[secdir] SecDir review for draft-ietf-conex-destopt-09
Robert Sparks <rjsparks@nostrum.com> Wed, 26 August 2015 20:38 UTC
Return-Path: <rjsparks@nostrum.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 094241A8822; Wed, 26 Aug 2015 13:38:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O77WuJH8sXSS; Wed, 26 Aug 2015 13:38:20 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 629921A7013; Wed, 26 Aug 2015 13:38:17 -0700 (PDT)
Received: from unnumerable.local (pool-71-170-237-80.dllstx.fios.verizon.net [71.170.237.80]) (authenticated bits=0) by nostrum.com (8.15.2/8.14.9) with ESMTPSA id t7QKcGDb089856 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=OK); Wed, 26 Aug 2015 15:38:17 -0500 (CDT) (envelope-from rjsparks@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host pool-71-170-237-80.dllstx.fios.verizon.net [71.170.237.80] claimed to be unnumerable.local
Message-ID: <55DE23B3.5030305@nostrum.com>
Date: Wed, 26 Aug 2015 15:38:11 -0500
From: Robert Sparks <rjsparks@nostrum.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: "secdir@ietf.org" <secdir@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, draft-ietf-conex-destopt.all@ietf.org
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/CJcHBqLQKtTUXj8m23AVdDA99Sw>
Subject: [secdir] SecDir review for draft-ietf-conex-destopt-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Aug 2015 20:38:22 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: On the right track with open issues I was also the Gen-Art reviewer for this draft My Gen-Art Review can be found here: <http://mailarchive.ietf.org/arch/msg/gen-art/kxvhQcl3d2fS5aX_4nXUqGRBy0w> Please skim that review if you have not already seen it for context. This document defines a new IPv6 Destination Option. It relies on AH to detect any tampering (particularly removal) with the option. The document is currently formulated to simply define the option, and leaves it to other documents to describe when to use the option and how audit mechanisms in protocols that use the option can protect themselves from likely attacks. If the document clarifies that the option must not be used except by a protocol that has defined these things, I believe sufficient effort has been put into the security considerations. If the group intends for this option to be usable without such an additional protocol definition, this document needs to contain more discussion.
- [secdir] SecDir review for draft-ietf-conex-desto… Robert Sparks