[secdir] secdir review of draft-ietf-ccamp-assoc-ext-04
Leif Johansson <leifj@sunet.se> Wed, 29 August 2012 19:50 UTC
Return-Path: <leifj@sunet.se>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD35221F854D; Wed, 29 Aug 2012 12:50:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.028
X-Spam-Level:
X-Spam-Status: No, score=-3.028 tagged_above=-999 required=5 tests=[AWL=-0.429, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ogxiklWkOsGj; Wed, 29 Aug 2012 12:50:16 -0700 (PDT)
Received: from backup-server.nordu.net (backup-server.nordu.net [193.10.252.66]) by ietfa.amsl.com (Postfix) with ESMTP id B335B21F8545; Wed, 29 Aug 2012 12:50:15 -0700 (PDT)
Received: from [10.0.0.11] (ua-83-227-179-169.cust.bredbandsbolaget.se [83.227.179.169]) (authenticated bits=0) by backup-server.nordu.net (8.14.5/8.14.3) with ESMTP id q7TJmpE8009466 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 29 Aug 2012 21:48:57 +0200 (CEST)
Message-ID: <503E7223.2060005@sunet.se>
Date: Wed, 29 Aug 2012 21:48:51 +0200
From: Leif Johansson <leifj@sunet.se>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:14.0) Gecko/20120714 Thunderbird/14.0
MIME-Version: 1.0
To: "iesg@ietf.org" <iesg@ietf.org>, draft-ietf-ccamp-assoc-ext.all@tools.ietf.org, "secdir@ietf.org" <secdir@ietf.org>
X-Enigmail-Version: 1.4.4
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [secdir] secdir review of draft-ietf-ccamp-assoc-ext-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Aug 2012 19:50:17 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft describes use of RSVP ASSOCIATION objects that extends their current use as defined by GMPLS. The subject matter is well beyond my area of expertise so take this review with a grain of salt. In the security considerations section the authors basically say that using ASSOCIATION objects for (say) VOIP call reservations doesn't introduce any new security issues beyond those that already exist for the GMPLS use of ASSOCIATION objects. I suspect that may be simplifying the issue but I can't find any obvious counter-examples. Regards Leif -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlA+ch8ACgkQ8Jx8FtbMZndD9QCgijOhEHUlpvgcnjbadtiLvUWO IZMAoKLD+m6VVMnvr133ICSZkfLTYryG =xTw1 -----END PGP SIGNATURE-----
- [secdir] secdir review of draft-ietf-ccamp-assoc-… Leif Johansson