[mpls] Roman Danyliw's Discuss on draft-ietf-mpls-egress-protection-framework-06: (with DISCUSS and COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Tue, 09 July 2019 20:08 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-mpls-egress-protection-framework@ietf.org, Loa Andersson <loa@pi.nu>, mpls-chairs@ietf.org, loa@pi.nu, mpls@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <156270292067.15831.1558464118600381453.idtracker@ietfa.amsl.com>
Date: Tue, 09 Jul 2019 13:08:40 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/mpls/jgph6-bA8hBYn-XEfU81cAcu_-0>
Subject: [mpls] Roman Danyliw's Discuss on draft-ietf-mpls-egress-protection-framework-06: (with DISCUSS and COMMENT)

Roman Danyliw has entered the following ballot position for
draft-ietf-mpls-egress-protection-framework-06: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-mpls-egress-protection-framework/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

A few questions about the Security Considerations:

(1) Section 11.  I appreciate that this a framework document that is trying to
be generic.  Section 4 (and others) seem to lay out generic requirements. 
However, this Security Considerations section is both vague on the protocol
choices (understandable) and the security services/properties they would have
(the gap).   For example, “The general security measures of the protocols
SHOULD be used whenever applicable.” and “The available security measures of
the chosen protocol SHOULD be used to achieve a secured session between the two
routers.”  Some discussion of what a “secured session” would look like would be
helpful.

(2) Section 11.  What are the elements and enablers of “a certain level of
trust … [being] established between the routers for the protocols to run
securely”?


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

(3) Section 4.  Per “The framework MUST consider minimizing disruption during
deployment”, why is this MUST only to _consider_ minimizing rather than
actually minimizing the disruption?

(4) Section 5.7.  Per “a globally unique IPv4/v6 address  is assigned to a
protected egress {E, P} as the identifier of the protected egress {E, P}”, I
recommend being explicit and saying and s/IPv4\\v6/IPv4 or v6/

(5) Section 9.  I’m missing something obvious -- what is a “label table
pe2.mpls”?

[mpls] Roman Danyliw's Discuss on draft-ietf-mpls… Roman Danyliw via Datatracker
Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Yimin Shen
Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Yimin Shen
Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw
Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Yimin Shen
Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw
Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Yimin Shen