[BCOP] BCOP Draft-2: open for comments

JORDI PALET MARTINEZ jordi.palet at consulintel.es
Tue Jun 19 12:39:48 BRT 2018 

I think the last one is sufficient:
If the CPE can not be updated to meet the requirements of this document, it must be replaced.
 

Because not having hardware or software support, but still accommodating the BCOP is OK, as well as if a CPE is OK, but it has been there for 8 years or 18 years, but still works for the purpose required on its location, no need to replace it.

 

 


Saludos,

Jordi

 

 

 

De: BCOP <bcop-bounces at lacnog.org> en nombre de Carmen Denis Polanco <carmen.denis at correo.uady.mx>
Responder a: This list is to discuss BCOPs in LACNOG <bcop at lacnog.org>
Fecha: martes, 19 de junio de 2018, 17:06
Para: This list is to discuss BCOPs in LACNOG <bcop at lacnog.org>
Asunto: Re: [BCOP] BCOP Draft-2: open for comments

 

Hi Christian, Lucimara and Jordi,

 

>Regarding your 2nd suggestion, I’m not sure how to address that … do you have any idea as starting point? May be is something so simple as “if the CPE can’t be updated to accommodate the requirements in this document, then it must be replaced” ?

 

About this, I think it can be include the end of executive summary:

 

The following is a simple guide to recommendations for detecting and replacing obsolete CPEs:

If the CPE does not have hardware or software support from the manufacturer or supplier, it must be replaced.

If the CPE has more than 5 (five) years of life, it must be replaced.

If the CPE can not be updated to meet the requirements of this document, it must be replaced.

 

 

 

Regards.

 

Carmen

 

 

 

De: BCOP <bcop-bounces at lacnog.org> en nombre de JORDI PALET MARTINEZ <jordi.palet at consulintel.es>
Enviado: martes, 19 de junio de 2018 03:41 a. m.
Para: This list is to discuss BCOPs in LACNOG
Asunto: Re: [BCOP] BCOP Draft-2: open for comments 

 

Hi Christian,

 

I know there is a generic “update” feature set in the MR section, but it is too generic.

 

As said before. IPv6 must be there altogether with IPv4-in-IPv6 support. Not having that is a security risk, as well as cheating customers, because you’re providing a CPE which is no longer valid *already today*.

 

I think we need to have a strong wording on that in every BCOP we do. Otherwise message is only read if you specifically read the BCOP on CPEs, etc.

 

Regarding your 2nd suggestion, I’m not sure how to address that … do you have any idea as starting point? May be is something so simple as “if the CPE can’t be updated to accommodate the requirements in this document, then it must be replaced” ?


Regards,

Jordi

 

 

 

De: BCOP <bcop-bounces at lacnog.org> en nombre de Christian O'Flaherty <oflaherty at isoc.org>
Responder a: This list is to discuss BCOPs in LACNOG <bcop at lacnog.org>
Fecha: lunes, 18 de junio de 2018, 21:55
Para: This list is to discuss BCOPs in LACNOG <bcop at lacnog.org>
Asunto: Re: [BCOP] BCOP Draft-2: open for comments

 

 

 

GR-03: The CPE MUST support IPv6 following RFC7084 and transition mechanisms (draft-ietf-v6ops-transition-ipv4aas), in order to avoid the risk of a premature obsolescence.

 

 

We have to find the appropriate wording to reference relevant documents avoiding normative language on topics outside security. 

 

The "risk of a premature obsolescence” Is addressed in section: "Update and Management Requirements (MR)"

 

BTW, should we include a section with recommendations for detecting and replacing obsolete CPEs?

 

Christian

 

 

 

 

 

The mention to draft-ietf-v6ops-transition-ipv4aas will be sufficient once it is an RFC, because it already has a MUST for RFC7084.

 

 

 

 

I think it makes a lot of sense.

 

 


Regards,

 

 

Jordi

 

 

 

 

 

 

 

 

 

De: BCOP <bcop-bounces at lacnog.org> en nombre de Jan Zorz <zorz at isoc.org>
Responder a: This list is to discuss BCOPs in LACNOG <bcop at lacnog.org>
Fecha: sábado, 16 de junio de 2018, 15:59
Para: "bcop at lacnog.org" <bcop at lacnog.org>
Asunto: Re: [BCOP] BCOP Draft-2: open for comments

 

 

 

He he, should we declare absence of IPv6 support a security risk? :D

 

On a serious note - somebody could go, get this list of requirements, discover that IPv6 is not a requirement and with straight face order cpe's without IPv6 support. That's a risk that I see.

 

I would add just a sentence at the beginning that it is presumed for the purpose of the document that IPv6 and IPv4 protocols are supported, implemented and enabled.

 

Cheers, Jan

 

---

 

Sent from mobile phone, please excuse brevity and top-posting

 

On 16 Jun 2018, at 16:33, JORDI PALET MARTINEZ <jordi.palet at consulintel.es> wrote:

 
Hi Jan,



It is a "minimum security for acquisition", not minimum features ... Those features are better documented in RFC7084 and if you want to support transition soon, hopefully in the RFC resulting from draft-ietf-v6ops-transition-ipv4aas 



I think when done, we can also bring it to RIPE ?



Regards,

Jordi

 

 



-----Mensaje original-----

De: BCOP <bcop-bounces at lacnog.org> en nombre de Jan Zorz - ISOC <zorz at isoc.org>

Responder a: This list is to discuss BCOPs in LACNOG <bcop at lacnog.org>

Fecha: sábado, 16 de junio de 2018, 15:27

Para: <bcop at lacnog.org>

Asunto: Re: [BCOP] BCOP Draft-2: open for comments



    On 16/06/2018 04:59, Lucimara Desiderá wrote:
 
 Hello LACNOG Community
 
 
 
 
 After two rounds of discussions, we are releasing today the Draft-2 of 
 
 
 the BCOP document "Minimum security requirements for CPEs acquisition".
 
 
 
 
 Until July 22, 2018, the Draft-2 will be open for comments and 
 
 
 suggestions from the whole LACNOG community and you are all welcome to 
 
 
 provide feedback and make contributions. Contributors from M3AAWG will 
 
 
 also have the opportunity to review the document.
 
 
 
 
 The Draft-2 is available at the link below. In order make comments and 
 
 
 to see others' suggestions, please sign in to Google Docs and request 
 
 
 permission to edit.
 
 
 
 
 https://docs.google.com/document/d/1_Sa8ZEnKXiAnh_xRc-J44VXadUGdr98MT_MZrA5sALc/edit?usp=sharing
 

    

    Hey,

    

    Thank you for sharing, this is a great document. I skimmed through while 

    waiting for my flight home at Helsinki airport and document looks in 

    good shape. It's a bit IETF-ish, but on the other hand that also gives 

    clarity to the language.

    

    One thing that I'm missing is that IPv6 is not requested as a must 

    anywhere. Do we presume that new CPEs have IPv6 by default anyway?

    

    Cheers and thnx, Jan
 


    BCOP mailing list

    BCOP at lacnog.org

    https://mail.lacnic.net/mailman/listinfo/bcop

    




**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
 

BCOP mailing list
BCOP at lacnog.org
https://mail.lacnic.net/mailman/listinfo/bcop
 
_______________________________________________ BCOP mailing list BCOP at lacnog.org https://mail.lacnic.net/mailman/listinfo/bcop

 


**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

_______________________________________________
BCOP mailing list
BCOP at lacnog.org
https://mail.lacnic.net/mailman/listinfo/bcop


_______________________________________________ BCOP mailing list BCOP at lacnog.org https://mail.lacnic.net/mailman/listinfo/bcop 


**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

_______________________________________________ BCOP mailing list BCOP at lacnog.org https://mail.lacnic.net/mailman/listinfo/bcop 



**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.lacnic.net/pipermail/bcop/attachments/20180619/4c91b490/attachment-0001.html>

More information about the BCOP mailing list