Re: [Last-Call] Secdir last call review of draft-ietf-lsr-ospf-reverse-metric-07
Ketan Talaulikar <ketant.ietf@gmail.com> Wed, 21 September 2022 14:18 UTC
Return-Path: <ketant.ietf@gmail.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAD41C14CF0F; Wed, 21 Sep 2022 07:18:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0SSGqJ5LavAI; Wed, 21 Sep 2022 07:18:25 -0700 (PDT)
Received: from mail-vs1-xe33.google.com (mail-vs1-xe33.google.com [IPv6:2607:f8b0:4864:20::e33]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7543C14F747; Wed, 21 Sep 2022 07:18:25 -0700 (PDT)
Received: by mail-vs1-xe33.google.com with SMTP id p4so6872755vsa.9; Wed, 21 Sep 2022 07:18:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=uKEIAJK39Ivpt+WyMmKNkIujib7w9xyq30s+goepwDA=; b=IHProZnoQtUW3EOL1QO1T74YWFligDiLQn1bYx4AWFcLKz9gMODYsWHJNDgY3ZxOI1 EdRJU7EJgy8J6CYLPlWbaCdp2HVuCkwBH5J6ffRHAGrCMA8FBx/y3P21FEhyZF/K8HLX BM2DVYE5Tr9Vn4LsL2GR+tGECrxbi9tEWYa0H/XyzHHnMwrsjENZVgRi1zZBuRokF7sj cpwPk6D2Mwy5twyrU9hBzlNo8XkBSufF5cKkdn3dbW6ZcMSzx0FPR4ylQsZueVAuqyBW reSiIEc1TjYNcSO6ybd2zyZZhLNGd3eSXfkcIMUJUPF10kBIEFnUdSwj/tJdkofQkOCe fcqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=uKEIAJK39Ivpt+WyMmKNkIujib7w9xyq30s+goepwDA=; b=m8Rp1h+mwRLi3cuB79681tJWxB2jxQ8CSyAqPl3uprK8qndcjyV9R3CQAUUzLXF/+y OB639WtdjxLqu10qLfArD6T6oO1BALfCK86vsvzsMWNcdPpex4SiWPBwdyHuQpeKYF4u v9XiZs3S0DWsqthF7ScW/kwpn8HtzoY2oWPULSJsZbXN54JOq6mfj+67oQBNWAgwzt2V zmhgBNTwvfQeUlZwNtaZcN5QN1jz1kch1letKC39URozF1um1A6e2KFNrvCmlof3XUXS 8QiW1PDQz2CdGiSaYxTBaz1XUfqzuKpZ/wAU+G3tMx6TE8unSH0MWkUXWe7Hj/39ehQd gVPQ==
X-Gm-Message-State: ACrzQf21HlREDGEnUdJ5Xa5FJFGSbu8vADjH9EaG7ex+IHrUYJetsMS1 uo+Sk7D/Fz2YglL6afruWvSPlpCG+B9L8gOr0LSBU9q8JipAnw==
X-Google-Smtp-Source: AMsMyM6CSob3VZ1tHStT6eGBSGHB0xkZQ7Zo5DFui0EH3u5P2klRBAYhdpogMknm3NQif9r+mhZP08lm4wnuuhtzFM8=
X-Received: by 2002:a67:d501:0:b0:398:5150:3b8d with SMTP id l1-20020a67d501000000b0039851503b8dmr10831407vsj.15.1663769904442; Wed, 21 Sep 2022 07:18:24 -0700 (PDT)
MIME-Version: 1.0
References: <0c24c96b678a44a09785aec7e440dc06@infineon.com>
In-Reply-To: <0c24c96b678a44a09785aec7e440dc06@infineon.com>
From: Ketan Talaulikar <ketant.ietf@gmail.com>
Date: Wed, 21 Sep 2022 19:48:11 +0530
Message-ID: <CAH6gdPzV9XTjw2GM=MihGMYbTU=AW8Hk50AH3oOvwn5yD77+9Q@mail.gmail.com>
To: Steve.Hanna@infineon.com
Cc: secdir@ietf.org, draft-ietf-lsr-ospf-reverse-metric.all@ietf.org, last-call@ietf.org, lsr@ietf.org
Content-Type: multipart/alternative; boundary="00000000000024709505e9309ea0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/tBxB6aUQiu4XipPU8EPjpTWtJIc>
Subject: Re: [Last-Call] Secdir last call review of draft-ietf-lsr-ospf-reverse-metric-07
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2022 14:18:29 -0000
Hi Steve, Thanks for your review and please check inline below for responses. These updates are included in the version just posted: https://datatracker. ietf.org/doc/html/draft-ietf-lsr-ospf-reverse-metric-08 On Tue, Sep 20, 2022 at 11:29 PM <Steve.Hanna@infineon.com> wrote: > Reviewer: Steve Hanna > > Review result: Ready > > > > I reviewed this document as part of the Security Directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written primarily for the benefit of the Security Area > Directors. Document authors, document editors, and WG chairs should treat > these comments just like any other IETF Last Call comments. > > > > Overall, the proposal described in the document seems reasonable and > clear. In light of the security measures provided by OSPFv2 and OPSFv3, I > don’t foresee any additional security problems that would be caused by > implementing this proposal. > > > > Document: draft-ietf-lsr-ospf-reverse-metric-07 > > Reviewer: Steve Hanna > > Review Date: 2022-09-20 > > IETF LC End Date: 2022-09-20 > > > > Summary: Ready > > > > Major Concerns: None > > Minor Concerns: Just nits and comments > > > > Nits and comments: > > > > There is a typo on page 8: > > > > A router stops including the Reverse Metric TLV in its Hello packets > > when it needs its neighbors to go back to using its own provisioned > > metric values. > > > > Should be > > > > > > A router stops including the Reverse Metric TLV in its Hello packets > > when it needs its neighbors to go back to using *their* own provisioned > > metric values. > > KT> Ack > > > You might want to state explicitly that the values contained in the > Reverse Metric field and the Reverse TE Metric field are always unsigned. I > believe that is true but maybe somebody could imagine putting a signed > integer there when the O bit is set. > KT> Ack Thanks, Ketan > >
- [Last-Call] Secdir last call review of draft-ietf… Steve.Hanna
- Re: [Last-Call] Secdir last call review of draft-… Ketan Talaulikar