBhZ2FpbnMgbWlzY3JlYW50 L2hhcmRlbmVkIGFnYWluc3QgbWlzY3JlYW50LyAxMy4gcy9leGNlcHRpb24gb2YgYW4gaGFuZGZ1 bC9leGNlcHRpb24gb2YgYSBoYW5kZnVsLw0KICAgIA0KICAgIFBlcmhhcHMgSSBtaXNzZWQgaXQs IGJ1dCB0aGUgZG9jdW1lbnQgZG9lc24ndCBtZW50aW9uIGFueXRoaW5nIGFib3V0IHVzaW5nIGEg cmFuZG9tIGxpbmstbGF5ZXIgYWRkcmVzcyAob3RoZXIgdGhhbiBpbiB0aGUgY29udGV4dCBvZiBn ZW5lcmF0aW5nIElQdjYgYWRkcmVzc2VzKS4gUGVyaGFwcyB0aGF0J3MgT0sgYXMgdGhpcyBpcyBh biBJUHY2IGRvY3VtZW50IGFuZCB0aGF0IHJlYWxseSBpcyBhIHNlcGFyYXRlIGxpbmstbGF5ZXIg c2VjdXJpdHkgaXNzdWUgLS0gYW5kIHlvdSBkbyBoYXZlIHRvIGRyYXcgdGhlIGxpbmUgc29tZXdo ZXJlIG90aGVyd2lzZSBpdCB3aWxsIG5ldmVyIGdldCBkb25lLg0KICAgIA0KICAgIEluIGFsbCB0 aGUgZG9jdW1lbnQgZG9lcyBsb29rIHZlcnkgZ29vZCBhbmQgaG9wZWZ1bGx5IGNhbiBtb3ZlIHRv IFdHTEMgc29vbiENCiAgICANCiAgICAtIEJlcm5pZQ0KICAgIA0KDQo= From nobody Tue Jul 30 04:10:57 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A98B112043E for ; Tue, 30 Jul 2019 04:10:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LNJpcDZrPgfa for ; Tue, 30 Jul 2019 04:10:46 -0700 (PDT) Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01BDE12040C for ; Tue, 30 Jul 2019 04:10:45 -0700 (PDT) Received: by rfc-editor.org (Postfix, from userid 30) id 1F8F7B810CC; Tue, 30 Jul 2019 04:10:29 -0700 (PDT) To: fgont@si6networks.com, rja.lists@gmail.com, cpignata@cisco.com, ibagdona@gmail.com, warren@kumari.net, furry13@gmail.com, rbonica@juniper.net X-PHP-Originating-Script: 30:errata_mail_lib.php From: RFC Errata System Cc: mohamed.boucadair@orange.com, opsec@ietf.org, rfc-editor@rfc-editor.org Content-Type: text/plain; charset=UTF-8 Message-Id: <20190730111029.1F8F7B810CC@rfc-editor.org> Date: Tue, 30 Jul 2019 04:10:29 -0700 (PDT) Archived-At: Subject: [OPSEC] [Editorial Errata Reported] RFC7126 (5798) X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2019 11:10:55 -0000 The following errata report has been submitted for RFC7126, "Recommendations on Filtering of IPv4 Packets Containing IPv4 Options". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid5798 -------------------------------------- Type: Editorial Reported by: Mohamed Boucadair Section: 1.1 Original Text ------------- The terms "fast path", "slow path", and associated relative terms ("faster path" and "slower path") are loosely defined as in Section 2 of [RFC6398]. Corrected Text -------------- Notes ----- These terms are not used in the document. The quoted text should be removed. