Re: [secdir] SecDir review of draft-ietf-pwe3-fat-pw-06

Stewart Bryant <> Thu, 12 May 2011 08:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 546A0E0734; Thu, 12 May 2011 01:13:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id fFA1ePsYIo8y; Thu, 12 May 2011 01:13:47 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id D8D79E0669; Thu, 12 May 2011 01:13:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=2196; q=dns/txt; s=iport; t=1305188027; x=1306397627; h=message-id:date:from:reply-to:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=zbelBxDd8pZTP64ZXiSFQ3NtqJLzp2+J+onvF8bQQ/w=; b=N0Btl/kqMUqM/FlEJz80XoqBCYdRPmSkv4nJ5wDJUT7+3W727Bd5H2wp 0Cz0v8JrfKVQIsPK25+EiW+lh+Ykz8qaIYKTf+oltwl3Og75+4vGtvk2d uLvUT1etoJGwL4lmmhlf8yIJMZ7mG+wWXdEsW6iOYXL5alyUtGeUGuWDX s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AqUDAHaVy02Q/khRgWdsb2JhbAClcRQBARYmJatggngPAZsihhMEj3aOZw
X-IronPort-AV: E=Sophos;i="4.64,357,1301875200"; d="scan'208";a="88103928"
Received: from ([]) by with ESMTP; 12 May 2011 08:13:45 +0000
Received: from ( []) by (8.14.3/8.14.3) with ESMTP id p4C8DfHv004820; Thu, 12 May 2011 08:13:44 GMT
Received: from stbryant-mac2.local (localhost []) by (8.11.7p3+Sun/8.8.8) with ESMTP id p4C8DbU09758; Thu, 12 May 2011 09:13:37 +0100 (BST)
Message-ID: <>
Date: Thu, 12 May 2011 09:13:36 +0100
From: Stewart Bryant <>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv: Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: Yaron Sheffer <>
References: <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc:, The IESG <>, Security Area Directorate <>
Subject: Re: [secdir] SecDir review of draft-ietf-pwe3-fat-pw-06
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 12 May 2011 08:13:51 -0000


Thank you for the review.

The Abstract should read:


    Where the payload of a pseudowire comprises a number of distinct
    flows, it can be desirable to carry those flows over the equal cost
    multiple paths (ECMPs) that exist in the packet switched network.
    Most forwarding engines are able to hash at least part of the MPLS label stack
    and use this mechanism to balance MPLS flows over ECMPs.

    This document describes a method of identifying the flows, or flow
    groups, within pseudowires such that Label Switching Routers can
    balance flows at a finer granularity than individual pseudowires.
    The mechanism uses an additional label in the MPLS label stack.

The "END" is a cut and paste error from a review comment.

s/(ECMP) exit/(ECMP) exist/

Adrian, please let me know whether you want a new version.

- Stewart

On 12/05/2011 06:32, Yaron Sheffer wrote:
> I have reviewed this document as part of the security directorate's 
> ongoing effort to review all IETF documents being processed by the 
> IESG. These comments were written primarily for the benefit of the 
> security area directors.  Document editors and WG chairs should treat 
> these
> comments just like any other last call comments.
> This document proposes the addition of MPLS flow labels, to enable 
> multiplexing of a single pseudowire (PW) over multiple paths, while 
> retaining the packet order within each IP flow.
> The document's security considerations simply reference several former 
> MPLS documents. I believe this is appropriate in this case.
> Nits: although very readable, the document needs another round of 
> proofreading. The following is from the abstract and the first 
> sentence of the Introduction (!):
> - Abstract: "most forwarding engines": the sentence is unclear - hash 
> what? Also a dangling "END" at the end of the abstract.
> - Intro first sentence: exit -> exist, equipments -> equipment/devices.
> Thanks,
>     Yaron

For corporate legal information go to: