[secdir] secdir review of draft-ietf-trill-directory-framework-06

Charlie Kaufman <charliek@microsoft.com> Wed, 07 August 2013 17:05 UTC

Return-Path: <charliek@microsoft.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C72821E812F; Wed, 7 Aug 2013 10:05:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.534
X-Spam-Level: *
X-Spam-Status: No, score=1.534 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, SARE_RAND_6=2, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kUuuMv6vK0WC; Wed, 7 Aug 2013 10:05:32 -0700 (PDT)
Received: from am1outboundpool.messaging.microsoft.com (am1ehsobe003.messaging.microsoft.com [213.199.154.206]) by ietfa.amsl.com (Postfix) with ESMTP id 21E2D21F9A96; Wed, 7 Aug 2013 10:05:26 -0700 (PDT)
Received: from mail35-am1-R.bigfish.com (10.3.201.241) by AM1EHSOBE018.bigfish.com (10.3.207.140) with Microsoft SMTP Server id 14.1.225.22; Wed, 7 Aug 2013 17:05:25 +0000
Received: from mail35-am1 (localhost [127.0.0.1]) by mail35-am1-R.bigfish.com (Postfix) with ESMTP id CBFB0100288; Wed, 7 Aug 2013 17:05:25 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC103.redmond.corp.microsoft.com; RD:autodiscover.service.exchange.microsoft.com; EFVD:NLI
X-SpamScore: 4
X-BigFish: VS4(zzc85fhzz1f42h208ch1ee6h1de0h1fdah2073h1202h1e76h1d1ah1d2ah1fc6hzz1d7338h17326ah18c673h1de096h8275bh8275dh1de097hz2fh2a8h683h839hd24hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h1b0ah1bceh1d07h1d0ch1d2eh1d3fh1dc1h1de9h1dfeh1dffh1e1dh17ej9a9j1155h)
Received-SPF: pass (mail35-am1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=charliek@microsoft.com; helo=TK5EX14HUBC103.redmond.corp.microsoft.com ; icrosoft.com ;
X-Forefront-Antispam-Report-Untrusted: CIP:157.56.240.21; KIP:(null); UIP:(null); (null); H:BL2PRD0310HT003.namprd03.prod.outlook.com; R:internal; EFV:INT
Received: from mail35-am1 (localhost.localdomain [127.0.0.1]) by mail35-am1 (MessageSwitch) id 1375895123277075_12807; Wed, 7 Aug 2013 17:05:23 +0000 (UTC)
Received: from AM1EHSMHS010.bigfish.com (unknown [10.3.201.241]) by mail35-am1.bigfish.com (Postfix) with ESMTP id 34EFB2A005E; Wed, 7 Aug 2013 17:05:23 +0000 (UTC)
Received: from TK5EX14HUBC103.redmond.corp.microsoft.com (131.107.125.8) by AM1EHSMHS010.bigfish.com (10.3.207.110) with Microsoft SMTP Server (TLS) id 14.16.227.3; Wed, 7 Aug 2013 17:05:21 +0000
Received: from ch1outboundpool.messaging.microsoft.com (157.54.51.112) by mail.microsoft.com (157.54.86.9) with Microsoft SMTP Server (TLS) id 14.3.136.1; Wed, 7 Aug 2013 17:05:12 +0000
Received: from mail133-ch1-R.bigfish.com (10.43.68.246) by CH1EHSOBE005.bigfish.com (10.43.70.55) with Microsoft SMTP Server id 14.1.225.22; Wed, 7 Aug 2013 17:04:00 +0000
Received: from mail133-ch1 (localhost [127.0.0.1]) by mail133-ch1-R.bigfish.com (Postfix) with ESMTP id B24114017E; Wed, 7 Aug 2013 17:04:00 +0000 (UTC)
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(199002)(189002)(46102001)(74316001)(69226001)(47976001)(49866001)(74706001)(50986001)(47736001)(19580385001)(33646001)(4396001)(74662001)(79102001)(54356001)(76482001)(53806001)(83322001)(59766001)(19580395003)(51856001)(80976001)(47446002)(74502001)(54316002)(31966008)(77982001)(74366001)(56776001)(56816003)(16236675002)(63696002)(76786001)(77096001)(74876001)(83072001)(81542001)(76576001)(65816001)(76176001)(19300405004)(76796001)(80022001)(15202345003)(16406001)(81342001)(3826001)(24736002); DIR:OUT; SFP:; SCL:1; SRVR:BL2PR03MB592; H:BL2PR03MB592.namprd03.prod.outlook.com; CLIP:2001:4898:80e8:ed31::8b; RD:InfoNoRecords; A:1; MX:1; LANG:en;
