IETF Logo Mail Archive

[secdir] Secdir last call review of draft-ietf-6man-snac-router-ra-flag-02

Shivan Sahib via Datatracker <noreply@ietf.org> Sun, 10 November 2024 02:23 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from [10.244.8.181] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id E65D6C14CE24; Sat, 9 Nov 2024 18:23:57 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Shivan Sahib via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.27.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <173120543752.488727.2135040093635061244@dt-datatracker-5f77bcf4bd-4q5pd>
Date: Sat, 09 Nov 2024 18:23:57 -0800
Message-ID-Hash: NCLY6BJWODTJKTIU2TVNHYVNM7WNPC23
X-Message-ID-Hash: NCLY6BJWODTJKTIU2TVNHYVNM7WNPC23
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-6man-snac-router-ra-flag.all@ietf.org, ipv6@ietf.org, last-call@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: Shivan Sahib <shivankaulsahib@gmail.com>
Subject: [secdir] Secdir last call review of draft-ietf-6man-snac-router-ra-flag-02
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/-bbOj-RVGjDn-nSkfezmMSbGQAI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>

Reviewer: Shivan Sahib
Review result: Has Issues

The document generally looks straight-forward. However, it's surprising to me
that the Security Considerations section completely defers to RFC 4861. For
example, surely a device lying about being a SNAC router would have some added
implications for DoS capabilities like mentioned in Security Considerations
section of RFC 4861 and RFC 3756? I think it would be worth spelling out what
happens in that scenario.

Nit: In the introduction, "Stub Network Auto-Configuring Router (SNAC) router"
says router twice, can just remove the first "Router".

v2.40.1 | Report a Bug | By Email | System Status