[CCAMP] FWD: [secdir] Review of: draft-ietf-ccamp-otn-g709-info-model

Lou Berger <lberger@labn.net> Thu, 24 October 2013 13:14 UTC

Return-Path: <lberger@labn.net>
X-Original-To: ccamp@ietfa.amsl.com
Delivered-To: ccamp@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5C07311E81A5 for <ccamp@ietfa.amsl.com>; Thu, 24 Oct 2013 06:14:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.098
X-Spam-Status: No, score=-102.098 tagged_above=-999 required=5 tests=[AWL=0.167, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 1FBi1QyMDVcm for <ccamp@ietfa.amsl.com>; Thu, 24 Oct 2013 06:14:00 -0700 (PDT)
Received: from oproxy7-pub.mail.unifiedlayer.com (oproxy7-pub.mail.unifiedlayer.com []) by ietfa.amsl.com (Postfix) with SMTP id 2F5B911E8329 for <ccamp@ietf.org>; Thu, 24 Oct 2013 06:14:00 -0700 (PDT)
Received: (qmail 14781 invoked by uid 0); 24 Oct 2013 13:13:38 -0000
Received: from unknown (HELO box313.bluehost.com) ( by oproxy7.mail.unifiedlayer.com with SMTP; 24 Oct 2013 13:13:38 -0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=labn.net; s=default; h=Content-Transfer-Encoding:Content-Type:Subject:To:MIME-Version:From:Date:Message-ID; bh=E24L3itSL1G7gtQss4YUGQCKtFmz/N726/Thwdoj5r0=; b=UdEuUvE+a8xlGToE2SlJmYBKgXQ8uXnPi7CsA/S94rgKG0rRYR8kukNLIHRKH9X1e4QPSwXre1UQCjFn7J+IyyExUHrJvoJgL8cf1WjcFJRDc2f+fK+9lTI+TSPN+CsO;
Received: from box313.bluehost.com ([]:51982 helo=[]) by box313.bluehost.com with esmtpa (Exim 4.80) (envelope-from <lberger@labn.net>) id 1VZKjJ-0002CS-SI; Thu, 24 Oct 2013 07:13:38 -0600
Message-ID: <52691CFB.6080805@labn.net>
Date: Thu, 24 Oct 2013 09:13:31 -0400
From: Lou Berger <lberger@labn.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.0.1
MIME-Version: 1.0
To: CCAMP <ccamp@ietf.org>, Warren Kumari <warren@kumari.net>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Identified-User: {1038:box313.bluehost.com:labnmobi:labn.net} {sentby:smtp auth authed with lberger@labn.net}
Subject: [CCAMP] FWD: [secdir] Review of: draft-ietf-ccamp-otn-g709-info-model
X-BeenThere: ccamp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion list for the CCAMP working group <ccamp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ccamp>, <mailto:ccamp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ccamp>
List-Post: <mailto:ccamp@ietf.org>
List-Help: <mailto:ccamp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ccamp>, <mailto:ccamp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Oct 2013 13:14:04 -0000

FYI - from http://www.ietf.org/mail-archive/web/secdir/current/msg04230.html

    To: "iesg at ietf.org" <iesg at ietf.org>, "secdir at ietf.org"
<secdir at ietf.org>, draft-ietf-ccamp-otn-g709-info-model.all at
    Subject: [secdir] Review of: draft-ietf-ccamp-otn-g709-info-model
    From: Warren Kumari <warren at kumari.net>
    Date: Fri, 13 Sep 2013 18:53:03 -0400
    Delivered-to: secdir at ietfa.amsl.com
    List-archive: <http://www.ietf.org/mail-archive/web/secdir>
    List-help: <mailto:secdir-request@ietf.org?subject=help>
    List-id: Security Area Directorate <secdir.ietf.org>
    List-post: <mailto:secdir@ietf.org>
    List-subscribe: <https://www.ietf.org/mailman/listinfo/secdir>,
    List-unsubscribe: <https://www.ietf.org/mailman/options/secdir>,

Be ye not afraid...
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Summary for Security AD: Nothing to see here, move along...

General summary:

This document could do with a careful reading for nits and similar.
It also use a large number of acronyms that are not defined in it --
e.g: ODUflex, GFP-F, ODUk.
While there may be really well known in some spheres, I have *no* idea
what they mean.
Please explain / expand them, or (probably much easier) simply say:
"Familiarity with GMPLS and <whatever> is expected, especially

The Security Considerations section contains:
"New types of information to be conveyed regard OTN containers and
hierarchies and from a security standpoint this memo does not introduce
further risks with respect to the information that can be currently
conveyed via GMPLS protocols."
I had a really hard time parsing this sentence -- I agree that this
does't seem to introduce any new security issues, but the sentence seems
to missing some words. Or something.

Some nits:

draft-ietf-ccamp-gmpls-ospf-g709v3-07 is now

draft-ietf-ccamp-gmpls-signaling-g709v3-11 is now

Section 1:
O: extensions need to support [G.709-2012] is provided in [OTN-FWK].
P:  extensions needed to support [G.709-2012] is provided in [OTN-FWK].
C: s/need/needed/

Section 2.  G.709 Mapping and Multiplexing Capabilities

O: The digital OTN layered structure is comprised of digital path layer
   (ODU) and digital section layer (OTU)
P: The digital OTN layered structure is comprised of the digital path layer
   (ODU) and the digital section layer (OTU)

O:  needs to be advertised and signaled, what is already there in GMPLS
and what is missing.
P: needs to be advertised and signaled, what already exists GMPLS and
what is missing.

3.  Tributary Slot Granularity

O:  ITU-T recommendation defines two types of Tributary Slot (TS)
C: Which ITU-T recommendation? Reference.

O: - If both ends of a link are new cards supporting both 1.25Gbps TS
      and 2.5Gbps TS, then the link will work with 1.25Gbps TS.
C: Throughout this section you reference "new" and "old" cards. I think
you need better names or simply removed the words "new" and "old". I
could presumably go to my vendor and buy a card that only supports
2.5Gbps tomorrow and that would be "new" for me.

3.2.  Control Plane considerations
O:  In case they cannot, A will compute an alternate path from itself to
Z (see figure 4).
P: If not, A will compute an alternate path from itself to Z (see figure 4).
P:  If they cannot, A will compute an alternate path from itself to Z
(see figure 4).
P:  In the case that they cannot, A will compute an alternate path from
itself to Z (see figure 4).

O: Moreover, also TS granularity information needs to be signaled.
P: Moreover, TS granularity information also needs to be signaled.

O: the signaling to permit node C (see figure 5) choose the right one
P: the signaling to permit node C (see figure 5) to choose the right one

O: towards D. In case the full ERO is provided in the signaling with
P: towards D. In the case that the full ERO is provided in the signaling
P: towards D. In cases where the full ERO is provided in the signaling with

(I stopped here)


I once absend-mindedly ordered Three Mile Island dressing in a
restaurant and, with great presence of mind, they brought Thousand
Island Dressing and a bottle of chili sauce.
    -- Terry Pratchett