IETF Logo Mail Archive

Re: [secdir] Security directorate review of draft-ietf-pim-explicit-tracking

Hitoshi Asaeda <asaeda@nict.go.jp> Tue, 12 November 2013 14:34 UTC

Return-Path: <asaeda@nict.go.jp>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F032E21F969F for <secdir@ietfa.amsl.com>; Tue, 12 Nov 2013 06:34:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.355
X-Spam-Level:
X-Spam-Status: No, score=-1.355 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_JP=1.244]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id idKS3AFlkBqg for <secdir@ietfa.amsl.com>; Tue, 12 Nov 2013 06:34:24 -0800 (PST)
Received: from ns2.nict.go.jp (ns2.nict.go.jp [IPv6:2001:df0:232:300::2]) by ietfa.amsl.com (Postfix) with ESMTP id 068EC11E815C for <secdir@ietf.org>; Tue, 12 Nov 2013 06:34:21 -0800 (PST)
Received: from gw2.nict.go.jp (gw2 [133.243.18.251]) by ns2.nict.go.jp with ESMTP id rACEYIkX002018; Tue, 12 Nov 2013 23:34:18 +0900 (JST)
Received: from mail2.nict.go.jp (mail.nict.go.jp [133.243.18.3]) by gw2.nict.go.jp with ESMTP id rACEYHHg022865; Tue, 12 Nov 2013 23:34:18 +0900 (JST)
Received: from mail2.nict.go.jp (localhost [127.0.0.1]) by mail2.nict.go.jp (NICT Mail) with ESMTP id E072F2CB31; Tue, 12 Nov 2013 23:34:17 +0900 (JST)
Received: from localhost (ssh.nict.go.jp [133.243.3.49]) by mail2.nict.go.jp (NICT Mail) with ESMTP id BC91C2CAF4; Tue, 12 Nov 2013 23:34:17 +0900 (JST)
Date: Tue, 12 Nov 2013 23:34:16 +0900
Message-Id: <20131112.233416.141125049.asaeda@nict.go.jp>
To: adrian@olddog.co.uk
From: Hitoshi Asaeda <asaeda@nict.go.jp>
In-Reply-To: <008e01cedf15$f12e3e50$d38abaf0$@olddog.co.uk>
References: <008e01cedf15$f12e3e50$d38abaf0$@olddog.co.uk>
X-Mailer: Mew version 6.3 on Emacs 22.3 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: clamav-milter 0.97.8 at zenith2
X-Virus-Status: Clean
X-Mailman-Approved-At: Tue, 12 Nov 2013 08:31:33 -0800
Cc: draft-ietf-pim-explicit-tracking@tools.ietf.org, secdir@ietf.org, pim-chairs@tools.ietf.org
Subject: Re: [secdir] Security directorate review of draft-ietf-pim-explicit-tracking
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Nov 2013 14:34:31 -0000

Dear Adrian and Magnus,

> Could you please engage with Magnus to either address his concerns in a new
> revision, or explain to him why that would not be necessary/appropriate.

Thank you very much for your review.
I will address Magnus's concerns in a new revision.

Regards,
--
Hitoshi Asaeda


> From: iesg-bounces@ietf.org [mailto:iesg-bounces@ietf.org] On Behalf Of Magnus
> Nyström
> Sent: 08 November 2013 04:16
> To: secdir@ietf.org; draft-ietf-pim-explicit-tracking@tools.ietf.org
> Cc: iesg@ietf.org
> Subject: Security directorate review of draft-ietf-pim-explicit-tracking [Was:
> Re: Security directorate reveiw of draft-asaeda-mboned-explicit-tracking
>  
>  
> [I did it again ... Sorry about the incorrect Subject: title, I used the
> original draft name, the current name is of course
> draft-ietf-pim-explicit-tracking.]
>  
> On Thu, Nov 7, 2013 at 8:13 PM, Magnus Nyström <magnusn@gmail.com> wrote:
> I have reviewed this document as part of the security directorate's ongoing
> effort to review all IETF documents being processed by the IESG. These comments
> were written primarily for the benefit of the security area directors. Document
> editors and WG chairs should treat these comments just like any other last call
> comments.
> 
> This document describes a tracking function for multicast routers and proxies,
> intended to reduce latencies and network traffic, among other things.
> The document seems well written but the security considerations sections makes
> vague references to "serious threats" that may be introduced by malicious hosts
> on the network yet only states that "abuse" can be mitigated by limiting the
> amount of information a router can store (which seems like a given anyway?). It
> would be good if the document enumerated the "serious threats" and their
> mitigations.
> 
> -- Magnus 
> 
> 
> 
> -- 
> -- Magnus

v2.23.0 | Report a Bug | By Email