Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbridge-bfd-05.txt
Eric Gray <eric.gray@ericsson.com> Tue, 12 June 2012 01:16 UTC
Return-Path: <eric.gray@ericsson.com>
X-Original-To: rtg-dir@ietfa.amsl.com
Delivered-To: rtg-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BB5C11E809A for <rtg-dir@ietfa.amsl.com>; Mon, 11 Jun 2012 18:16:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jGR5zCdHP-xE for <rtg-dir@ietfa.amsl.com>; Mon, 11 Jun 2012 18:16:12 -0700 (PDT)
Received: from imr4.ericy.com (imr4.ericy.com [198.24.6.9]) by ietfa.amsl.com (Postfix) with ESMTP id C774911E8098 for <rtg-dir@ietf.org>; Mon, 11 Jun 2012 18:16:12 -0700 (PDT)
Received: from eusaamw0707.eamcs.ericsson.se ([147.117.20.32]) by imr4.ericy.com (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id q5C1G8jl004852; Mon, 11 Jun 2012 20:16:09 -0500
Received: from EUSAACMS0701.eamcs.ericsson.se ([169.254.1.64]) by eusaamw0707.eamcs.ericsson.se ([147.117.20.32]) with mapi; Mon, 11 Jun 2012 21:16:02 -0400
From: Eric Gray <eric.gray@ericsson.com>
To: Donald Eastlake <d3e3e3@gmail.com>
Date: Mon, 11 Jun 2012 21:15:59 -0400
Thread-Topic: [RTG-DIR] RtgDir review: draft-ietf-trill-rbridge-bfd-05.txt
Thread-Index: Ac1IFdKVzff8TbB0RnS+o73kJAZYgwAH49KQ
Message-ID: <C0AC8FAB6849AB4FADACCC70A949E2F123BC311A31@EUSAACMS0701.eamcs.ericsson.se>
References: <6DB11511-5B76-49B3-824B-193824728011@juniper.net> <CAF4+nEHDK=4r_sy1cXM+v=J5ZAuPU3PmghySKC0nqKJ9PDE9kA@mail.gmail.com> <EBAB16DD-DFCF-4D43-B14F-531B857BB8F2@juniper.net>
In-Reply-To: <EBAB16DD-DFCF-4D43-B14F-531B857BB8F2@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: Vishwas Manral <vishwas.ietf@gmail.com>, "rtg-dir@ietf.org" <rtg-dir@ietf.org>, "John G. Scudder" <jgs@juniper.net>, "draft-ietf-trill-rbridge-bfd.all@tools.ietf.org" <draft-ietf-trill-rbridge-bfd.all@tools.ietf.org>, "rtg-ads@tools.ietf.org" <rtg-ads@tools.ietf.org>
Subject: Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbridge-bfd-05.txt
X-BeenThere: rtg-dir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Routing Area Directorate <rtg-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtg-dir>
List-Post: <mailto:rtg-dir@ietf.org>
List-Help: <mailto:rtg-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jun 2012 01:16:13 -0000
Donald, I may regret weighing in on this, but I strongly agree with John's comment on the Security Considerations section below. The Security Considerations section needs an introduction that - at the very least - explains why the section only addresses authentication. In fact, the section only talks about what authentication is to be used, without providing and indication of why. I personally doubt that the Security Directorate feels - as you say - that this is not significant. The section should describe the security concerns associated with the protocol and/or encapsulations associated with this draft - either directly, or by reference. At the moment the section does not do this, even by giving a pointer to someplace else where some analysis has already been done. And this is not difficult to fix. Minimally, the authors can point to Security Considerations in RFC 5881 (which, in turn, points to RFC 5880). RFC 5880, provides a very good analysis, IMO, and it makes sense for this analysis to be re-used by reference in this draft. -- Eric -----Original Message----- From: rtg-dir-bounces@ietf.org [mailto:rtg-dir-bounces@ietf.org] On Behalf Of John G. Scudder Sent: Monday, June 11, 2012 5:03 PM To: Donald Eastlake Cc: Vishwas Manral; rtg-dir@ietf.org; draft-ietf-trill-rbridge-bfd.all@tools.ietf.org; rtg-ads@tools.ietf.org Subject: Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbridge-bfd-05.txt Hi Donald, Comments below only where I had something to say other than "OK". You can take that as read otherwise. On Jun 11, 2012, at 4:48 PM, Donald Eastlake wrote: ... >> Minor Issues: ... >> 4. In two places text like the following appears: >> >> Is the M-bit in the TRILL Header non-zero? If so, discard the >> frame. TRILL support of multi-destination BFD Echo is beyond the >> scope of this document. >> >> If multi-destination doesn't make sense in the context of TRILL, it >> is fine to exclude it by enforcing that the M-bit be zero. However, >> I normally parse "beyond the scope of this document" to mean >> something like "we may do it in the future but haven't worked it out >> yet". By forcing the M-bit to be zero, you're placing >> multi-destination *in* scope, inasmuch as you are actively >> forbidding it from being supported. >> >> Presumably the sentence about "beyond the scope" was meant to >> justify this decision. Perhaps the comment about "scope" should be >> dropped and a different justifying sentence used. (Or the sentence >> omitted altogether.) > > Multi-destination makes sense for TRILL. It is just not yet > standardized, as far as I know, for BFD. Perhaps the "beyond the > scope" verbage should be removed and a note added somewhere such as > "(Multi-destination BFD is a work in progress [...].)" By requiring the M-bit to be zero you effectively preclude the later introduction of multi-destination, do you not? >> 5. Presumably the Security Area reviewer may raise this, but the >> Security Considerations section seems to be misused. My >> understanding (confirmed by referring to RFC 3552 Section 5) is that >> the Security Considerations section is intended to be an analysis of >> issues that arise from the operation of the protocol defined in the >> rest of the document, including but not limited to the security >> features of that protocol. >> >> This document's Security Considerations section instead specifies >> how authentication is to be done, though it doesn't provide an >> analysis of it or of any broader issues. I presume the section >> should be retitled (e.g., to "Authentication") and a proper Security >> Considerations section added. >> >> (This would probably be a "major issue" if I were the Security Area >> reviewer, but I'm not.) > > As far as I can tell (and I'm a member of the Security Directorate), > the Security Area considers this a non-issue. However, I've got no > problem with moving this material to a new "Default Authentication" > section or the like. OK. (As an aside, if the Security Directorate considers this a non-issue, maybe it's time to revise RFC 3552? I say this as an occasional author of Security Considerations sections and not with regard to your draft.) --John
- [RTG-DIR] RtgDir review: draft-ietf-trill-rbridge… John G. Scudder
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… Donald Eastlake
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… John G. Scudder
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… Eric Gray
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… Donald Eastlake
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… John G. Scudder
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… John G. Scudder
- Re: [RTG-DIR] RtgDir review: draft-ietf-trill-rbr… Donald Eastlake