[pim] Stephen Farrell's Discuss on draft-ietf-pim-rfc4601bis-05: (with DISCUSS)

"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Tue, 26 May 2015 13:08 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: pim@ietfa.amsl.com
Delivered-To: pim@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B17971B2B5D; Tue, 26 May 2015 06:08:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9aWSZYIK-qdS; Tue, 26 May 2015 06:08:33 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C7171B2B69; Tue, 26 May 2015 06:08:33 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.0.3
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150526130833.24322.71081.idtracker@ietfa.amsl.com>
Date: Tue, 26 May 2015 06:08:33 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/pim/l8qtfxa4m8dDuXwUSCFy1dOCMhI>
Cc: draft-ietf-pim-rfc4601bis@ietf.org, pim-chairs@ietf.org, pim@ietf.org
Subject: [pim] Stephen Farrell's Discuss on draft-ietf-pim-rfc4601bis-05: (with DISCUSS)
X-BeenThere: pim@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Protocol Independent Multicast <pim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pim>, <mailto:pim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pim/>
List-Post: <mailto:pim@ietf.org>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 May 2015 13:08:34 -0000

Stephen Farrell has entered the following ballot position for
draft-ietf-pim-rfc4601bis-05: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-pim-rfc4601bis/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------



4601 used IPsec AH for it's MTI security. This removes that and
points at 5796 which defines how to use ESP for link local
addresses and with manual keying. That raises one technical
question and two ickky process questions. The ickky process
questions are probably best discussed between the IESG at least
initially in case we don't need to bother the authors/wg with
'em.

(1) I'd like to check that 5796 defines a way in which one can
secure all PIM messages that are defined here in 4601bis (should
one want to do that). If there are cases where PIM-SM can be
used and where there is no well defined security then I think
that would be a problem. And I think maybe there are such cases.
Am I wrong? If not, then how does one secure those?

(2) Is it ok for an IS to depend on a PS for it's MTI security
mechanism? (I think it is, but yeah, someone else might not.) 

(3) Is it ok for an IS to not conform to BCP107? (I think it
depends, and I'm not sure in this case.)

- My review was based on the diff vs 4601 [1] and the abstract
of 5796 which seems fairly clear though.

   [1]
https://tools.ietf.org/rfcdiff?url1=rfc4601&url2=draft-ietf-pim-rfc4601bis-05.txt