[secdir] secdir review of draft-ietf-bfd-rfc5884-clarifications-02
Stephen Kent <kent@bbn.com> Tue, 06 October 2015 20:03 UTC
Return-Path: <kent@bbn.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5B5A1B3277 for <secdir@ietfa.amsl.com>; Tue, 6 Oct 2015 13:03:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R77GdQEfc4jc for <secdir@ietfa.amsl.com>; Tue, 6 Oct 2015 13:03:49 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 313DB1B31FB for <secdir@ietf.org>; Tue, 6 Oct 2015 13:03:49 -0700 (PDT)
Received: from ssh.bbn.com ([192.1.122.15]:44292 helo=COMSEC.fios-router.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1ZjYSe-00084D-Kx; Tue, 06 Oct 2015 16:03:45 -0400
To: secdir <secdir@ietf.org>, aldrin.ietf@gmail.com, nobo.akiya.dev@gmail.com, kalyanir@cisco.com, venggovi@cisco.com, 'Jeffrey Haas' <jhaas@pfrc.org>, "Alvaro Retana (aretana)" <aretana@cisco.com>, db3546@att.com
From: Stephen Kent <kent@bbn.com>
Message-ID: <56142920.5080402@bbn.com>
Date: Tue, 06 Oct 2015 16:03:44 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------090608070908070209030002"
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/GpH4m9rCBut3tWdYmwaFxpZz71s>
Subject: [secdir] secdir review of draft-ietf-bfd-rfc5884-clarifications-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Oct 2015 20:03:51 -0000
I reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.These comments were written with the intent of improving security requirements and considerations in IETF drafts.Comments not addressed in last call may be included in AD reviews during the IESG review.Document editors and WG chairs should treat these comments just like any other last call comments. This document is intended to clarify RFC 5584, which describes BFD for MPLS LSPs (try saying that quickly 5 times!). I didn’t find any security problems with this very brief document. The Security Considerations section refers to the RFC being “clarified” and additionally cites RFC 4379. RFC 4379 contains a reasonable Security Considerations section. RFC 5584 contains a 1-paragraph Security Considerations section that cites 4 RFCs: 5880, 5883, 4379, and 5290. RFC 5880 is the base document for BFD, and it contains a 2-page Security Considerations section, although several portions of the text are out of date. RFC 5883 contains a trivial, 1 paragraph Security Considerations section. RFC 4379 contains a decent 1-page Security Considerations section. RFC 5290 is the MPLS/GMPLS Security Framework, a substantial document discussing security for MPLS. Considering the focus of this document and its 6-page length, its references to the Security Considerations sections of the other RFCs suffice.
- [secdir] secdir review of draft-ietf-bfd-rfc5884-… Stephen Kent