[Idr] SecDir review of draft-ietf-idr-flowspec-redirect-rt-bis-03

Alexey Melnikov <alexey.melnikov@isode.com> Wed, 08 April 2015 15:06 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: expand-draft-ietf-idr-flowspec-redirect-rt-bis.all@virtual.ietf.org
Delivered-To: idr@ietfa.amsl.com
Received: by ietfa.amsl.com (Postfix, from userid 65534) id 4AE911B3216; Wed, 8 Apr 2015 08:06:14 -0700 (PDT)
X-Original-To: xfilter-draft-ietf-idr-flowspec-redirect-rt-bis.all@ietfa.amsl.com
Delivered-To: xfilter-draft-ietf-idr-flowspec-redirect-rt-bis.all@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B0991B3204 for <xfilter-draft-ietf-idr-flowspec-redirect-rt-bis.all@ietfa.amsl.com>; Wed, 8 Apr 2015 08:06:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eO_t7Lzgzup8 for <xfilter-draft-ietf-idr-flowspec-redirect-rt-bis.all@ietfa.amsl.com>; Wed, 8 Apr 2015 08:06:13 -0700 (PDT)
Received: from zinfandel.tools.ietf.org (zinfandel.tools.ietf.org [IPv6:2001:1890:123a::1:2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7110B1B3206 for <draft-ietf-idr-flowspec-redirect-rt-bis.all@ietf.org>; Wed, 8 Apr 2015 08:05:59 -0700 (PDT)
Received: from ext-bt.isode.com ([217.34.220.158]:1846 helo=statler.isode.com) by zinfandel.tools.ietf.org with esmtp (Exim 4.82_1-5b7a7c0-XX) (envelope-from <alexey.melnikov@isode.com>) id 1YfrYA-00031a-G4 for draft-ietf-idr-flowspec-redirect-rt-bis.all@tools.ietf.org; Wed, 08 Apr 2015 08:05:59 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1428503708; d=isode.com; s=selector; i=@isode.com; bh=ahnQDUMBVgS/lPu/b2JNoigQzobAnhokDY5AIpNlZ+A=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=IqNmO7J8ThO8PxoUCMJGj8Yt13ASzNhUhcmBtw8uLme1H+1DKfJUf5i4VvQ01CJF4Xsszz C16ycWS8+/30/yQ5goFWIfYkueIxuE2E7leS+GuEZ0NRveuvBsUjnloPgmxMYffZuNI2Sm PKbabv7PdFq1fD74uQdTQUEaOCjuBBs=;
Received: from [172.20.1.215] (dhcp-215.isode.net [172.20.1.215]) by statler.isode.com (submission channel) via TCP with ESMTPSA id <VSU8nABAISAu@statler.isode.com>; Wed, 8 Apr 2015 15:35:08 +0100
Message-ID: <55253C8D.5070305@isode.com>
Date: Wed, 08 Apr 2015 15:34:53 +0100
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
To: secdir@ietf.org, draft-ietf-idr-flowspec-redirect-rt-bis.all@tools.ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-Helo-Check-Failed: Verification failed for HELO statler.isode.com
X-SA-Exim-Connect-IP: 217.34.220.158
X-SA-Exim-Rcpt-To: draft-ietf-idr-flowspec-redirect-rt-bis.all@tools.ietf.org
X-SA-Exim-Mail-From: alexey.melnikov@isode.com
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000)
X-SA-Exim-Scanned: Yes (on zinfandel.tools.ietf.org)
Resent-To: draft-ietf-idr-flowspec-redirect-rt-bis.all@ietf.org
Resent-Message-Id: <20150408150559.7110B1B3206@ietfa.amsl.com>
Resent-Date: Wed, 8 Apr 2015 08:05:59 -0700 (PDT)
Resent-From: alexey.melnikov@isode.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/draft-ietf-idr-flowspec-redirect-rt-bis.all@tools/6vTpXNqfcrXlZ-u4Mg--rKy_tKk>
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/0jXFpCAc0nboYTvFkbhQyOnPrYM>
X-Mailman-Approved-At: Wed, 08 Apr 2015 08:11:41 -0700
Subject: [Idr] SecDir review of draft-ietf-idr-flowspec-redirect-rt-bis-03
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2015 15:06:14 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document clarifies the formatting of the the BGP Flowspec Redirect 
Extended Community, originally documented in RFC 5575 (Dissemination of 
Flow Specification Rules).

This document is a straightforward clarification to RFC 5575. 
Documenting existing practice will improve security of implementations. 
Pointing to the Security Considerations of RFC 5575 is appropriate for 
this document.

I believe that this ID is ready for publication.