[secdir] secdir review of draft-ietf-pwe3-vccv-bfd-05
"Dan Harkins" <dharkins@lounge.org> Tue, 30 June 2009 00:48 UTC
Return-Path: <dharkins@lounge.org>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0E1013A6927; Mon, 29 Jun 2009 17:48:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.228
X-Spam-Level:
X-Spam-Status: No, score=-6.228 tagged_above=-999 required=5 tests=[AWL=0.037, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LQY1IllSGMWs; Mon, 29 Jun 2009 17:48:36 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by core3.amsl.com (Postfix) with ESMTP id 6A7F93A67D4; Mon, 29 Jun 2009 17:48:36 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 35CA010224074; Mon, 29 Jun 2009 17:48:57 -0700 (PDT)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Mon, 29 Jun 2009 17:48:57 -0700 (PDT)
Message-ID: <c61343fcddf91ee956f39e3291a38bbc.squirrel@www.trepanning.net>
Date: Mon, 29 Jun 2009 17:48:57 -0700
From: Dan Harkins <dharkins@lounge.org>
To: secdir@ietf.org
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: tom.nadeau@bt.com, matthew.bocci@alcatel-lucent.com, cpignata@cisco.com, iesg@ietf.org, pwe3-chairs@tools.ietf.org
Subject: [secdir] secdir review of draft-ietf-pwe3-vccv-bfd-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2009 00:48:37 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft adds some new types verify connectivity and signal fault detection or fault status over a Pseudowire. It states that it introduces no new security issues beyond those defined in RFC 5085 and a couple of I-Ds on Bidirectional Forwarding Detection (BFD) and that seems to be correct. I see no security issues with this draft. On a non-security issue though, it appears that when doing IP encapsulation of BFD it sends to a randomly selected IP address from the loopback. I always thought that a loopback address MUST NOT appear outside a router or host. Has that changed or am I misunderstanding something about this draft? regards, Dan.
- [secdir] secdir review of draft-ietf-pwe3-vccv-bf… Dan Harkins
- Re: [secdir] secdir review of draft-ietf-pwe3-vcc… Carlos Pignataro (cpignata)