[OPSEC] Rtgdir last call review of draft-ietf-opsec-v6-24

Acee Lindem via Datatracker <noreply@ietf.org> Tue, 23 March 2021 14:19 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: opsec@ietf.org
Delivered-To: opsec@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B7A3F3A0E96; Tue, 23 Mar 2021 07:19:04 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Acee Lindem via Datatracker <noreply@ietf.org>
To: <rtg-dir@ietf.org>
Cc: draft-ietf-opsec-v6.all@ietf.org, last-call@ietf.org, opsec@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.27.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <161650914469.13419.16565124530354757829@ietfa.amsl.com>
Reply-To: Acee Lindem <acee@cisco.com>
Date: Tue, 23 Mar 2021 07:19:04 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/KwiGOp1PRGMAHDfDDBOHUXnkAuI>
Subject: [OPSEC] Rtgdir last call review of draft-ietf-opsec-v6-24
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 14:19:05 -0000

Reviewer: Acee Lindem
Review result: Has Nits

Hello,

I have been selected as the Routing Directorate reviewer for this draft.
The Routing Directorate seeks to review all routing or routing-related
drafts as they pass through IETF last call and IESG review, and
sometimes on special request. The purpose of the review is to provide
assistance to the Routing ADs. For more information about the Routing
Directorate, please see  

  http://trac.tools.ietf.org/area/rtg/trac/wiki/RtgDir

Although these comments are primarily for the use of the Routing ADs,
it would be helpful if you could consider them along with any other
IETF Early Review/Last Call  comments that you receive, and strive to
resolve them through discussion or by updating the draft.

Document: draft-ietf-opsec-v6-24.txt
Reviewer: Acee Lindem
Review Date: 03/23/2021
IETF LC End Date: Soon
Intended Status:  Informational

Summary: The document contains a lot of useful recommendations and
         references for Operational Security in IPv6 networks. Since
         the document has "Informational" status, none of the text is
         normative.

         The document is basically ready for publication. I have some
         nits attached and a have couple suggested references for
         IPv6 control plane security.

Major Issues: None

Minor Issues:

    1. Section 2.4 - Recommend implementation of key-chains and graceful
       key rollover as documented in section 2.2 of RFC 8177. This will
       avoid the disruptions during key rollover.

    2. Section 2.4 - Recommend implementation of SPF rate-limiting as
       documented in RFC 8541. This is in the context of OSPFv3 protocol
       specific mechanisms and the recommended rate-limiting.

Nits: Will send diffs in separate message.