Hi Alvaro, thanks for the detailed evaluation and for the valuable feedback.
I went thru your COMMENTS and performed some related adaptions of the draft. A new version has been uploaded. thank you again & have a great weekend Enno On Mon, Apr 05, 2021 at 02:07:53PM -0700, Alvaro Retana via Datatracker wrote: > Alvaro Retana has entered the following ballot position for > draft-ietf-opsec-v6-25: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-opsec-v6/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > > (1) The applicability statement in ??1.1 is confusing to me. > > a. The Abstract says that "this document are not applicable to residential > user cases", but that seems not to be true because this section says that the > contents do apply to "some knowledgeable-home-user-managed residential > network[s]", and ??5 is specific to residential users. > > b. "This applicability statement especially applies to Section 2.3 and Section > 2.5.4." Those two sections represent a small part of the document; what about > the rest? It makes sense to me for the applicability statement to cover most > of the document. > > c. "For example, an exception to the generic recommendations of this document > is when a residential or enterprise network is multi-homed." I'm not sure if > this sentence is an example of the previous one (above) or if "for example" is > out of place. > > (2) ??5 mentions "early 2020" -- I assume that the statement is still true > now. > > (3) It caught my attention that there's only one Normative Reference (besides > rfc8200, of course). Why? What is special about the IPFIX registry? > > It seems that an argument could be made to the fact that to secure OSPFv3, for > example, an understanding of the protocol is necessary. This argument could > be > extended to other protocols or mechanisms, including IPv6-specific technology: > ND, the addressing architecture, etc. Consider the classification of the > references in light of [1]. > > [1] > https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/ > > > -- Enno Rey Cell: +49 173 6745902 Twitter: @Enno_Insinuator _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
