[secdir] secdir review of draft-ietf-rmt-pi-norm-revised-11
"David Harrington" <ietfdbh@comcast.net> Mon, 04 May 2009 20:23 UTC
Return-Path: <ietfdbh@comcast.net>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7CFF43A7131 for <secdir@core3.amsl.com>; Mon, 4 May 2009 13:23:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.507
X-Spam-Level:
X-Spam-Status: No, score=-2.507 tagged_above=-999 required=5 tests=[AWL=0.092, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vxpy5ghbonUJ for <secdir@core3.amsl.com>; Mon, 4 May 2009 13:23:37 -0700 (PDT)
Received: from QMTA06.westchester.pa.mail.comcast.net (qmta06.westchester.pa.mail.comcast.net [76.96.62.56]) by core3.amsl.com (Postfix) with ESMTP id 673CB3A696D for <secdir@ietf.org>; Mon, 4 May 2009 13:23:37 -0700 (PDT)
Received: from OMTA12.westchester.pa.mail.comcast.net ([76.96.62.44]) by QMTA06.westchester.pa.mail.comcast.net with comcast id nMzY1b0010xGWP856YQvPQ; Mon, 04 May 2009 20:24:55 +0000
Received: from Harrington73653 ([24.147.240.21]) by OMTA12.westchester.pa.mail.comcast.net with comcast id nYR21b00y0UQ6dC3YYR3kV; Mon, 04 May 2009 20:25:04 +0000
From: David Harrington <ietfdbh@comcast.net>
To: secdir@ietf.org
Date: Mon, 04 May 2009 16:25:01 -0400
Message-ID: <05a401c9ccf6$67ac3550$0600a8c0@china.huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
Thread-Index: AcnM9ma544Dx/Yr6RNyYA24XSVmxyQ==
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
Cc: 'Magnus Westerlund' <magnus.westerlund@ericsson.com>, tim.polk@nist.gov, Pasi.Eronen@nokia.com, adamson@itd.nrl.navy.mil, M.Handley@cs.ucl.ac.uk, cabo@tzi.org, 'Joe Macker' <macker@itd.nrl.navy.mil>, 'Lorenzo Vicisano' <lorenzo@vicisano.net>
Subject: [secdir] secdir review of draft-ietf-rmt-pi-norm-revised-11
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 May 2009 20:23:38 -0000
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document specifies a protocol (or an update to a protocol) that provides end-to-end reliable transport of bulk data objects or streams over multicast routing and forwarding services. It also provides a congestion control scheme. It is designed to permit different upper layer services to utilize its services in different ways. I previousaly reviewed the -09- revision, where I asked that the specification tighen up requirements, ala RFC2119, especially in the Security Considerations. That was done to a degree. More should be done. There are places with text like "It is expected that ..." that might be better expressed as SHOULDs. There are lower case must/should/may/require uses. Since this is a requested early review, let me also comment on document clarity. I found some of the paragraphs have conditionals in them, often following a statement of MUST or SHOULD compliance. I think the "However ..." conditionals really hurt the clarity of the specification. For example: Large NORM group sizes will necessitate some form of key management that does rely upon shared secrets. The GDOI and GSAKMP protocols mentioned here allow for certificate-based authentication. It is RECOMMENDED these certificates use IP addresses for authentication although it may alternatively possible to have authentication associated with pre-assigned NormNodeId values. However, it is likely that available group key management implementations will not be NORM-specific. Is the information after "RECOMMENDED these certificates use IP addresses for authentication" really needed here? If I alternately have authentication associated with re-assigned NormNodeId values, and do not support IP adresses for authentication, am I still compliant? A pet peeve - "it should be noted that" is almost always not needed. Just make the statement, which effectively notes the point. Nothing "should" about it! The same pet peeve variations: unnecessary introductory phrases or clauses in sentences: s/The principal issue is that configuration and operation of IPsec typically requires privileged user authorization./Configuration and operation of IPsec typically requires privileged user authorization./ s/It is expected that additional specifications may/ Additional specifications MAY/ Some words to look at whether they are really necessary: Additionally However Thus It is expected that As previously noted, Note that also as always as mentioned in section x.x as noted David Harrington dbharrington@comcast.net ietfdbh@comcast.net dharrington@huawei.com
- [secdir] secdir review of draft-ietf-rmt-pi-norm-… David Harrington
- Re: [secdir] secdir review of draft-ietf-rmt-pi-n… Magnus Westerlund
- Re: [secdir] secdir review of draft-ietf-rmt-pi-n… Brian Adamson