[secdir] review of draft-ietf-taps-transport-usage-udp-08
Derrell Piper <ddp@electric-loft.org> Mon, 11 September 2017 07:46 UTC
Return-Path: <ddp@electric-loft.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD918133010; Mon, 11 Sep 2017 00:46:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0cicJer1cBLm; Mon, 11 Sep 2017 00:46:54 -0700 (PDT)
Received: from Mail.Yoyodyne.COM (mail.yoyodyne.com [139.60.72.138]) by ietfa.amsl.com (Postfix) with SMTP id 5CA211321A7; Mon, 11 Sep 2017 00:46:54 -0700 (PDT)
Received: from [IPv6:2602:30a:c08e:83d0:1d63:312d:e841:bfa] ([2602:30a:c08e:83d0:1d63:312d:e841:bfa]) by Mail.Yoyodyne.COM via Internet for <secdir@ietf.org> (and others); Mon, 11 Sep 2017 00:46:54 PDT
From: Derrell Piper <ddp@electric-loft.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Message-Id: <6A5D2673-EA27-46A7-8506-AB9253AC5F24@electric-loft.org>
Date: Mon, 11 Sep 2017 00:46:52 -0700
Cc: The IESG <iesg@ietf.org>
To: secdir@ietf.org
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/7sIHjIGiWZ_AsGPP4Q1AYMsEGGs>
Subject: [secdir] review of draft-ietf-taps-transport-usage-udp-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Sep 2017 07:46:56 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready with Nits. Since I'm not following TAPS, or most of this, I reviewed the ediff's between -05, -06, -07, and this version -08. There were no changes from -07, so -06 was the last relevant version. Radia's comments from her review of -05 were succinct, so I'll quote them: This informational document contains tutorial information on the use of the sockets API to send and receive data over the UDP and UDP-lite protocols. It is apparently part of an effort to write tutorial descriptions of APIs to all IETF-standardized transport protocols. This document refers the reader to the standards for all security considerations. That is probably appropriate. It’s always difficult to decide what information to include and what to exclude in a tutorial. I would have liked an explanation of how the sender knows whether to request UDP or UDP-lite, since it doesn't look like UDP-lite would be compatible with something that only speaks UDP. Section 3.4 has been expanded upon, presumably to address her second point. I'm still not sure it gives the reader enough information to choose between all these things, but it was basically informative, even if it seems to raise more questions than it answers. Considering that this document doesn't even reference D/TLS or QUIC, I guess it's fine for what it is, but I would have preferred more text in the Security Considerations section and I guess more text overall about when these things are useful.
- [secdir] review of draft-ietf-taps-transport-usag… Derrell Piper