I am the assigned Gen-ART reviewer for draft-ietf-opsec-filter-caps-08.txt.
For background on Gen-ART, please see the FAQ at <http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html>. Please resolve these comments along with any other Last Call comments you may receive. This draft seems basically fine to me. There is one part that I just don't grok, but I assume that will be easy enough to fix. I also flagged a few nits that ought to be fixed if the authors make another pass over this document. Comments below. allman MORE-THAN-NITS -------------- Sec 5.1: The "Capability" description is not at all clear to me. I keep re-reading this one and just cannot understand what it says. Please re-write this in a more clear fashion--perhaps with an example. NITS ---- Sec 1.2: "threat model of this document" --> "threat model assumed in this document" Sec 3.1 (and others): "and or" --> "and/or" (do a search & replace, as this happens quite a few times in text that looks like it was cut & pasted) Sec 3.5: "It allows invalid or malicious traffic" --> "It allows traffic judged to be invalid or malicious" Sec 3.6: I'd suggest a reference to the PMTUD blackhole RFC (2923) where you mention the negatives of dropping ICMPs. Sec 4.1 (and others): "TCP Resets." --> "TCP Resets, for instance." Sec 4.1: "(e.g., syslog" --> "(e.g., via syslog" Sec 5.1: "applied two" --> "applied to two" Sec 7.2: Seems weird to me that you say we could define malicious traffic using layer 3 or 4 information when it is pretty common to use actual payload contents to detect malicious traffic. Or, are you trying to say that after detection we can use some handy identifiers from layers 3 & 4 to take action? This could be more clear, I think.
pgpwDlsf1o9lX.pgp
Description: PGP signature
_______________________________________________ Gen-art mailing list [email protected] https://www1.ietf.org/mailman/listinfo/gen-art