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7126 (draft-ietf-opsec-ip-options-filtering-07) -------------------------------------- Title : Recommendations on Filtering of IPv4 Packets Containing IPv4 Options Publication Date : February 2014 Author(s) : F. Gont, R. Atkinson, C. Pignataro Category : BEST CURRENT PRACTICE Source : Operational Security Capabilities for IP Network Infrastructure Area : Operations and Management Stream : IETF Verifying Party : IESG From nobody Tue Jul 30 07:07:12 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0657912023C; Tue, 30 Jul 2019 07:07:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PlD6FKJrSzFm; Tue, 30 Jul 2019 07:07:10 -0700 (PDT) Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A402E120234; Tue, 30 Jul 2019 07:07:10 -0700 (PDT) Received: by rfc-editor.org (Postfix, from userid 30) id C25ACB8197B; Tue, 30 Jul 2019 07:06:53 -0700 (PDT) To: mohamed.boucadair@orange.com, fgont@si6networks.com, rja.lists@gmail.com, cpignata@cisco.com X-PHP-Originating-Script: 30:errata_mail_lib.php From: RFC Errata System Cc: warren@kumari.net, iesg@ietf.org, opsec@ietf.org, rfc-editor@rfc-editor.org Content-Type: text/plain; charset=UTF-8 Message-Id: <20190730140653.C25ACB8197B@rfc-editor.org> Date: Tue, 30 Jul 2019 07:06:53 -0700 (PDT) Archived-At: Subject: [OPSEC] [Errata Held for Document Update] RFC7126 (5798) X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2019 14:07:12 -0000 The following errata report has been held for document update for RFC7126, "Recommendations on Filtering of IPv4 Packets Containing IPv4 Options". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid5798 -------------------------------------- Status: Held for Document Update Type: Editorial Reported by: Mohamed Boucadair Date Reported: 2019-07-30 Held by: Warren Kumari (Ops AD) (IESG) Section: 1.1 Original Text ------------- The terms "fast path", "slow path", and associated relative terms ("faster path" and "slower path") are loosely defined as in Section 2 of [RFC6398]. Corrected Text -------------- Notes ----- These terms are not used in the document. The quoted text should be removed. -------------------------------------- RFC7126 (draft-ietf-opsec-ip-options-filtering-07) -------------------------------------- Title : Recommendations on Filtering of IPv4 Packets Containing IPv4 Options Publication Date : February 2014 Author(s) : F. Gont, R. Atkinson, C. Pignataro Category : BEST CURRENT PRACTICE Source : Operational Security Capabilities for IP Network Infrastructure Area : Operations and Management Stream : IETF Verifying Party : IESG From nobody Tue Jul 30 12:25:35 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE555120143 for ; Tue, 30 Jul 2019 12:25:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.691 X-Spam-Level: X-Spam-Status: No, score=-2.691 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_SPF_HELO_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 76E735UP8w3S for ; Tue, 30 Jul 2019 12:25:31 -0700 (PDT) Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 182EC12001E for ; Tue, 30 Jul 2019 12:25:31 -0700 (PDT) Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x6UJO73h003829; Tue, 30 Jul 2019 12:25:27 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=voIXaCU2Q4PBqOvDz3DHeJCvbN/jESOXKktomYGqZQw=; b=1M/t0cVuLZDie9jjgRm8S8auNSNVtIHs7uXGuCiIuchjnG+R5+ZMEJr+cJVkvhNlj2eZ JOp7UCSTgDykLodwfON7HeGCgYC+QQQCUGk3PaO1/RIfhepU5L1+/NEdvVfSwYVSNl9t 1FZSc3aMP0a31T/EZwQlgMOW8qm6b0zf/VBcVf121cFCQLtXlsnG/M9cEG9f+w9DsRIF 5EHHLf7c56Z4bKoZhJ1J6ujBjC6mos5zFY5UpDo6uPFjCLmuDdPtEeKHrHW4kQjtMTKf U2dMJzrWquk3TwiZ6/l6rClfpoai8HT4THN+2YiPUkfRVjEKtyEgnJLOtv2jheaApcc+ Cw== Received: from nam01-by2-obe.outbound.protection.outlook.com (mail-by2nam01lp2053.outbound.protection.outlook.com [104.47.34.53]) by mx0b-00273201.pphosted.com with ESMTP id 2u2uwy80br-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 30 Jul 2019 12:25:26 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MEYqfEyx/ueMde2JlaaHK0R6u9dcVInw+6Xwv93N2slkdZB1vInyLniBo+HODtUjb5WCW7qM2rIRKka0ACKxjtPb0AzaBOctUu+rR7mVPjoJJE57Z18oiQ54Fp4Tzy45ZZYP3H/+26LMpCqu4taOt72nmexFxjDhg/b43oippQcmZb0UnZMN/d3t+8y22HibPdV04QvCruSNfV3FKcs0bhK622HCDzc0FqXbQ9/2CB7tD//BV9wldQwdrE1GjMFu3v3bbodgkh9NX+z8GOb8xzEA+9jJmDFsWBBlotw+Q24wMA6u6HIaVKg1yWlJIUca4Al5HozFwYVGdy1jhW6l9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=voIXaCU2Q4PBqOvDz3DHeJCvbN/jESOXKktomYGqZQw=; b=ba145CBqBpOdtCXHVfCizYogpkpb6lMInumzD6rOwv4HmRkiomlGDCVjm9X8WYPBsJbpnOut07qsUOvaQIg+iuckyN276tw2cb4JW2YjRyvZbrY7tNye0xR1A1cxkG3Ux5Mit/HBMIamYXUnY1Dw6sD6CulTE5rUJituk8BeQpFPibsxHMun0mxE/v9iQJyk+XzZW3QwSN2zzIhEbwEaOndMuoJwnNb+20iFTTMwmPJJGNSHT2hCCOH0B5Vi2oSLrj9TaH2pP9qjksnyFVv5TxWx9CZ2TcyiDpvrzSS9D4tIktNnEFgPV1KrLtRFvVx/EBtfmRRo85i3YvfvhloxLg== ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=juniper.net;dmarc=pass action=none header.from=juniper.net;dkim=pass header.d=juniper.net;arc=none Received: from SN6PR05MB5424.namprd05.prod.outlook.com (52.135.109.143) by SN6PR05MB5853.namprd05.prod.outlook.com (20.177.255.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.9; Tue, 30 Jul 2019 19:25:24 +0000 Received: from SN6PR05MB5424.namprd05.prod.outlook.com ([fe80::a8c7:83ed:3b1d:f33b]) by SN6PR05MB5424.namprd05.prod.outlook.com ([fe80::a8c7:83ed:3b1d:f33b%3]) with mapi id 15.20.2136.010; Tue, 30 Jul 2019 19:25:24 +0000 From: Ron Bonica To: RFC Errata System , "fgont@si6networks.com" , "rja.lists@gmail.com" , "cpignata@cisco.com" , "ibagdona@gmail.com" , "warren@kumari.net" , "furry13@gmail.com" CC: "mohamed.boucadair@orange.com" , "opsec@ietf.org" Thread-Topic: [Editorial Errata Reported] RFC7126 (5798) Thread-Index: AQHVRsdzr0sFxdr5WEasOauPGUQEh6bjiynw Content-Class: Date: Tue, 30 Jul 2019 19:25:24 +0000 Message-ID: References: <20190730111029.1F8F7B810CC@rfc-editor.org> In-Reply-To: <20190730111029.1F8F7B810CC@rfc-editor.