[Last-Call] Secdir last call review of draft-ietf-bess-evpn-lsp-ping-08

Rifaat Shekh-Yusef via Datatracker <noreply@ietf.org> Tue, 11 October 2022 13:54 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Rifaat Shekh-Yusef via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: bess@ietf.org, draft-ietf-bess-evpn-lsp-ping.all@ietf.org, last-call@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <166549646960.63193.4258994849223360241@ietfa.amsl.com>
Reply-To: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Date: Tue, 11 Oct 2022 06:54:29 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/OHMZEYMVMIHV3TGXHipV-PmscAY>
Subject: [Last-Call] Secdir last call review of draft-ietf-bess-evpn-lsp-ping-08

Reviewer: Rifaat Shekh-Yusef
Review result: Has Nits

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.

Document editors and WG chairs should treat these comments just like any other
last call comments.

LSP Ping is a widely deployed Operation, Administration, and
Maintenance mechanism in MPLS networks.  This document describes
mechanisms for detecting data plane failures using LSP Ping in MPLS
based EVPN and PBB-EVPN network

Summary: Ready

This document builds on top of an existing and widely deployed mechanism, by
adding new TLVs to the LSP Ping mechanism. The existing mechanism security
properties are well defined in existing standards, and this document does not
seem to make any changes that impacts the existing security properties.

I did not see any mention of potential impact of the new TLVs on privacy. It
would be nice if that could be addressed in the security considerations section.

[Last-Call] Secdir last call review of draft-ietf… Rifaat Shekh-Yusef via Datatracker
Re: [Last-Call] [bess] Secdir last call review of… Parag Jain (paragj)