Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread Eliot Lear
On 10/24/17 7:20 PM, M. Ranganathan wrote: > Hi Eliot, > > Your comment brings up something that I believe needs some clarification: > > > > >   > > Better to > have a single class, given its commonality.  There are very few such > common services on a network, but there are

Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread M. Ranganathan
Hi Eliot, Your comment brings up something that I believe needs some clarification: > Better to > have a single class, given its commonality. There are very few such > common services on a network, but there are presumably one or two others > that will come to be, and thus the ability to

Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread Eliot Lear
Giid evening Juergen, On 10/24/17 5:51 PM, Juergen Schoenwaelder wrote: > > What you describe seem to be different policies. Are you saying that > these different policies are bad or a huge management problem and > hence we hard-code a default policy that is considered "good" in most >

[OPSAWG] Last Call: (Manufacturer Usage Description Specification) to Proposed Standard

2017-10-24 Thread The IESG
The IESG has received a request from the Operations and Management Area Working Group WG (opsawg) to consider the following document: - 'Manufacturer Usage Description Specification' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on

Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread Juergen Schoenwaelder
On Tue, Oct 24, 2017 at 05:23:34PM +0200, Eliot Lear wrote: > > -- There is default behavior associated with those classes. ( For > > example, you talk to DNS on port 53, NTP on port 123.) If a MUD rule > > specifies nothing (no ACEs) then these two classes exist invisibly as > > ALLOW rules. >

Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread Eliot Lear
Hi Ranga, Let's step through these. On 10/24/17 5:15 PM, M. Ranganathan wrote: > Hello Eliot, Joe, > > > On Tue, Oct 24, 2017 at 10:15 AM, Eliot Lear > wrote: > > Joe, > > In talking with a few more people, I'm coming to conclude we > should

Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread M. Ranganathan
Hello Eliot, Joe, On Tue, Oct 24, 2017 at 10:15 AM, Eliot Lear wrote: > Joe, > > In talking with a few more people, I'm coming to conclude we should leave > things as is. Here's the issue: MOST but probably not ALL manufacturers > will need access to DNS. They will nearly ALL

[OPSAWG] I-D Action: draft-ietf-opsawg-mud-13.txt

2017-10-24 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Operations and Management Area Working Group WG of the IETF. Title : Manufacturer Usage Description Specification Authors : Eliot Lear

Re: [OPSAWG] AD review of: draft-ietf-opsawg-mud.

2017-10-24 Thread Warren Kumari
On Tue, Oct 24, 2017 at 7:46 AM, Eliot Lear wrote: > [this time to the wg and chairs] > > Warren, > > Thanks for your review, and I'm sorry to hear of your illness. Thanks; antibiotics are a wonderful invention, finally on the mend... > > > On 10/24/17 12:37 AM, Warren Kumari

Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread Eliot Lear
Joe, In talking with a few more people, I'm coming to conclude we should leave things as is.  Here's the issue: MOST but probably not ALL manufacturers will need access to DNS.  They will nearly ALL specify that need, and they may ALL do so in different ways.  That will translate into more

Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread Eliot Lear
On 10/24/17 2:48 PM, Joe Clarke wrote: > On 10/24/17 07:48, Eliot Lear wrote: > > I want to confirm this with the WG and the chairs.  I'm okay > > removing this if others are as well.  It's past WGLC and I am about > > to post -13. Objections? > > This seems better for security and clarity with

Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread Joe Clarke
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/24/17 07:48, Eliot Lear wrote: > I want to confirm this with the WG and the chairs. I'm okay > removing this if others are as well. It's past WGLC and I am about > to post -13. Objections? This seems better for security and clarity with

Re: [OPSAWG] MUD : actions { forwarding : drop } utility.

2017-10-24 Thread Eliot Lear
I want to confirm this with the WG and the chairs.  I'm okay removing this if others are as well.  It's past WGLC and I am about to post -13.  Objections? On 10/24/17 12:02 AM, M. Ranganathan wrote: > Hello, > > I am wondering about the utility of the actions part of the ACE. > > In the latest

Re: [OPSAWG] AD review of: draft-ietf-opsawg-mud.

2017-10-24 Thread Eliot Lear
[this time to the wg and chairs] Warren, Thanks for your review, and I'm sorry to hear of your illness. On 10/24/17 12:37 AM, Warren Kumari wrote: > First, sorry for the delay in reviewing this -- I'm recovering from > pneumonia and so it took longer than it should have. > > I do have a few