IETF Logo Mail Archive

[secdir] secdir Review of draft-ietf-v6ops-3gpp-eps

Russ Mundy <mundy@sparta.com> Wed, 24 August 2011 21:42 UTC

Return-Path: <mundy@sparta.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB51721F8D61; Wed, 24 Aug 2011 14:42:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aBh265nU941S; Wed, 24 Aug 2011 14:42:17 -0700 (PDT)
Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id 27C2021F8D5F; Wed, 24 Aug 2011 14:42:16 -0700 (PDT)
Received: from Beta5.sparta.com (beta5.sparta.com [157.185.63.21]) by M4.sparta.com (8.13.5/8.13.5) with ESMTP id p7OLhRO6031822; Wed, 24 Aug 2011 16:43:27 -0500
Received: from mailbin2.ads.sparta.com (mailbin.sparta.com [157.185.85.6]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id p7OLhP7R028728; Wed, 24 Aug 2011 16:43:26 -0500
Received: from [192.94.214.97] ([192.94.214.97]) by mailbin2.ads.sparta.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Wed, 24 Aug 2011 17:43:23 -0400
User-Agent: Microsoft-Entourage/12.25.0.100505
Date: Wed, 24 Aug 2011 17:43:14 -0400
From: Russ Mundy <mundy@sparta.com>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-v6ops-3gpp-eps.all@tools.ietf.org
Message-ID: <CA7AE8B2.C2F68%mundy@sparta.com>
Thread-Topic: secdir Review of draft-ietf-v6ops-3gpp-eps
Thread-Index: AcxiptOJyMiiEtDT+UKl56ec35rfXg==
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-OriginalArrivalTime: 24 Aug 2011 21:43:25.0355 (UTC) FILETIME=[DA4E27B0:01CC62A6]
Cc: Russ Mundy <mundy@sparta.com>
Subject: [secdir] secdir Review of draft-ietf-v6ops-3gpp-eps
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2011 21:42:17 -0000

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors. Document editors and WG chairs should treat these comments just
like any other last call comments.
        
While I do agree with the factual correctness of the Security Considerations
section (the document does not _introduce_ any security related concerns),
the support for IPv6 in 3GPP networks described in document certainly does
have a number of security concerns.  Some obvious examples, use of DHCP
based address management and access control/authorization of the PDN
Connection (shown in Figure 8).  Although these and other security issues
are likely addressed in various other documents, it would be useful to make
a definitive statement to that effect in the Security Considerations
section.  It would be even more useful if some more specific references were
to be included in parts of the document that clearly deal with security
issues such as address management and access control and authorization.
        
        
        Russ Mundy

v2.23.0 | Report a Bug | By Email