[multipathtcp] FW: SECDIR review of draft-ietf-mptcp-rfc6824bis-11
<philip.eardley@bt.com> Tue, 17 July 2018 13:31 UTC
Return-Path: <philip.eardley@bt.com>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B89D130F17 for <multipathtcp@ietfa.amsl.com>; Tue, 17 Jul 2018 06:31:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KKLZBSZaR93t for <multipathtcp@ietfa.amsl.com>; Tue, 17 Jul 2018 06:31:45 -0700 (PDT)
Received: from smtpb1.bt.com (smtpb1.bt.com [62.7.242.142]) (using TLSv1.2 with cipher AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 598A6130E79 for <multipathtcp@ietf.org>; Tue, 17 Jul 2018 06:31:21 -0700 (PDT)
Received: from rew09926dag03b.domain1.systemhost.net (10.55.202.22) by EVMED06-UKBR.bt.com (10.216.161.38) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 17 Jul 2018 14:31:17 +0100
Received: from rew09926dag03b.domain1.systemhost.net (10.55.202.22) by rew09926dag03b.domain1.systemhost.net (10.55.202.22) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Tue, 17 Jul 2018 14:31:17 +0100
Received: from rew09926dag03b.domain1.systemhost.net ([fe80::d514:fe50:560c:401e]) by rew09926dag03b.domain1.systemhost.net ([fe80::d514:fe50:560c:401e%12]) with mapi id 15.00.1293.004; Tue, 17 Jul 2018 14:31:17 +0100
From: philip.eardley@bt.com
To: multipathtcp@ietf.org
Thread-Topic: SECDIR review of draft-ietf-mptcp-rfc6824bis-11
Thread-Index: AQHUHdBN8bTG60vCqUa6RrGKFYNpRaSTaPIg
Date: Tue, 17 Jul 2018 13:31:17 +0000
Message-ID: <bbf93729e5a6401ab3fc53c6bcebf40c@rew09926dag03b.domain1.systemhost.net>
References: <CAF4+nEE2JcBtv6=9s7Z6aAivuOf8yKvJRRKaZbeqZyumv2Gwkw@mail.gmail.com>
In-Reply-To: <CAF4+nEE2JcBtv6=9s7Z6aAivuOf8yKvJRRKaZbeqZyumv2Gwkw@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.216.161.45]
Content-Type: multipart/alternative; boundary="_000_bbf93729e5a6401ab3fc53c6bcebf40crew09926dag03bdomain1sy_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/kZ5Q3rDb6S65ZXiMixXEsH079DY>
Subject: [multipathtcp] FW: SECDIR review of draft-ietf-mptcp-rfc6824bis-11
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jul 2018 13:31:52 -0000
We have a nice secarea review of the document – thanks to Donald, phil From: Donald Eastlake [mailto:d3e3e3@gmail.com] Sent: 17 July 2018 09:15 To: draft-ietf-mptcp-rfc6824bis.all@ietf.org Cc: secdir@ietf.org; iesg@ietf.org Subject: SECDIR review of draft-ietf-mptcp-rfc6824bis-11 I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready. This draft specified version 1 of Multipath TCP obsoleting version 0. The paths are identified by the 4-tuple of IP addresses and ports for each path. The services offered to applications are the same as TCP. The additional information needed for setting up and tearing down paths, synchronizing flows, etc., is communicated using TCP options. The Security Considerations section appears to be good and the security mechanisms adequate to achieve the documents goal of being as secure as TCP. There is a good if somewhat generalized Threat Analysis in RFC 6181 as well as an Architecture document in RFC 6182 that considers security aspects. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 1424 Pro Shop Court, Davenport, FL 33896 USA d3e3e3@gmail.com<mailto:d3e3e3@gmail.com>
- [multipathtcp] FW: SECDIR review of draft-ietf-mp… philip.eardley