Received: from mail133-ch1 (localhost.localdomain [127.0.0.1]) by mail133-ch1 (MessageSwitch) id 137589503776661_31118; Wed, 7 Aug 2013 17:03:57 +0000 (UTC)
Received: from CH1EHSMHS010.bigfish.com (snatpool3.int.messaging.microsoft.com [10.43.68.225]) by mail133-ch1.bigfish.com (Postfix) with ESMTP id 048BA4E0051; Wed, 7 Aug 2013 17:03:57 +0000 (UTC)
Received: from BL2PRD0310HT003.namprd03.prod.outlook.com (157.56.240.21) by CH1EHSMHS010.bigfish.com (10.43.70.10) with Microsoft SMTP Server (TLS) id 14.16.227.3; Wed, 7 Aug 2013 17:03:55 +0000
Received: from BL2PR03MB592.namprd03.prod.outlook.com (10.255.109.35) by BL2PRD0310HT003.namprd03.prod.outlook.com (10.255.97.38) with Microsoft SMTP Server (TLS) id 14.16.341.1; Wed, 7 Aug 2013 17:03:53 +0000
Received: from BL2PR03MB592.namprd03.prod.outlook.com (10.255.109.35) by BL2PR03MB592.namprd03.prod.outlook.com (10.255.109.35) with Microsoft SMTP Server (TLS) id 15.0.731.11; Wed, 7 Aug 2013 17:03:52 +0000
Received: from BL2PR03MB592.namprd03.prod.outlook.com ([169.254.11.38]) by BL2PR03MB592.namprd03.prod.outlook.com ([169.254.11.38]) with mapi id 15.00.0731.000; Wed, 7 Aug 2013 17:03:52 +0000
From: Charlie Kaufman <charliek@microsoft.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-trill-directory-framework.all@tools.ietf.org" <draft-ietf-trill-directory-framework.all@tools.ietf.org>
Thread-Topic: secdir review of draft-ietf-trill-directory-framework-06
Thread-Index: Ac6TjsVavOP/CXwQRN63OmzJzsd+hA==
Date: Wed, 07 Aug 2013 17:03:52 +0000
Message-ID: <00fa8fdba33644e2970788cd2a0aee64@BL2PR03MB592.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:4898:80e8:ed31::8b]
x-forefront-prvs: 0931CB1479
Content-Type: multipart/alternative; boundary="_000_00fa8fdba33644e2970788cd2a0aee64BL2PR03MB592namprd03pro_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: BL2PR03MB592.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%TOOLS.IETF.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14HUBC103.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14HUBC103.redmond.corp.microsoft.com
X-OriginatorOrg: microsoft.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Subject: [secdir] secdir review of draft-ietf-trill-directory-framework-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2013 17:05:39 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.



This document describes a framework for adding a central control mechanism to trill to replace or supplement its autoconfiguring mechanism of dynamically learning the locations of all addresses on the LAN. The specific protocols for supplying and consuming this configuration information will presumably appear in future specs. This sort of configuration control is useful in a datacenter where all connections are carefully configured rather than being plug and play. It is particularly applicable in a "cloud" environment where virtual machines are moved between physical machines by some sort of Virtual Machine Management System that will also assign addresses and place them.

This is a re-review. This latest draft incorporates all of my comments on -05, in particular an expanded description of the security advantages of this approach over the standard autoconfiguration in trill. I have no issues with it. I did find 2 typos:

Page 4 last paragraph: "Both items 3 and 4 above..." There are only three items above. I suspect it should say "Both items 2 and 3 above..."

Page 15 section 7 paragraph 3: "Perhaps S want steal" -> "Perhaps S wants to steal"