Hi Authors and the Int-area group, I'm Cui Yong, just a dumb netadmin managing a campus network. I don't understand fancy protocol designs. But after reading your -01 draft, I can't sleep. I keep dreaming about hackers breaking into my network. I'm just gonna lay out some simple truths as I see them. 1. Bringing back the ghost of RFC 4620? I heard old-timers talk about RFC 4620. It did "Node Information Queries." Why did it die? Because it let anyone ask for the house keys (hostnames, IP lists). Now, your draft introduces Query Pre-Request in Section 3.3. It asks the target: "What can you tell me?" This isn't security; it's handing hackers a menu for an all-you-can-eat buffet. Previously, they had to guess. Now, they just follow your standard interface to pillage my network. 2. The Pad Object in Section 7 is a joke You say you added the Pad Object so the reply isn't bigger than the request, preventing amplification attacks. But who cares about size? Even a tiny reply saying "I am Router A" is a leak! You're so busy worrying about bandwidth that you ignore the fact that the crown jewels are being stolen. It's like worrying about a thief stealing the big TV while ignoring him pocketing the gold rings. 3. "Default Off" and "Whitelists" in Section 10 are self-deception You say it's disabled by default and suggest prefix whitelists. I laugh:
* I heard this is for IOAM. When the boss demands IOAM for monitoring, he'll force me to turn it on. "Default off" means nothing against "business requirements." * Source IPs are easy to spoof inside a subnet. Whitelists are useless. * You recommend IPsec. Seriously? Which of you geniuses is going to help me deploy certificates on tens of thousands of devices? You sit in AC-controlled offices; you don't know the pain of us small guys. If this standard passes, I'll be woken up at 3 AM to fix the fallout. 4. Section 8: Reinventing the wheel to avoid scrutiny? You say you won't reuse RFC 4620 or RFC 8335 (PROBE). I figure it's because those are watched closely. You're building a new "green lane" that bypasses existing oversight. 5. The FCFS registry is a ticking time bomb Section 9 says new objects are FCFS (First Come, First Served). So tomorrow, someone can register an object to dump the routing table? Or the ARP cache? Today it's IOAM; tomorrow it's a full network map. You've removed the lock on the door and told me, "Don't worry, the door frame is still there!" Conclusion I can't stop you from making standards. But if this thing enters my network, I will kill it at the firewall. I simply cannot afford to host this Buddha in my small temple. If this protocol is on, my front door is unlocked. I might as well quit my job now. Please fix it, or it dies in the wild. Best regards, Cui Yong P.S. I don't understand English well, so I used AI translation tools to write this email. If there are any inaccuracies in my wording, please feel free to correct me. I'm just speaking from my operational experience.
_______________________________________________ Int-area mailing list -- [email protected] To unsubscribe send an email to [email protected]
