Re: [OPSEC] Zaheduzzaman Sarker's No Objection on draft-ietf-opsec-v6-25: (with COMMENT)

[Zaheduzzaman Sarker]

Hi,

Sorry for the late response, I was away due to sickness.

Thanks for addressing my comments. However, I still think if section 2.3.4 is 
not specific to certain generation of 3GPP link/network architecture then it is 
better to either use possible generic terminologies or include 5G terminologies 
(as it is out there).

BR
Zahed

On 2021-05-11, 15:57, "KK Chittimaneni" 
mailto:kk.chittiman...@gmail.com>> wrote:

Hello Zahed,

Thank you very much for your detailed review.

Together with my co-authors, we have uploaded revision -27, which should 
address all your comments.

The diff is at: https://www.ietf.org/rfcdiff?url2=draft-ietf-opsec-v6-27
Regards,
KK

On Wed, Apr 7, 2021 at 3:33 AM Zaheduzzaman Sarker via Datatracker 
mailto:nore...@ietf.org>> wrote:
Zaheduzzaman Sarker has entered the following ballot position for
draft-ietf-opsec-v6-25: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-opsec-v6/



--
COMMENT:
--

I found this document very informative and I learned quite a lot by reading
this document (I must confess I haven't  read the long list of  referenced
documents :-)). I think the collected recommendations in one place will be very
helpful.

Some comments -

  *  The abstract says - "The recommendations in this document are not
  applicable to residential user cases". However, later on in section 1.1 it
  says - "This covers Service Provider (SP), enterprise networks and some
  knowledgeable-home-user-managed residential network." Furthermore in section
  5, it recommends configurations for residential users.May be I am not
  getting the distinction among residential user cases, managed residential
  network and residential users correct but I think further clarification is
  needed on what is written in thee abstract and what is in the rest of the
  document.

  * I noted that section 2.3.4 refers to 3GPP 4G terminologies while describing
  the case. If this section is not supposed to restricted to certain
  generations of 3GPP technologies then I would recommend to update the section
  with 5G terminologies as well.

  * In section 2.6 there is an ask for the network operators to log "of all
  applications using the network (including user space and kernel space) when
  available (for example web servers)". How realistic is this? I hardly see the
  web servers sharing logging files with network operators ( I would be happy
  to be corrected here ). I am also missing the discussion on -- if not
  available how much this affects the forensic research in the event of
  security incident and abnormal behavior.


___
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec

Re: [OPSEC] Zaheduzzaman Sarker's No Objection on draft-ietf-opsec-v6-25: (with COMMENT)

[KK Chittimaneni]

Hello Zahed,

Thank you very much for your detailed review.

Together with my co-authors, we have uploaded revision -27, which should
address all your comments.

The diff is at: https://www.ietf.org/rfcdiff?url2=draft-ietf-opsec-v6-27

Regards,
KK

On Wed, Apr 7, 2021 at 3:33 AM Zaheduzzaman Sarker via Datatracker <
nore...@ietf.org> wrote:

> Zaheduzzaman Sarker has entered the following ballot position for
> draft-ietf-opsec-v6-25: No Objection
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-opsec-v6/
>
>
>
> --
> COMMENT:
> --
>
> I found this document very informative and I learned quite a lot by reading
> this document (I must confess I haven't  read the long list of  referenced
> documents :-)). I think the collected recommendations in one place will be
> very
> helpful.
>
> Some comments -
>
>   *  The abstract says - "The recommendations in this document are not
>   applicable to residential user cases". However, later on in section 1.1
> it
>   says - "This covers Service Provider (SP), enterprise networks and some
>   knowledgeable-home-user-managed residential network." Furthermore in
> section
>   5, it recommends configurations for residential users.May be I am not
>   getting the distinction among residential user cases, managed residential
>   network and residential users correct but I think further clarification
> is
>   needed on what is written in thee abstract and what is in the rest of the
>   document.
>
>   * I noted that section 2.3.4 refers to 3GPP 4G terminologies while
> describing
>   the case. If this section is not supposed to restricted to certain
>   generations of 3GPP technologies then I would recommend to update the
> section
>   with 5G terminologies as well.
>
>   * In section 2.6 there is an ask for the network operators to log "of all
>   applications using the network (including user space and kernel space)
> when
>   available (for example web servers)". How realistic is this? I hardly
> see the
>   web servers sharing logging files with network operators ( I would be
> happy
>   to be corrected here ). I am also missing the discussion on -- if not
>   available how much this affects the forensic research in the event of
>   security incident and abnormal behavior.
>
>
>
>
___
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec