[secdir] Secdir review of draft-ietf-manet-dlep-multi-hop-extension-06.txt

Derrell Piper <ddp@electric-loft.org> Tue, 02 April 2019 17:17 UTC

Return-Path: <ddp@electric-loft.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id D4435120155; Tue, 2 Apr 2019 10:17:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id bKWeQXuAiryf; Tue, 2 Apr 2019 10:17:05 -0700 (PDT)
Received: from Mail1.Yoyodyne.COM (mail1.yoyodyne.com [IPv6:2604:4ec0:3::7]) by ietfa.amsl.com (Postfix) with SMTP id 86C561200FB; Tue, 2 Apr 2019 10:17:05 -0700 (PDT)
Received: from [] ([]) by Mail1.Yoyodyne.COM via Internet for <secdir@ietf.org> (and others); Tue, 2 Apr 2019 10:17:04 PDT
From: Derrell Piper <ddp@electric-loft.org>
Content-Type: multipart/alternative; boundary="Apple-Mail=_389DB6DB-CAE9-4AE0-8F64-A41F5AC7B530"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.8\))
Message-Id: <4C94645D-B024-4FDD-B4F5-1B769232E9ED@electric-loft.org>
Date: Tue, 02 Apr 2019 10:17:04 -0700
To: secdir@ietf.org, ietf@ietf.org, draft-ietf-manet-dlep-multi-hop-extension.all@ietf.org
X-Mailer: Apple Mail (2.3445.104.8)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/9D2YGVqzJ3ftcQzDENL2hmpqCSE>
Subject: [secdir] Secdir review of draft-ietf-manet-dlep-multi-hop-extension-06.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2019 17:17:07 -0000

I have reviewed this document as part of the security
directorate's ongoing effort to review all IETF documents being
processed by the IESG. These comments were written primarily for
the benefit of the security area directors. Document editors and
WG chairs should treat these comments just like any other last
call comments.

The summary is READY

This document defines a new DLEP Extension Type and three new
DLEP Data Items to allow modems which implement multi-hop
forwarding to change multi-hop forwarding behavior through a new
hop-control mechanism defined by these extensions.

The Security Considerations section was updated to explicitly
note this addition of a hop-control mechanism which can be used
to terminate and reset connections, affecting reacheability.  As
this new extension is defined under the existing RFC 8175
framework, the Security Considerations stated there also apply.