Re: [secdir] SecDir review of draft-ietf-pce-gmpls-aps-req-08
"Adrian Farrel" <adrian@olddog.co.uk> Sun, 16 June 2013 20:14 UTC
Return-Path: <adrian@olddog.co.uk>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3339321F9D18; Sun, 16 Jun 2013 13:14:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.593
X-Spam-Level:
X-Spam-Status: No, score=-2.593 tagged_above=-999 required=5 tests=[AWL=0.006, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d2ZKqx7XQvUw; Sun, 16 Jun 2013 13:14:22 -0700 (PDT)
Received: from asmtp5.iomartmail.com (asmtp5.iomartmail.com [62.128.201.176]) by ietfa.amsl.com (Postfix) with ESMTP id 1764721F9D05; Sun, 16 Jun 2013 13:14:21 -0700 (PDT)
Received: from asmtp5.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp5.iomartmail.com (8.13.8/8.13.8) with ESMTP id r5GKEJan011774; Sun, 16 Jun 2013 21:14:20 +0100
Received: from 950129200 (dsl-sp-81-140-15-32.in-addr.broadbandscope.com [81.140.15.32]) (authenticated bits=0) by asmtp5.iomartmail.com (8.13.8/8.13.8) with ESMTP id r5GKEI2u011761 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sun, 16 Jun 2013 21:14:18 +0100
From: Adrian Farrel <adrian@olddog.co.uk>
To: 'Yaron Sheffer' <yaronf.ietf@gmail.com>
References: <51BE1BC7.9080500@gmail.com>
In-Reply-To: <51BE1BC7.9080500@gmail.com>
Date: Sun, 16 Jun 2013 21:14:18 +0100
Message-ID: <010f01ce6ace$15788430$40698c90$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHLh0WB0VH4mHfmMihaopBkqTJ8Y5k+jRaw
Content-Language: en-gb
Cc: draft-ietf-pce-gmpls-aps-req.all@tools.ietf.org, 'The IESG' <iesg@ietf.org>, 'IETF Security Directorate' <secdir@ietf.org>
Subject: Re: [secdir] SecDir review of draft-ietf-pce-gmpls-aps-req-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: adrian@olddog.co.uk
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Jun 2013 20:14:28 -0000
Hi, Thanks Yaron. You're right about pointing to 5440. That document notes that TCP-AO should be used once it becomes available, and since it has done, a pointer to RFC 6952 would also be helpful. Cheers, Adrian > -----Original Message----- > From: iesg-bounces@ietf.org [mailto:iesg-bounces@ietf.org] On Behalf Of Yaron > Sheffer > Sent: 16 June 2013 21:11 > To: IETF Security Directorate; The IESG; draft-ietf-pce-gmpls-aps- > req.all@tools.ietf.org > Subject: SecDir review of draft-ietf-pce-gmpls-aps-req-08 > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the IESG. > These comments were written primarily for the benefit of the security > area directors. Document editors and WG chairs should treat these > comments just like any other last call comments. > > This document defines additional GMPLS-specific requirements on the PCE > architecture. > > It would be an understatement to characterize this reviewer as a > non-expert on PCE and GMPLS. That being said, I believe the Security > Considerations are correct in saying that this document does not add any > additional security issues on top of PCE. > > I would recommend to add a pointer to where such considerations are in > fact listed, e.g. Sec. 10 of RFC 5440. Though security folks will cringe > at TCP-MD5 being described as the most practical security solution in > that section. > > Thanks, > Yaron
- [secdir] SecDir review of draft-ietf-pce-gmpls-ap… Yaron Sheffer
- Re: [secdir] SecDir review of draft-ietf-pce-gmpl… Adrian Farrel
- Re: [secdir] SecDir review of draft-ietf-pce-gmpl… Yaron Sheffer
- Re: [secdir] SecDir review of draft-ietf-pce-gmpl… Ogaki, Kenichi