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.2.0.14 dlp-reaction: no-action msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbonica@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-07-30T19:25:22.0003725Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=5ce5d371-560f-4fd2-8299-aa229299906a; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic x-originating-ip: [66.129.241.14] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 31678dc9-0e48-4d28-bda6-08d71523ab89 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:SN6PR05MB5853; x-ms-traffictypediagnostic: SN6PR05MB5853: x-ms-exchange-purlcount: 1 x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:1303; x-forefront-prvs: 0114FF88F6 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(346002)(376002)(39860400002)(136003)(366004)(396003)(13464003)(199004)(189003)(3846002)(229853002)(74316002)(7736002)(6116002)(68736007)(6436002)(305945005)(76116006)(4326008)(110136005)(316002)(2906002)(6506007)(2201001)(71190400001)(71200400001)(26005)(966005)(7696005)(256004)(14444005)(14454004)(54906003)(11346002)(446003)(76176011)(102836004)(186003)(53546011)(33656002)(478600001)(55016002)(6306002)(6246003)(53936002)(25786009)(81166006)(81156014)(8676002)(66946007)(9686003)(486006)(476003)(2501003)(5660300002)(8936002)(66556008)(64756008)(66446008)(86362001)(99286004)(52536014)(66066001)(66476007); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR05MB5853; H:SN6PR05MB5424.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: F1PYPuz3t8IY6Wcb4SrvjQ2qXJf1Lta/Ouhn7nirkpHXUWdCSELDjlNnpVFk4QqoWHdcDHZ9y1HG29H1RvrU0KUTA9SjrZzWs3vWu2ODbIbR9h3N80l8K53EiyGtmDhLH3jUnOarx9sHAThkmLfEt3t2uvNVEUGLv4tSXKkFqAhrIyZnfLKbMbb28/Klf5AQ9FFEPrc5Wj2J68rgQviH7TysHvqHH1i1jkYNLlAt0J1JfGyYF1lPiy01FskCs24EGBpNNi7U01Gda+wvPI88CTS4XHfDPg4JIL+ehtekf3U3QRTyhXUVCD5KepXaoafCwKnImqNC7jwbM+Q69Lo+1qQKyP93os2sS4CBbP58t2ZQ7SLKyaiZdLk4eY3sMM2h/8jR4SbD1GCZdE9IqaCGV1ja7TCrU35NbXotAYPyAFA= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-Network-Message-Id: 31678dc9-0e48-4d28-bda6-08d71523ab89 X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jul 2019 19:25:24.0714 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: rbonica@juniper.net X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR05MB5853 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-07-30_09:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1907300196 Archived-At: Subject: Re: [OPSEC] [Editorial Errata Reported] RFC7126 (5798) X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2019 19:25:34 -0000 Rm9sa3MsDQoNClRoZSBlcnJhdGEgaXMgYWJzb2x1dGVseSBjb3JyZWN0LCBidXQgbm90IGNyaXRp Y2FsLiBJdCBkb2Vzbid0IGNoYW5nZSB0aGUgbWVhbmluZyBvZiB0aGUgZHJhZnQuDQoNCiAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgUm9uDQoNCg0KDQpKdW5pcGVyIEJ1c2luZXNzIFVzZSBP