Evaluation of Candidate Protocols for IP Flow Information Export (IPFIX)
draft-leinen-ipfix-eval-contrib-03

[Note]: 'Move normative reference:
  [3]  Djernaes, M., "Cisco Systems NetFlow Services Export Version 9
        Transport", draft-djernaes-netflow-9-transport-00 (work in
        progress), February 2003. to an informative reference.' added by Bert Wijnen

[Ballot comment]
Nice evaluation.  I would like it if all of the candidates were described in RFCs -- a future reader of this document may be frustrated by the inability to research some details of one of the described candidates.

The discussion of LFAP should probably note that DES is not regarded as adequately secure.

The Conclusions section should note that the work effort to improve NetFlow must include suitable security enhancements.  In particular, some decision on the precise security mechanism must be made; simply saying "just use IPsec" or "just switch to TCP and use TLS" are inadequate, especially the former.

[Note]: 'Move normative reference:
  [3]  Djernaes, M., "Cisco Systems NetFlow Services Export Version 9
        Transport", draft-djernaes-netflow-9-transport-00 (work in
        progress), February 2003. to an informative reference.' added by Amy Vezza

[Ballot comment]
I like the idea of the candidates being published as RFCs - they
should all have text at the beginning stating they were candidates
to make the context clear.

[Ballot discuss]
The WG is going to kill me but I note the chosen solution is
never mentioned in the two sections about security capabilities.

Further the transport-friendliness of the chosen solution is weak despite
a long discussion over a year by transport:

"Netflow version 9 "can be run over PR-SCTP" though it is usually
run over UDP.  I'd like to see something like Netflow version 9 has
mandatory to implement PR-SCTP because it is known to have
large flows that can be an issue when used in the wide area.

[Ballot comment]
Nice evaluation.  I would like it if all of the candidates were described in RFCs -- a future reader of this document may be frustrated by the inability to research some details of one of the described candidates.

[Note]: 'Move normative reference:
  [3]  Djernaes, M., "Cisco Systems NetFlow Services Export Version 9
        Transport", draft-djernaes-netflow-9-transport-00 (work in
        progress), February 2003. to an informative reference.' added by Bert Wijnen

[Note]: 'Move normative reference:
  [3]  Djernaes, M., "Cisco Systems NetFlow Services Export Version 9
        Transport", draft-djernaes-netflow-9-transport-00 (work in
        progress), February 2003.

to an informative reference.' added by Bert Wijnen

- Move reference
  [3]  Djernaes, M., "Cisco Systems NetFlow Services Export Version 9
        Transport", draft-djernaes-netflow-9-transport-00 (work in
        progress), February 2003.
  from Noramative to Informative section.

Basically ready for publication except maybe for the
below complication. Checking with author and WG chairs

-----Original Message-----
From: Wijnen, Bert (Bert)
Sent: woensdag 24 maart 2004 18:15
To: Simon Leinen (E-mail)
Cc: Dave Plonka (E-mail); Nevil Brownlee (E-mail); David Kessens
(E-mail)
Subject: Status: draft-leinen-ipfix-eval-contrib-02.txt


Simon, I was checking if I can put this doc on the IESG agenda.
It seems it is ready to go to that step now.

I still see this normative reference, and I am not clear
if this will ever be submitted, will it:

  draft-djernaes-netflow-9-transport-00
has the author any intentions to submit it for Informational RFC?

If that does not happen, then maybe it should be moved
to informative.  I can do so with an RFC-Editor note if needed.
Otherwise your document may hang forever in the RFC-Editor queue.
And I wonder if it is really MUST reading in order to understand
the evaluation.

Thanks,
Bert

AD review posted to WG mailing list

-----Original Message-----
From: Wijnen, Bert (Bert) [mailto:bwijnen@lucent.com]
Sent: maandag 22 december 2003 17:47
To: 'Ipfix Wg' (E-mail) (E-mail)
Cc: 'simon@limmat.switch.ch'
Subject: [ipfix] AD Evaluation of:
draft-leinen-ipfix-eval-contrib-01.txt


Serious questions:
- Many of the documents for the protcools that were evaluated
  are (possibly expired or soon to expire) internet-drafts.
  Are you sure they are just informative and that there is no
  need to read them in order to understand the evaluation?
  Possibly they are not needed (I think I can see that after
  reading the whol draft). It might be good to make an explicit
  statement at the end of section 1 to say that you have extracted
  the relevant information from the evaluation drafts and that
  the detailed content of those drafts is not needed to understand
  this summary/executive/consolidated evaluation document.

- Anyway,
  - I see that some have made it to RFC.
    RFC3423 - draft-kzhang-crane-protocol-05.txt
    RFC3588 - draft-ietf-aaa-diameter-17.txt
  - These are still there as (very old) drafts
    draft-kzhang-ipfix-eval-crane-00.txt
    draft-zander-ipfix-diameter-eval-00.txt
    draft-calato-ipfix-lfap-eval-00.txt
    draft-bclaise-netflow-9-00.txt
  - I do not see/find:
    expired: draft-riverstone-lfap-01.txt
    expired: draft-riverstone-lfap-data-01.txt
    expired: draft-claise-ipfix-eval-netflow-04.txt
  And so on.
- 6.  Security Considerations
    The security mechanisms of the candidate protocols were discussed in
    the section about the Security requirement (6.3.2).
  I think it would be good to make a reference here to the doc that
  contains that sect 6.3.2 !! And porbably you mean sect 6.3.3. in
  the ipfix requirements doc anyway!

Nits and admin comments

- abstract speaks about "this draft", you man "this document"
  draft dioes not read so well when it is an RFC.
- first sentence in sect 4.1 missing right parenthesis
- sect 4.10.3.2 3rd line: s/evel/level/
- ANy idea, where reference [NDM-U-3.1] can be obtained/accessed?
 

Thanks,
Bert