Re: [secdir] secdir review of draft-ietf-isis-genapp
"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Mon, 09 August 2010 23:15 UTC
Return-Path: <ginsberg@cisco.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 310633A6831; Mon, 9 Aug 2010 16:15:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.339
X-Spam-Level:
X-Spam-Status: No, score=-11.339 tagged_above=-999 required=5 tests=[AWL=1.260, BAYES_00=-2.599, GB_I_LETTER=-2, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7RICqa3vFVIP; Mon, 9 Aug 2010 16:15:18 -0700 (PDT)
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com [171.71.176.117]) by core3.amsl.com (Postfix) with ESMTP id 8C3843A67B2; Mon, 9 Aug 2010 16:15:17 -0700 (PDT)
Authentication-Results: sj-iport-6.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEABEpYEyrR7Hu/2dsb2JhbACgUXGoD5tfhToEhCaHYw
X-IronPort-AV: E=Sophos;i="4.55,345,1278288000"; d="scan'208";a="570996643"
Received: from sj-core-5.cisco.com ([171.71.177.238]) by sj-iport-6.cisco.com with ESMTP; 09 Aug 2010 23:15:52 +0000
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-5.cisco.com (8.13.8/8.14.3) with ESMTP id o79NFqcW018172; Mon, 9 Aug 2010 23:15:52 GMT
Received: from xmb-sjc-222.amer.cisco.com ([128.107.191.106]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Mon, 9 Aug 2010 16:15:52 -0700
x-mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 09 Aug 2010 16:15:51 -0700
Message-ID: <AE36820147909644AD2A7CA014B1FB520B98B241@xmb-sjc-222.amer.cisco.com>
In-Reply-To: <AANLkTint4pXA-ia_NPC+bP6skrZYmHxhASq0wz0_ioc0@mail.gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: secdir review of draft-ietf-isis-genapp
Thread-Index: Acs4EcJ8WEGiy6h+QxS6qTqD+UZDIgABR6Vg
References: <AANLkTint4pXA-ia_NPC+bP6skrZYmHxhASq0wz0_ioc0@mail.gmail.com>
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: Radia Perlman <radiaperlman@gmail.com>, draft-ietf-isis-genapp@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
X-OriginalArrivalTime: 09 Aug 2010 23:15:52.0147 (UTC) FILETIME=[CF7A7230:01CB3818]
X-Mailman-Approved-At: Wed, 11 Aug 2010 08:03:59 -0700
Subject: Re: [secdir] secdir review of draft-ietf-isis-genapp
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Aug 2010 23:15:25 -0000
Radia - The use of "D" and "S" is copied from RFCs 4971/5305. The initials were not further identified there and we used identical text in describing them. (That's my excuse anyway) As a point of information: "S" - flooding "Scope" "D" - Indicates the TLV has been leaked "Down" from Level2 to level1 The choice of the letters "I" and "V" was arbitrary. Les > -----Original Message----- > From: Radia Perlman [mailto:radiaperlman@gmail.com] > Sent: Monday, August 09, 2010 2:58 PM > To: draft-ietf-isis-genapp@tools.ietf.org; iesg@ietf.org; > secdir@ietf.org > Subject: secdir review of draft-ietf-isis-genapp > > This document is about using the reliable flooding mechanism of IS-IS > to advertise information for applications unrelated to IS-IS in a way > that doesn't use up "T" values in the TLV encoding. > > So, since it's just syntax, there really aren't any security > considerations. > > It would have been nice if the authors explained what "V" "I" "D" and > "S" mean in the context of the flags, as in, what word is "V" the > first letter of, what word is "I" the first letter of... > > Unless I missed it in the spec, the authors just give rules like: > > D bit (0x02): When the GENINFO TLV is leaked from > level-2 to level-1, the D bit MUST be set. Otherwise > this bit MUST be clear. GENINFO TLVs with the D bit > set > MUST NOT be leaked from level-1 to level-2. This is to > prevent TLV looping. > > I bit (0x04): When the I bit is set the 4 octet IPv4 > address associated with the application immediately > follows the Application ID. > > Radia
- [secdir] secdir review of draft-ietf-isis-genapp Radia Perlman
- Re: [secdir] secdir review of draft-ietf-isis-gen… Radia Perlman
- Re: [secdir] secdir review of draft-ietf-isis-gen… Les Ginsberg (ginsberg)