[secdir] Secdir review of draft-ietf-dime-erp-16

Vincent Roca <vincent.roca@inria.fr> Wed, 23 January 2013 07:59 UTC

Return-Path: <vincent.roca@inria.fr>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5935B21F8942; Tue, 22 Jan 2013 23:59:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.249
X-Spam-Status: No, score=-110.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id HF9vycJMQAls; Tue, 22 Jan 2013 23:59:32 -0800 (PST)
Received: from mail1-relais-roc.national.inria.fr (mail1-relais-roc.national.inria.fr []) by ietfa.amsl.com (Postfix) with ESMTP id 4F2EB21F86F4; Tue, 22 Jan 2013 23:59:32 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.84,520,1355094000"; d="scan'208";a="191216223"
Received: from dom38-1-82-236-155-50.fbx.proxad.net (HELO []) ([]) by mail1-relais-roc.national.inria.fr with ESMTP/TLS/AES128-SHA; 23 Jan 2013 08:59:30 +0100
From: Vincent Roca <vincent.roca@inria.fr>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 23 Jan 2013 08:59:29 +0100
Message-Id: <939DADEE-28DB-4A4B-AD0D-057AEB863250@inria.fr>
To: IESG IESG <iesg@ietf.org>, draft-ietf-dime-erp.all@tools.ietf.org, secdir@ietf.org
Mime-Version: 1.0 (Apple Message framework v1085)
X-Mailer: Apple Mail (2.1085)
Subject: [secdir] Secdir review of draft-ietf-dime-erp-16
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Jan 2013 07:59:33 -0000


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.


Since the security section has not really been updated since version 14, the comments I made at
that time are still valid. Basically:

The security section of this document only refers to the security section of 4 related documents.
This is all the more annoying as draft-ietf-dime-erp introduces new mechanisms (and potentially
new threats and issues). What should I understand? Is the proposal guaranteed to be secure, have
all the potential weaknesses been already addressed in the 4 related documents? I can not
conclude after reading the security section.

One more point. In introduction, the authors say:
"  Security considerations for this key distribution are detailed in Salowey, et al. [RFC5295]."
This reference is not mentioned in the Security Section!