IETF Logo Mail Archive

Secdir review of draft-ietf-pim-drlb-13

Carl Wallace <carl@redhoundsoftware.com> Sat, 09 November 2019 10:49 UTC

Return-Path: <carl@redhoundsoftware.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3C4B120851 for <ietf@ietfa.amsl.com>; Sat, 9 Nov 2019 02:49:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kce_2D_dafm4 for <ietf@ietfa.amsl.com>; Sat, 9 Nov 2019 02:49:36 -0800 (PST)
Received: from mail-yb1-xb32.google.com (mail-yb1-xb32.google.com [IPv6:2607:f8b0:4864:20::b32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7D41120086 for <ietf@ietf.org>; Sat, 9 Nov 2019 02:49:35 -0800 (PST)
Received: by mail-yb1-xb32.google.com with SMTP id h23so1062239ybg.2 for <ietf@ietf.org>; Sat, 09 Nov 2019 02:49:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:message-id:thread-topic :mime-version:content-transfer-encoding; bh=3WxnjSmESfcDJjqh83SPcpJxnZsK+jNmy/woDJkAwPM=; b=ib+ga3ekUVdL5vylz1wAsrale0TbxI4AmRj7YQEr70AuAKOydUCXl7yB2nCzW6KNSf 0eLXWDCOrfOT/FsHesL93vBijHG8f87Np63z02u3UYW10V3uAv4JI5ZH3kMOQstfY0sz S67w+He3T6QXvvjYy/Y4bxu++9nRgm0w2vnGI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:mime-version:content-transfer-encoding; bh=3WxnjSmESfcDJjqh83SPcpJxnZsK+jNmy/woDJkAwPM=; b=TBdNUyrWDKxykAcqwkWNGkmnwik0wRbgiNjQpZyf/hKkZKuS+Hr0ilkPJSlts8F61T 6rhKE+jXe7GZQ0e3L9Gp46NM6GlAiPXESDTFhc3etNZc9ifqE+ODl8r2REvyqcX8KJ5S z7EYJjQflBf3JZclHaBkfoP9Rx6LNOjcNclN7V9a5SWDRBJzTBZv9a704fZGcW/21U97 Asphc2l3p+UKDjlhN2Dh+iHePOje67VN4KAHJMwqWSwkJO5NBi79jQKQ5FhVIuWH3Ttc NcmahoAmXwKt4gLpATe3uly4oQerloFUAot4ZZkdbr7+ZUjlxDJW/Y5Fue7LdUiWBxBn SCLg==
X-Gm-Message-State: APjAAAWEDh3yL0RmtXVeXvRR806OR1uFelOqxzDQb2EAXlB9jZ5KaXA1 HhoP1OPQUUSxcgCrnVB71LP+CA==
X-Google-Smtp-Source: APXvYqw938lo4Hddy8XsZR1xlL8hj11T3IcDcXxae9gx37yLdwgZL/2SkwB1+sdKI5ogWLoY6QRXgw==
X-Received: by 2002:a25:4057:: with SMTP id n84mr12290218yba.435.1573296574825; Sat, 09 Nov 2019 02:49:34 -0800 (PST)
Received: from [10.130.0.123] (rrcs-98-101-204-34.midsouth.biz.rr.com. [98.101.204.34]) by smtp.gmail.com with ESMTPSA id p126sm2502296ywc.16.2019.11.09.02.49.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 09 Nov 2019 02:49:33 -0800 (PST)
User-Agent: Microsoft-MacOutlook/10.10.f.191014
Date: Sat, 09 Nov 2019 05:49:33 -0500
Subject: Secdir review of draft-ietf-pim-drlb-13
From: Carl Wallace <carl@redhoundsoftware.com>
To: draft-ietf-pim-drlb-13.all@ietf.org, secdir@ietf.org, ietf@ietf.org
Message-ID: <2572EB02-5F21-451B-95EA-B7D8D2207AC8@redhoundsoftware.com>
Thread-Topic: Secdir review of draft-ietf-pim-drlb-13
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/TnuGXORTVK3vEg1RvlRAIUaFgew>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Nov 2019 10:49:39 -0000

I have reviewed this document as part of the security directorate's  ongoing effort to review all IETF documents being processed by the  IESG.  These comments were written primarily for the benefit of the  security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

This document defines an extension to the PIM-SM protocol to allow some responsibilities of is Designated Router to be distributed amongst a set of routers instead of the router elected as DR. 

The document is well written and has clear examples. The security considerations references those of the DR as applicable to the new mechanism. This seems fine.  One minor comment, the last sentence in the operational considerations section seemed odd to me. It wasn't clear to me why migration between different hash algorithms is not considered in this document (or why this is much different from changes in DR priority, which is also required to be considered as a GDR candidate). 

The document is ready to my eye.

v2.23.0 | Report a Bug | By Email