Hi Sue,
Dropping the items where we agree:
On Wed, Nov 13, 2024 at 10:40 AM Susan Hares <shares@xxxxxxxx> wrote:
> Sent: Sunday, November 3, 2024 5:10 PM
> To: Susan Hares <shares@xxxxxxxx>
> Cc: ops-dir@xxxxxxxx; draft-ietf-manet-dlep-ether-credit-extension.all@xxxxxxxx; last-call@xxxxxxxx; manet@xxxxxxxx
> Subject: Re: Opsdir last call review of draft-ietf-manet-dlep-ether-credit-extension-06
>...
> On Mon, Aug 12, 2024 at 2:24 PM Susan Hares via Datatracker <noreply@xxxxxxxx> wrote:
> > Reviewer: Susan Hares
> > Review result: Has Issues
> >
> > ...
>
> > Issue 2: "wildcard" matching of any PCP or VID needs security/manageability comment
> >
> > Wildcards ease the manageability of matching PCP or VID fields. However, the
> > security section should make some comment about the risks of wildcard matching for these fields.
>
> Something like:
>
> Care must be exercised in the use of wildcards for matching PCP and VID fields. Wildcards may be convenient to match a number of packet flows but could inadvertently match new flows that appear after the wildcard matching has been set up or more flows than intended.
>
> Sue: I would go a little stronger in that direction, but you are on the right path.
I plan to go with the following:
Wildcards for matching PCP and VID fields may be convenient to match a
number of packet flows but could inadvertently match unexpected flows or
new flows that appear after the wildcard matching has been set up. It is
therefore RECOMMENDED that wildcards not be used unless clearly
needed.
Thanks,
Donald
===============================
Donald E. Eastlake 3rd +1-508-333-2270 (cell)
2386 Panoramic Circle, Apopka, FL 32703 USA
d3e3e3@xxxxxxxxx
--
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx
