Comments on secure sequence number draft

Jeffrey Haas <jhaas@pfrc.org> Wed, 28 March 2018 17:03 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9185D126C19; Wed, 28 Mar 2018 10:03:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P4vIvgftF18G; Wed, 28 Mar 2018 10:03:16 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id C4B82124235; Wed, 28 Mar 2018 10:03:13 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 991891E402; Wed, 28 Mar 2018 13:03:35 -0400 (EDT)
Date: Wed, 28 Mar 2018 13:03:35 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: draft-ietf-bfd-secure-sequence-numbers@ietf.org, rtg-bfd@ietf.org
Subject: Comments on secure sequence number draft
Message-ID: <20180328170335.GE3126@pfrc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/ji4wXFccfIj80NSBNHhggceNLPk>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2018 17:03:18 -0000

Authors,

A few comments on your draft in no particular order:

Operational Considerations:
- How do you go about enabling this feature?
  + It's independent of, but recommended for, optimizing BFD authentication.
- What are the yang considerations?  
  + Similar point - changes to the yang model for optimizing authentication
    likely need this as a separate knob.

- The Security Considerations section is empty.  That needs to be fixed.

-- Jeff