bmx5DQoNCi0tLS0tT3JpZ2luYWwgTWVzc2FnZS0tLS0tDQpGcm9tOiBSRkMgRXJyYXRhIFN5c3Rl bSA8cmZjLWVkaXRvckByZmMtZWRpdG9yLm9yZz4gDQpTZW50OiBUdWVzZGF5LCBKdWx5IDMwLCAy MDE5IDc6MTAgQU0NClRvOiBmZ29udEBzaTZuZXR3b3Jrcy5jb207IHJqYS5saXN0c0BnbWFpbC5j b207IGNwaWduYXRhQGNpc2NvLmNvbTsgaWJhZ2RvbmFAZ21haWwuY29tOyB3YXJyZW5Aa3VtYXJp Lm5ldDsgZnVycnkxM0BnbWFpbC5jb207IFJvbiBCb25pY2EgPHJib25pY2FAanVuaXBlci5uZXQ+ DQpDYzogbW9oYW1lZC5ib3VjYWRhaXJAb3JhbmdlLmNvbTsgb3BzZWNAaWV0Zi5vcmc7IHJmYy1l ZGl0b3JAcmZjLWVkaXRvci5vcmcNClN1YmplY3Q6IFtFZGl0b3JpYWwgRXJyYXRhIFJlcG9ydGVk XSBSRkM3MTI2ICg1Nzk4KQ0KDQpUaGUgZm9sbG93aW5nIGVycmF0YSByZXBvcnQgaGFzIGJlZW4g c3VibWl0dGVkIGZvciBSRkM3MTI2LCAiUmVjb21tZW5kYXRpb25zIG9uIEZpbHRlcmluZyBvZiBJ UHY0IFBhY2tldHMgQ29udGFpbmluZyBJUHY0IE9wdGlvbnMiLg0KDQotLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KWW91IG1heSByZXZpZXcgdGhlIHJlcG9ydCBiZWxvdyBh bmQgYXQ6DQpodHRwczovL3VybGRlZmVuc2UucHJvb2Zwb2ludC5jb20vdjIvdXJsP3U9aHR0cHMt M0FfX3d3dy5yZmMtMkRlZGl0b3Iub3JnX2VycmF0YV9laWQ1Nzk4JmQ9RHdJQmFRJmM9SEFrWXVo NjNyc3VocjZTY2JmaDBVakJYZU1LLW5kYjN2b0RUWGNXem9DSSZyPUZjaDlGUTgyc2lyLUJvTHg4 NGhLdUt3bC1BV0YyRWZwSGNBd3JEVGhLUDgmbT1uWjNKa2hob3NOZ1pHZV9ieVJDaU5LZm9UOG1j MDRqdjRKUE9mcWlKMUljJnM9TzJyenBSem1zQVV4ZzYzUTF1d3pDLUtVMWNLaWVNNnc1dkU0NXJU ZnNjVSZlPSANCg0KLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NClR5cGU6 IEVkaXRvcmlhbA0KUmVwb3J0ZWQgYnk6IE1vaGFtZWQgQm91Y2FkYWlyIDxtb2hhbWVkLmJvdWNh ZGFpckBvcmFuZ2UuY29tPg0KDQpTZWN0aW9uOiAxLjENCg0KT3JpZ2luYWwgVGV4dA0KLS0tLS0t LS0tLS0tLQ0KICAgVGhlIHRlcm1zICJmYXN0IHBhdGgiLCAic2xvdyBwYXRoIiwgYW5kIGFzc29j aWF0ZWQgcmVsYXRpdmUgdGVybXMNCiAgICgiZmFzdGVyIHBhdGgiIGFuZCAic2xvd2VyIHBhdGgi KSBhcmUgbG9vc2VseSBkZWZpbmVkIGFzIGluIFNlY3Rpb24gMg0KICAgb2YgW1JGQzYzOThdLg0K DQpDb3JyZWN0ZWQgVGV4dA0KLS0tLS0tLS0tLS0tLS0NCg0KDQpOb3Rlcw0KLS0tLS0NClRoZXNl IHRlcm1zIGFyZSBub3QgdXNlZCBpbiB0aGUgZG9jdW1lbnQuIFRoZSBxdW90ZWQgdGV4dCBzaG91 bGQgYmUgcmVtb3ZlZC4NCg0KSW5zdHJ1Y3Rpb25zOg0KLS0tLS0tLS0tLS0tLQ0KVGhpcyBlcnJh dHVtIGlzIGN1cnJlbnRseSBwb3N0ZWQgYXMgIlJlcG9ydGVkIi4gSWYgbmVjZXNzYXJ5LCBwbGVh c2UgdXNlICJSZXBseSBBbGwiIHRvIGRpc2N1c3Mgd2hldGhlciBpdCBzaG91bGQgYmUgdmVyaWZp ZWQgb3IgcmVqZWN0ZWQuIFdoZW4gYSBkZWNpc2lvbiBpcyByZWFjaGVkLCB0aGUgdmVyaWZ5aW5n IHBhcnR5IGNhbiBsb2cgaW4gdG8gY2hhbmdlIHRoZSBzdGF0dXMgYW5kIGVkaXQgdGhlIHJlcG9y dCwgaWYgbmVjZXNzYXJ5LiANCg0KLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0NClJGQzcxMjYgKGRyYWZ0LWlldGYtb3BzZWMtaXAtb3B0aW9ucy1maWx0ZXJpbmctMDcpDQot LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KVGl0bGUgICAgICAgICAgICAg ICA6IFJlY29tbWVuZGF0aW9ucyBvbiBGaWx0ZXJpbmcgb2YgSVB2NCBQYWNrZXRzIENvbnRhaW5p bmcgSVB2NCBPcHRpb25zDQpQdWJsaWNhdGlvbiBEYXRlICAgIDogRmVicnVhcnkgMjAxNA0KQXV0 aG9yKHMpICAgICAgICAgICA6IEYuIEdvbnQsIFIuIEF0a2luc29uLCBDLiBQaWduYXRhcm8NCkNh