[Bier] Secdir last call review of draft-ietf-bier-php-12
Shawn Emery via Datatracker <noreply@ietf.org> Thu, 03 October 2024 07:30 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: bier@ietf.org
Delivered-To: bier@ietfa.amsl.com
Received: from [10.244.8.155] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 81963C16942C; Thu, 3 Oct 2024 00:30:14 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Shawn Emery via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.25.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <172794061414.1110405.2942702584249285522@dt-datatracker-7bbd96684-zjf54>
Date: Thu, 03 Oct 2024 00:30:14 -0700
Message-ID-Hash: F2RPVGYS2IKQAVS7CYCRUCZOCA6DYR3V
X-Message-ID-Hash: F2RPVGYS2IKQAVS7CYCRUCZOCA6DYR3V
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-bier.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: bier@ietf.org, draft-ietf-bier-php.all@ietf.org, last-call@ietf.org
X-Mailman-Version: 3.3.9rc5
Reply-To: Shawn Emery <shawn.emery@gmail.com>
Subject: [Bier] Secdir last call review of draft-ietf-bier-php-12
List-Id: "\"Bit Indexed Explicit Replication discussion list\"" <bier.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bier/Fs9fnC3QL2_slV4UHv8iU6wWynI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bier>
List-Help: <mailto:bier-request@ietf.org?subject=help>
List-Owner: <mailto:bier-owner@ietf.org>
List-Post: <mailto:bier@ietf.org>
List-Subscribe: <mailto:bier-join@ietf.org>
List-Unsubscribe: <mailto:bier-leave@ietf.org>
Reviewer: Shawn Emery Review result: Has Nits I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This standards track draft specifies a protocol for removing the Bit Index Explicit Replication (BIER) header by the 2nd to last router before forwarding to a BIER incapable router. The goal of the protocol is to prevent the last router in the path from unnecessarily processing the BIER header. The security considerations sections does exist and discloses that the protocol does not introduce any additional security implications beyond that of "BIER architecture and OSPF/IS-IS/BGP extensions for BIER signaling". It would be helpful to outline the relevant RFCs that each of these building blocks of this draft is dependent upon on in this section. I focused this review on RFC8279 and believe that the aforementioned assertion is correct. General comments: A well written document, covering intricate conditionals. Editorial comments: None.
- [Bier] Secdir last call review of draft-ietf-bier… Shawn Emery via Datatracker