[Pce] Roman Danyliw's Discuss on draft-ietf-pce-stateful-hpce-13: (with DISCUSS and COMMENT)
Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 18 September 2019 14:15 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: pce@ietf.org
Delivered-To: pce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E5D612011F; Wed, 18 Sep 2019 07:15:21 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-pce-stateful-hpce@ietf.org, Adrian Farrel <adrian@olddog.co.uk>, pce-chairs@ietf.org, adrian@olddog.co.uk, pce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.101.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <156881612137.4479.15191325652251719065.idtracker@ietfa.amsl.com>
Date: Wed, 18 Sep 2019 07:15:21 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/pce/v35iMJLmB4wpDL74EcXvQ--ksFk>
Subject: [Pce] Roman Danyliw's Discuss on draft-ietf-pce-stateful-hpce-13: (with DISCUSS and COMMENT)
X-BeenThere: pce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Path Computation Element <pce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pce>, <mailto:pce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pce/>
List-Post: <mailto:pce@ietf.org>
List-Help: <mailto:pce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pce>, <mailto:pce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2019 14:15:21 -0000
Roman Danyliw has entered the following ballot position for draft-ietf-pce-stateful-hpce-13: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-pce-stateful-hpce/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- ** Section 4. Per “The security considerations listed in [RFC8231], [RFC6805] and [RFC5440] apply to this document as well. As per [RFC6805], it is expected that the parent PCE will require all child PCEs to use full security when communicating with the parent.”, the references make sense, thanks for making them. My concern is in the definition of “use full security”. I can see those words come from RFC6805, however, I can't find where that set of practices is defined. Can this please be clarified. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- ** Section 4. Per the recommendation to use TLS _or_ TCP-AO. -- I take the point from the SECDIR (thanks Stephen Farrell) about the (lack of) deployment of AO. My caution would be that TLS and TCP-AO provide different security mechanism and therefore imbue different security properties and this should be noted. (i.e., this isn’t a choice between like options) -- As an editorial nit, it would be worth saying that guidance for implementing using TLS with PCEP can be found in RFC8232. ** Editorial Nits: Title. Is the period at the end of the title necessary?
- [Pce] Roman Danyliw's Discuss on draft-ietf-pce-s… Roman Danyliw via Datatracker
- Re: [Pce] Roman Danyliw's Discuss on draft-ietf-p… Dhruv Dhody
- Re: [Pce] Roman Danyliw's Discuss on draft-ietf-p… Roman Danyliw