Re: [secdir] review of draft-ietf-mpls-gmpls-lsp-reroute-04

JP Vasseur <jvasseur@cisco.com> Mon, 31 August 2009 07:49 UTC

Return-Path: <jvasseur@cisco.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CD65E3A6995; Mon, 31 Aug 2009 00:49:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.611
X-Spam-Level:
X-Spam-Status: No, score=-9.611 tagged_above=-999 required=5 tests=[AWL=0.988, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OFiAx0u+6BLZ; Mon, 31 Aug 2009 00:49:59 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by core3.amsl.com (Postfix) with ESMTP id 0E4683A6989; Mon, 31 Aug 2009 00:49:57 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.44,304,1249257600"; d="scan'208";a="48238984"
Received: from ams-dkim-2.cisco.com ([144.254.224.139]) by ams-iport-1.cisco.com with ESMTP; 31 Aug 2009 07:50:05 +0000
Received: from ams-core-1.cisco.com (ams-core-1.cisco.com [144.254.224.150]) by ams-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id n7V7o5Gl021298; Mon, 31 Aug 2009 09:50:05 +0200
Received: from xbh-ams-102.cisco.com (xbh-ams-102.cisco.com [144.254.73.132]) by ams-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id n7V7o5T1011813; Mon, 31 Aug 2009 07:50:05 GMT
Received: from xfe-ams-102.cisco.com ([144.254.231.94]) by xbh-ams-102.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 31 Aug 2009 09:50:05 +0200
Received: from ams-jvasseur-8712.cisco.com ([10.55.201.131]) by xfe-ams-102.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 31 Aug 2009 09:50:04 +0200
Message-Id: <F5F8DA83-55E9-4611-96A3-35A17BEE4AC8@cisco.com>
From: JP Vasseur <jvasseur@cisco.com>
To: "Scott G. Kelly" <scott@hyperthought.com>
In-Reply-To: <4A974FA1.6010400@hyperthought.com>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Mon, 31 Aug 2009 09:50:03 +0200
References: <4A974FA1.6010400@hyperthought.com>
X-Mailer: Apple Mail (2.936)
X-OriginalArrivalTime: 31 Aug 2009 07:50:04.0728 (UTC) FILETIME=[A6F2B380:01CA2A0F]
X-TM-AS-Product-Ver: SMEX-8.0.0.1181-5.600.1016-16858.005
X-TM-AS-Result: No--11.843600-8.000000-31
X-TM-AS-User-Approved-Sender: No
X-TM-AS-User-Blocked-Sender: No
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1243; t=1251705005; x=1252569005; c=relaxed/simple; s=amsdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jvasseur@cisco.com; z=From:=20JP=20Vasseur=20<jvasseur@cisco.com> |Subject:=20Re=3A=20review=20of=20draft-ietf-mpls-gmpls-lsp -reroute-04=20 |Sender:=20; bh=4m3jwBZIy5YMbZEwiNmLtSwfWqEGYRSS+fiXyzDLLo8=; b=q7+BJJYXLMhtfUu9WyEwLNqjwSdY1fboVxDqEZu+3jOAM0IS7oKtvvyjYY lp54lZzAMKsujsCCYxUWbMCnHTnQLGGgPtvy2FN2EuJtXbfD0I8yV0rPSRST uSdCOWTsUg;
Authentication-Results: ams-dkim-2; header.From=jvasseur@cisco.com; dkim=pass ( sig from cisco.com/amsdkim2001 verified; );
Cc: Dimitri.Papadimitriou@alcatel-lucent.be, secdir@ietf.org, jpv@cisco.com, iesg@ietf.org, mpls-chairs@tools.ietf.org, lberger@labn.net
Subject: Re: [secdir] review of draft-ietf-mpls-gmpls-lsp-reroute-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Aug 2009 07:49:59 -0000

Thanks Scott.

JP.

On Aug 28, 2009, at 5:31 AM, Scott G. Kelly wrote:

> I have reviewed this document as part of the security directorate's  
> ongoing effort to review all IETF documents being processed by the  
> IESG.  These comments were written primarily for the benefit of the  
> security area directors.  Document editors and WG chairs should  
> treat these comments just like any other last call comments.
>
> The abstract does a good job of summarizing: This document describes  
> how Resource ReserVation Protocol (RSVP) PathErr Messages may be  
> used to trigger rerouting of Multi-Protocol Label Switching (MPLS)  
> and Generalized MPLS (GMPLS) point-to-point Traffic Engineering (TE)  
> Label Switched Paths (LSPs) without first removing LSP state or  
> resources.
>
> The security considerations section says the document introduces no  
> new security considerations as it describes usage of existing  
> formats and mechanisms, and I agree. It also points the reader to  
> the security considerations sections of RFC4920 and RFC4736, and  
> these do seem to do a reasonable job of summarizing.
>
> I see no issues of concern for the security area ADs with this  
> document.
>
> --Scott