Re: [secdir] Sector Review: draft-ietf-ospf-te-metric-extensions-09

Ben Laurie <benl@google.com> Mon, 05 January 2015 21:18 UTC

Return-Path: <benl@google.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EE1B1A8A8C for <secdir@ietfa.amsl.com>; Mon, 5 Jan 2015 13:18:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.389
X-Spam-Level:
X-Spam-Status: No, score=-1.389 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3s4CKer3SpDU for <secdir@ietfa.amsl.com>; Mon, 5 Jan 2015 13:18:20 -0800 (PST)
Received: from mail-qg0-x230.google.com (mail-qg0-x230.google.com [IPv6:2607:f8b0:400d:c04::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB7791A8A8B for <secdir@ietf.org>; Mon, 5 Jan 2015 13:18:19 -0800 (PST)
Received: by mail-qg0-f48.google.com with SMTP id j5so4779016qga.7 for <secdir@ietf.org>; Mon, 05 Jan 2015 13:18:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=yYpsNEQMil/t2xizsOadYMNt6nXV1LrPOeI47+pEnXQ=; b=SvVKw7cvbnR88mMRnjGzkFOHWfK+yakaqfIdD80Rc0+eAG1VFymUXCChUsKRwQHg7B bScUk08OTH/3s3KvcFk919Zu5PQkZJqSatg0AiId0A4ybI+63yHZM1gOtfXotTKqC3PX SN+C7z1TtroS+Q2z9uZpqbh3QFf6Z81ISOs2eR79YBoRc+BjplGnI2w2WzgmPt+witJz i9nqrCFAmXZQ93R405I2ixUJCiK4Ys7WR3a+6HUlLFgABFkh4lZ0KD22Au3anIkL7aYi q8PWGqL8p11CA7KWMppqajd4JsPqBi96TnI3oTUW38O4PRkeRb34McEOz1AnFIGmCkKX 7EIQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=yYpsNEQMil/t2xizsOadYMNt6nXV1LrPOeI47+pEnXQ=; b=SRJFFPWTdkZpILL3KauRp2RlFDPDbKisag4TUxelDeijLYUTeQP7Ex2WvlLxMArxCE pMdEv1wWmTw52N65qK0HaZR1/xpW+4MUhcR8jd/HJhLGuAwXcpM1zlnml3xL2hrGmLOw 4p/xjv2mg6dMT2E/81Gq8skwA1j4tSpgXc8mFhd2CBMMxfFmEm4ZTzEw7A50cIEq44py 5HJ0czILWwod4qXZpi+4tiprwKkKTYbHL1/4O8T2ySNkujNXShSec6ifOUpCtRSO6dNP PtLWD+L1Rf7uwHIyoi/kyZzoVxLLOx+hWHXLog8JuG/DwcNEM0+76BC4ThFyQFKsDm5A ew8Q==
X-Gm-Message-State: ALoCoQnI/S5aQB4RhX0bxBAAdJJpZMZwEzano4ni/rb02x/aqDjQY1HKmTA7SLvr/mvNzixiJBlL
MIME-Version: 1.0
X-Received: by 10.224.137.65 with SMTP id v1mr138862790qat.95.1420492699058; Mon, 05 Jan 2015 13:18:19 -0800 (PST)
Received: by 10.229.183.201 with HTTP; Mon, 5 Jan 2015 13:18:18 -0800 (PST)
In-Reply-To: <m2bnmdym1g.wl%randy@psg.com>
References: <4E0F5009-4811-4FFE-AA26-ECFAC2398101@ogud.com> <m28uhj2wxg.wl%randy@psg.com> <96B524C4-B2E8-443E-871D-60B5FCD2F44A@ogud.com> <m2bnmdym1g.wl%randy@psg.com>
Date: Mon, 5 Jan 2015 21:18:18 +0000
Message-ID: <CABrd9STqBsPQpp_N751ybF_0uF8C3MGG3hKhzoPCBO_pgoCULw@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Randy Bush <randy@psg.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/8KMfaCy9YGZ7xvi2IA2MX-fRmSQ
Cc: draft-ietf-ospf-te-metric-extension@tools.ietf.org, ietf <ietf@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Sector Review: draft-ietf-ospf-te-metric-extensions-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Jan 2015 21:18:21 -0000

On 5 January 2015 at 21:06, Randy Bush <randy@psg.com> wrote:
>>>> The document contains no issues from a security perspective as it is
>>>> only creating LSA’s for new types of route selection metrics, time
>>>> instead of network hops.
>>>
>>> and the new lsas could not be used in path shortening attacks, right?
>>
>> this document only defines the format of the LSA’s it does
>> not talk about processing by the routing engines.
>
> so the secdir sees no need to warn about it.  got it.  </sarcasm>

If secdir is going to warn about it through this process, then shortly
the right place to do that is in the comments on the document that
does talk about processing by the routing engines?