[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: More Comments/suggestions on draft

To: Neal Ziring <nziring@thecouch.ncsc.mil>
Subject: Re: More Comments/suggestions on draft
From: George Jones <gmj@pobox.com>
Date: Tue, 24 Jun 2003 16:39:46 -0400 (EDT)
Cc: opsec@ops.ietf.org
In-reply-to: <3EF38363.2090704@thecouch.ncsc.mil>
References: <3EEF89F9.4C5A9DCE@mitre.org> <Pine.LNX.4.53.0306200636040.21275@mall.pulltheplug.com><3EF38363.2090704@thecouch.ncsc.mil>
Reply-to: gmj@pobox.com

> George - for comments on the logging section, 2.11,
> should I just make the changes and check them in to
> CVS?

Post here for comment for a couple days first to benefit from
collective wisdom/feedback (he says, thinking he should follow is own
advice).

But since it is CVS, you could branch, post diffs, and let me merge.
Your choice.

> statements of several performance requirements
> in the current draft.  They are not quantified
> at all.   I'm not sure this is a big deal, but
> I would like to understand other peoples' positions
> on this issue.

Specifics ?

> ---------------------------------------------------
>
> Section      Comment
> --------  ----------------------------------------
> 2.1.4	  Shouldn't this restriction be bi-directional?

   Requirement. It MUST NOT be possible to forward data between data
      plane and management plane.

This seems to be bi-directional to me.


> 	  If the device has a separate control plane,
> 	  forwarding control->data and data->control
> 	  should both be prohibited by the separation.

The requirement only lists management and data planes.  Did you mean
to say "control" ?

I'm wondering if we need to split out management/control/data (I see
major restructuring coming on several fronts).


> 	  The "Justification" section only mentions
> 	  one direction.

yes.  It expresses the concern/motivation in unidirectional terms.

>
> 2.1.5	  This requirement could be split; I think the
> 	  requirement for the data plane should be a
> 	  little different than for the mgmt plane.
> 	  (in particular, if the data plane is totally
> 	   flooded, remote management over the mgmt
> 	   plane should still work.

Sounds like your basicly arguing for separation.  I think it could be
worded something like:

       REQUIREMENT: Management, Control and Data Planes MUST Function
       Independently"

       EXAMPLE: DoS of management plane must not impair functioning
       of data plane or control plane functions.

>      	   If the mgmt ports
> 	   are totally flooded, I think it is quite
> 	   unrealistic to expect remote management to
> 	   still work,

This is in fact one of the pathological tests we threw at vendor gear.
Most fell down.  A few managed to remain managable.

> but local management should)

MUST.

> 2.1.6	  This requirement should be split into two:
> 	  one for backup, and a separate one for
> 	  restore/recovery.

OK.  Done.   Reflected in CVS and

     http://www.port111.com/opsec/draft-jones-opsec-00a.txt


... will finish your comments in a following message.

Thanks,
---George

References:
- Comments/suggestions on draft
  - From: "Wang,Nai-Pin K." <knwang@mitre.org>
- Re: Comments/suggestions on draft [current requirements]
  - From: George Jones <gmj@pobox.com>
- More Comments/suggestions on draft
  - From: Neal Ziring <nziring@thecouch.ncsc.mil>

Prev by Date: Re: Provisioning, Password Strength (was RE: comments)
Next by Date: Re: More Comments/suggestions on draft
Previous by thread: More Comments/suggestions on draft
Next by thread: Re: More Comments/suggestions on draft
Index(es):
- Date
- Thread