[RTG-DIR] RtgDir review: draft-ietf-karp-bfd-analysis-04.txt
"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Thu, 31 July 2014 06:03 UTC
Return-Path: <ginsberg@cisco.com>
X-Original-To: rtg-dir@ietfa.amsl.com
Delivered-To: rtg-dir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA3A31A0276 for <rtg-dir@ietfa.amsl.com>; Wed, 30 Jul 2014 23:03:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MTYMiQtL-Ixl for <rtg-dir@ietfa.amsl.com>; Wed, 30 Jul 2014 23:03:03 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B65DA1A0298 for <rtg-dir@ietf.org>; Wed, 30 Jul 2014 23:03:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=9157; q=dns/txt; s=iport; t=1406786582; x=1407996182; h=from:to:cc:subject:date:message-id:mime-version; bh=2S4scQZuS6pLCuViXaRjTDtthqfNEkfdsH4hCSyUi3s=; b=dU3PSApXK6mzVZ74gxptwAEuyrvDMpTbel/tybt3Fgzv/S6VNjfkIRm3 KFfsT5ESnYUDfOyMPuhVCZHaE7+hdzmnhZ2TqvoQKahhqKLGbDnR3xaCN m5MlIUhwJPe64Qs5Y3bG4gwyriohvrPmchucudyjHtJn8vn0v6bdnGiRF w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AmoFAAnb2VOtJA2G/2dsb2JhbABZgkdHUlcEySOBYodLAYEHFneEBQEBAy1MEgEcDlYmAQQODQESiCcNvDIXjUaBVSARgzaBGwWOZYhZhXiTAYNJbAGBRA
X-IronPort-AV: E=Sophos; i="5.01,770,1400025600"; d="scan'208,217"; a="65392543"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by alln-iport-8.cisco.com with ESMTP; 31 Jul 2014 06:03:01 +0000
Received: from xhc-aln-x15.cisco.com (xhc-aln-x15.cisco.com [173.36.12.89]) by alln-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id s6V631SB016091 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 31 Jul 2014 06:03:01 GMT
Received: from xmb-aln-x02.cisco.com ([169.254.5.120]) by xhc-aln-x15.cisco.com ([173.36.12.89]) with mapi id 14.03.0123.003; Thu, 31 Jul 2014 01:03:01 -0500
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: "rtg-ads@tools.ietf.org" <rtg-ads@tools.ietf.org>
Thread-Topic: RtgDir review: draft-ietf-karp-bfd-analysis-04.txt
Thread-Index: Ac+shGzPWBGyWOV8RaCVb10qJlxIvw==
Date: Thu, 31 Jul 2014 06:03:00 +0000
Message-ID: <F3ADE4747C9E124B89F0ED2180CC814F23E88A19@xmb-aln-x02.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.147.59]
Content-Type: multipart/alternative; boundary="_000_F3ADE4747C9E124B89F0ED2180CC814F23E88A19xmbalnx02ciscoc_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/rtg-dir/93Wno5vbXphEtHwDLtOtM8MdlHM
Cc: "rtg-dir@ietf.org" <rtg-dir@ietf.org>, "manav@ionosnetworks.com" <manav@ionosnetworks.com>, "draft-ietf-karp-bfd-analysis@tools.ietf.org" <draft-ietf-karp-bfd-analysis@tools.ietf.org>, "zhangdacheng@huawei.com" <zhangdacheng@huawei.com>, "all@tools.ietf.org" <all@tools.ietf.org>, "mjethanandani@gmail.com" <mjethanandani@gmail.com>
Subject: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-analysis-04.txt
X-BeenThere: rtg-dir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Routing Area Directorate <rtg-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtg-dir/>
List-Post: <mailto:rtg-dir@ietf.org>
List-Help: <mailto:rtg-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Jul 2014 06:03:06 -0000
Hello, I have been selected as the Routing Directorate reviewer for this draft. The Routing Directorate seeks to review all routing or routing-related drafts as they pass through IETF last call and IESG review, and sometimes on special request. The purpose of the review is to provide assistance to the Routing ADs. For more information about the Routing Directorate, please see http://trac.tools.ietf.org/area/rtg/trac/wiki/RtgDir Although these comments are primarily for the use of the Routing ADs, it would be helpful if you could consider them along with any other IETF Last Call comments that you receive, and strive to resolve them through discussion or by updating the draft. Document: draft-ietf-karp-bfd-analysis-04 Reviewer: Les Ginsberg Review Date: July 30, 2014 IETF LC End Date: August 12, 2014 Intended Status: Informational Summary: This document is basically ready for publication, but has minor editorial issues that should be corrected prior to publication. I also have a minor concern which the authors may want to address. Major Issues: None Minor Issues: I am a little surprised that the use of UTC is emphasized as a means of preventing replay attacks. While this is certainly a viable solution what has been more commonly used by a number of other protocols is reserving a portion of the sequence number for a boot count. In fact this is the way that http://www.ietf.org/id/draft-ietf-bfd-generic-crypto-auth-06.txt has chosen. Yet this document chooses to emphasize UTC encoding. Nits: 1)The affiliation for one of the authors (Manav) is inconsistent in the header vs the authors addresses section. 2)In the Introduction the last sentence of the second paragraph reads: "Moving the routing protocols to a stronger algorithm while using weaker algorithm for BFD would require the attacker to bring down BFD in order to bring down the routing protocol. " I think what is meant is that if the BFD authentication algorithm is weaker than that used by the routing protocols it is more likely to be the target of an attack. The phrase "require the attacker..." seems inappropriate. 3)Section 3 last sentence of the penultimate paragraph: s/reply/replay 4)Section 6 Second paragraph second sentence s/notion/the notion Thanx. Les
- [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-anal… Les Ginsberg (ginsberg)
- Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-… manav bhatia
- Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-… Acee Lindem (acee)
- Re: [RTG-DIR] RtgDir review: draft-ietf-karp-bfd-… Les Ginsberg (ginsberg)