dGVnb3J5ICAgICAgICAgICAgOiBCRVNUIENVUlJFTlQgUFJBQ1RJQ0UNClNvdXJjZSAgICAgICAg ICAgICAgOiBPcGVyYXRpb25hbCBTZWN1cml0eSBDYXBhYmlsaXRpZXMgZm9yIElQIE5ldHdvcmsg SW5mcmFzdHJ1Y3R1cmUNCkFyZWEgICAgICAgICAgICAgICAgOiBPcGVyYXRpb25zIGFuZCBNYW5h Z2VtZW50DQpTdHJlYW0gICAgICAgICAgICAgIDogSUVURg0KVmVyaWZ5aW5nIFBhcnR5ICAgICA6 IElFU0cNCg== From nobody Tue Jul 30 13:52:31 2019 Return-Path: X-Original-To: opsec@ietfa.amsl.com Delivered-To: opsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13BBC120247 for ; Tue, 30 Jul 2019 13:52:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3sx7BoA9eShE for ; Tue, 30 Jul 2019 13:52:18 -0700 (PDT) Received: from mail-qk1-x72b.google.com (mail-qk1-x72b.google.com [IPv6:2607:f8b0:4864:20::72b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 443D712027E for ; Tue, 30 Jul 2019 13:52:18 -0700 (PDT) Received: by mail-qk1-x72b.google.com with SMTP id d79so47542890qke.11 for ; Tue, 30 Jul 2019 13:52:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=RF+35HEccKel6S1IM+vXMF32T12qOCam2WN2ahGtC4Y=; b=d/OsSNbuVvIGo07m/D7zURea5aP/sSbiW6p07SdbTGfXhra2GMDaFAS5+ByEuoKZ4k irE1h2mHnwnN4fovDXyJCzcIUBoCZMrphNb90WT0nT92n8gMYyL/RpQcPA6j4C4OFO4R GyqN1Ub/7diFFhKrWm+9A9nx5f2fhlSwAru+dDsnr332ot8e0jkHJlLCizmSa9BXZcI8 sh0lhW6BzTlQWd7PqGXVQ9BtRPRfE2107hZzfB/MMI3j7030ca5SMgBgEqqZthrxHLyA Gttcwi2LRqUCqh6hqNOnjNmoPjH6uTCXgd0gJPGQuY84JtDEPTqmKSTxwlDLjJLwHc6s tsBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=RF+35HEccKel6S1IM+vXMF32T12qOCam2WN2ahGtC4Y=; b=pbg42b9HAo8rAPNA6KovrjmwsUwihlWBPqYo1vBEDvvD19BPmyZpMtF57JB+IVMJOO YY2ZyxYAtnhIvARygzZ12gpjYf7hQ+OM1B7cUfGKKFFXN633KfEKaXo9mNhFcbjVCr0L q0JDv/3oh4T+71uo6lD3Duh5rYo++rXkRg9Zw6bfDdFWGmedCk/uG3nF5il4K3+lFgxq PlJnyYF+l+O0N9f+sW1N57kYs5LZfnpPRTuH1olY1XB0e6J8bt8IRxS7q8zNSdolcp49 QZY/GIBqMBrXDSudbJqOH70MyQr0wMd2QtYLD2/LkKPlP2PWOILvzRZhaKz6DbQFfGZg ggbQ== X-Gm-Message-State: APjAAAXEYq53+aa1BX31bkOzO67BOasfl7qBn5IXafnLiPIxCKnHy/vO 0aK+ItQTmsOrtvgnNQ1IVuCIyG3yg9z/IEB5VcBG8A== X-Google-Smtp-Source: APXvYqxDsRshXiTa9Q+G7V1Lt9nqaW2E915qEzUQgTjdVhcSTPwJm8DEpE5hm73wTrVm/TqvZHTVrAfdF+/xjdoNv6k= X-Received: by 2002:a05:620a:1661:: with SMTP id d1mr79174987qko.192.1564519936674; Tue, 30 Jul 2019 13:52:16 -0700 (PDT) MIME-Version: 1.0 References: <20190730111029.1F8F7B810CC@rfc-editor.org> In-Reply-To: From: Warren Kumari Date: Tue, 30 Jul 2019 16:51:41 -0400 Message-ID: To: Ron Bonica Cc: RFC Errata System , "fgont@si6networks.com" , "rja.lists@gmail.com" , "cpignata@cisco.com" , "ibagdona@gmail.com" , "furry13@gmail.com" , "mohamed.boucadair@orange.com" , "opsec@ietf.