IETF Logo Mail Archive

[GROW] Kathleen Moriarty's No Objection on draft-ietf-grow-filtering-threats-07: (with COMMENT)

"Kathleen Moriarty" <Kathleen.Moriarty.ietf@gmail.com> Thu, 20 August 2015 13:05 UTC

Return-Path: <Kathleen.Moriarty.ietf@gmail.com>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2046C1ACE1E; Thu, 20 Aug 2015 06:05:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rOqLNwffHlDs; Thu, 20 Aug 2015 06:05:03 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F3121ACE1A; Thu, 20 Aug 2015 06:05:02 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.4.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150820130502.24837.95129.idtracker@ietfa.amsl.com>
Date: Thu, 20 Aug 2015 06:05:02 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/grow/iZxlsXXlGlBof-Xds-0Jh2f-ZSI>
Cc: grow-chairs@ietf.org, grow@ietf.org, draft-ietf-grow-filtering-threats.ad@ietf.org, draft-ietf-grow-filtering-threats@ietf.org, draft-ietf-grow-filtering-threats.shepherd@ietf.org
Subject: [GROW] Kathleen Moriarty's No Objection on draft-ietf-grow-filtering-threats-07: (with COMMENT)
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Aug 2015 13:05:04 -0000

Kathleen Moriarty has entered the following ballot position for
draft-ietf-grow-filtering-threats-07: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-grow-filtering-threats/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Please add in the proposed text from the SecDir review to address his
questions:
https://www.ietf.org/mail-archive/web/secdir/current/msg05855.html

Additionally, I'd like to see the Security Considerations mention a point
brought up earlier in the draft, namely that the filtering could cause
traffic to be routed back through a path that doesn't have information
for that more specific AS.  As such, this essentially could cause a DoS
on that traffic until the BGP route allows for the new path for the more
specific AS.  The importance of mentioning this int he security
considerations section is to more explicitly call this out as a potential
DoS attack method.  The time for BGP to repropagate might be short(ish),
but that could be a critical amount of time during an event and maybe the
more specific AS is a web server farm or some other critical resource.

v2.23.0 | Report a Bug | By Email