Re: [secdir] Security directorate review of draft-ietf-ccamp-oam-configuration-fwk

Attila Takacs <Attila.Takacs@ericsson.com> Sun, 12 January 2014 06:43 UTC

Return-Path: <Attila.Takacs@ericsson.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F6B11ADF4F; Sat, 11 Jan 2014 22:43:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.55
X-Spam-Level:
X-Spam-Status: No, score=-3.55 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HTB62EZse-gU; Sat, 11 Jan 2014 22:43:19 -0800 (PST)
Received: from mailgw1.ericsson.se (mailgw1.ericsson.se [193.180.251.45]) by ietfa.amsl.com (Postfix) with ESMTP id 169EF1ADF0F; Sat, 11 Jan 2014 22:43:17 -0800 (PST)
X-AuditID: c1b4fb2d-b7f1c8e000005ceb-6a-52d2397ae4fc
Received: from ESESSHC001.ericsson.se (Unknown_Domain [153.88.253.124]) by mailgw1.ericsson.se (Symantec Mail Security) with SMTP id FC.05.23787.A7932D25; Sun, 12 Jan 2014 07:43:06 +0100 (CET)
Received: from ESESSMB201.ericsson.se ([169.254.1.59]) by ESESSHC001.ericsson.se ([153.88.183.21]) with mapi id 14.02.0347.000; Sun, 12 Jan 2014 07:43:06 +0100
From: Attila Takacs <Attila.Takacs@ericsson.com>
To: =?iso-8859-2?Q?Magnus_Nystr=F6m?= <magnusn@gmail.com>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-ccamp-oam-configuration-fwk@tools.ietf.org" <draft-ietf-ccamp-oam-configuration-fwk@tools.ietf.org>
Thread-Topic: Security directorate review of draft-ietf-ccamp-oam-configuration-fwk
Thread-Index: AQHPCbXXYPN/St4ZLU2A1aRWLct1u5qAr0Fw
Date: Sun, 12 Jan 2014 06:43:05 +0000
Message-ID: <B336D1B7DDD08C44AE2B75E37932D09C1C42137B@ESESSMB201.ericsson.se>
References: <CADajj4ag7_EbrcJbJ7z6Eg3U7ysgXkBTrOSeFviSa8MRQWaeBA@mail.gmail.com>
In-Reply-To: <CADajj4ag7_EbrcJbJ7z6Eg3U7ysgXkBTrOSeFviSa8MRQWaeBA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.149]
Content-Type: multipart/alternative; boundary="_000_B336D1B7DDD08C44AE2B75E37932D09C1C42137BESESSMB201erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrILMWRmVeSWpSXmKPExsUyM+JvjW6V5aUgg02NVhYvNu1itJjxZyKz xfGty1ktPix8yOLA4rFz1l12jyVLfjJ5fLn8mS2AOYrLJiU1J7MstUjfLoErY8WK7UwF1/Qr Vv6PaGC8o9nFyMEhIWAicXF+VBcjJ5ApJnHh3nq2LkYuDiGBQ4wS59a1s4EkhAQWM0rs3KsB YrMJGEhcaJ7MDFIkInAZKP79FxNIgllAWeLmkVfMILawQIhE251DYM0iAqESFzZtYIKwjSS2 H4EYyiKgKnGl8Q4LiM0r4CvReGsyK8hBQgIBEh9bGEHCnAKBElPnzwErYQQ67vupNVCrxCVu PZnPBHG0gMSSPeeZIWxRiZeP/7FC2EoSaw9vZ4Goz5fYubwDapWgxMmZT1gmMIrOQjJqFpKy WUjKIOJ6Es9OzYKytSWWLXzNDGHrSlx6uI4VWXwBI/sqRvbcxMyc9HLDTYzAaDu45bfuDsZT 50QOMUpzsCiJ83546xwkJJCeWJKanZpakFoUX1Sak1p8iJGJg1OqgZFpT70JN0/u5ku1kp9+ VaZczpg0O9/abZMzMwMH0wnerwbGJr+2/vmccfbf/Zj4Tb8W2d18axXtkJISc33+bE3jNw+f 7UxfXvNcw9nq9KPj95amSc+WWzJVN6PyaKvUo57+FMF4/ps6B24ssYvXnGvELOTutn7LTaEf x6eETHFsy7qeYJtmmaLEUpyRaKjFXFScCAC7mGbYhAIAAA==
X-Mailman-Approved-At: Mon, 13 Jan 2014 08:08:57 -0800
Cc: "iesg@ietf.org" <iesg@ietf.org>
Subject: Re: [secdir] Security directorate review of draft-ietf-ccamp-oam-configuration-fwk
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Jan 2014 06:43:21 -0000

Hi Magnus,
Thanks for the review!
We will update the Security section based on your proposal below.
Attila

From: Magnus Nyström [mailto:magnusn@gmail.com]
Sent: Saturday, January 04, 2014 5:32 PM
To: secdir@ietf.org; draft-ietf-ccamp-oam-configuration-fwk@tools.ietf.org
Cc: iesg@ietf.org
Subject: Security directorate review of draft-ietf-ccamp-oam-configuration-fwk

 I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments.

This document describes extensions to RSVP-TE in support of the establishment of Operation, Administration and Management entities in the context of GMPLS .

The document seems well written. I would suggest removing the last sentence of the Security Considerations section ("Cryptography can be used...") since it does not really offer any hint as to how to use cryptography. Instead, the previous sentence could be replaced with something like: "For a more comprehensive discussion of GMPLS security, and attack mitigation techniques, please see the Security Framework for MPLS and GMPLS Networks [RFC5920<http://tools.ietf.org/html/rfc5920>]."

-- Magnus