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [OPSEC] [Editorial Errata Reported] RFC7126 (5798) X-BeenThere: opsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: opsec wg mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2019 20:52:30 -0000 On Tue, Jul 30, 2019 at 3:25 PM Ron Bonica wrote: > > Folks, > > The errata is absolutely correct, but not critical. It doesn't change the= meaning of the draft. Indeed -- from: https://www.ietf.org/blog/iesg-processing-rfc-errata-ietf-stream/ Trivial grammar corrections should be Hold for Document Update. Typographical errors which would not cause any confusions to implementation or deployments should be Hold for Document Update. Changes which are simply stylistic issues or simply make things read better should be Hold for Document Update. W > > Ron > > > > Juniper Business Use Only > > -----Original Message----- > From: RFC Errata System > Sent: Tuesday, July 30, 2019 7:10 AM > To: fgont@si6networks.com; rja.lists@gmail.com; cpignata@cisco.com; ibagd= ona@gmail.com; warren@kumari.net; furry13@gmail.com; Ron Bonica > Cc: mohamed.boucadair@orange.com; opsec@ietf.org; rfc-editor@rfc-editor.o= rg > Subject: [Editorial Errata Reported] RFC7126 (5798) > > The following errata report has been submitted for RFC7126, "Recommendati= ons on Filtering of IPv4 Packets Containing IPv4 Options". > > -------------------------------------- > You may review the report below and at: > https://urldefense.proofpoint.com/v2/url?u=3Dhttps-3A__www.rfc-2Deditor.o= rg_errata_eid5798&d=3DDwIBaQ&c=3DHAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoC= I&r=3DFch9FQ82sir-BoLx84hKuKwl-AWF2EfpHcAwrDThKP8&m=3DnZ3JkhhosNgZGe_byRCiN= KfoT8mc04jv4JPOfqiJ1Ic&s=3DO2rzpRzmsAUxg63Q1uwzC-KU1cKieM6w5vE45rTfscU&e=3D > > -------------------------------------- > Type: Editorial > Reported by: Mohamed Boucadair > > Section: 1.1 > > Original Text > ------------- > The terms "fast path", "slow path", and associated relative terms > ("faster path" and "slower path") are loosely defined as in Section 2 > of [RFC6398]. > > Corrected Text > -------------- > > > Notes > ----- > These terms are not used in the document. The quoted text should be remov= ed. > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please use = "Reply All" to discuss whether it should be verified or rejected. When a de= cision is reached, the verifying party can log in to change the status and = edit the report, if necessary. > > -------------------------------------- > RFC7126 (draft-ietf-opsec-ip-options-filtering-07) > -------------------------------------- > Title : Recommendations on Filtering of IPv4 Packets Contai= ning IPv4 Options > Publication Date : February 2014 > Author(s) : F. Gont, R. Atkinson, C. Pignataro > Category : BEST CURRENT PRACTICE > Source : Operational Security Capabilities for IP Network In= frastructure > Area : Operations and Management > Stream : IETF > Verifying Party : IESG --=20 I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf