Re: [secdir] SecDir review of draft-ietf-netlmm-pmipv6-mib-05
Jari Arkko <jari.arkko@piuha.net> Tue, 12 April 2011 12:09 UTC
Return-Path: <jari.arkko@piuha.net>
X-Original-To: secdir@ietfc.amsl.com
Delivered-To: secdir@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 5E2D3E0737; Tue, 12 Apr 2011 05:09:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.55
X-Spam-Level:
X-Spam-Status: No, score=-102.55 tagged_above=-999 required=5 tests=[AWL=0.049, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E44h0YNZgnqB; Tue, 12 Apr 2011 05:09:19 -0700 (PDT)
Received: from p130.piuha.net (p130.piuha.net [IPv6:2001:14b8:400::130]) by ietfc.amsl.com (Postfix) with ESMTP id E04E5E0690; Tue, 12 Apr 2011 05:09:18 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 5DB302CC38; Tue, 12 Apr 2011 15:09:18 +0300 (EEST)
X-Virus-Scanned: amavisd-new at piuha.net
Received: from p130.piuha.net ([127.0.0.1]) by localhost (p130.piuha.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V6dig48gJXgU; Tue, 12 Apr 2011 15:09:17 +0300 (EEST)
Received: from [IPv6:::1] (unknown [IPv6:2001:14b8:400::130]) by p130.piuha.net (Postfix) with ESMTP id D2FA22CC2F; Tue, 12 Apr 2011 15:09:17 +0300 (EEST)
Message-ID: <4DA440ED.8000809@piuha.net>
Date: Tue, 12 Apr 2011 15:09:17 +0300
From: Jari Arkko <jari.arkko@piuha.net>
User-Agent: Thunderbird 2.0.0.24 (X11/20101027)
MIME-Version: 1.0
To: Vincent Roca <vincent.roca@inrialpes.fr>
References: <A76FCDEF-42DA-421B-95F1-202A076682C4@inrialpes.fr>
In-Reply-To: <A76FCDEF-42DA-421B-95F1-202A076682C4@inrialpes.fr>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: draft-ietf-netlmm-pmipv6-mib.all@tools.ietf.org, IESG <iesg@ietf.org>, secdir@ietf.org
Subject: Re: [secdir] SecDir review of draft-ietf-netlmm-pmipv6-mib-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Apr 2011 12:09:21 -0000
Thanks for your review, Vincent. Authors, any comments? Jari Vincent Roca kirjoitti: > Hello, > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the > IESG. These comments were written primarily for the benefit of the > security area directors. Document editors and WG chairs should treat > these comments just like any other last call comments. > > > Globally, the "Security Considerations" section is well > written and provides details for the associated risks. > It clearly RECOMMENDs the use of SNMPv3, which should not come > as a surprise given the risks associated to previous versions. > This "Security Considerations" section is globally similar > to that of RFC4295 (MIPv6 MIB). > > A few comments: > > ** What about the completeness of the two lists provided in > section 6? > For instance the MIB defines the pmip6Capabilities object with > attribute MAX-ACCESS read-only (see p. 13). However this object > is not listed in the security considerations sections. Is it > a mistake? If yes, then does anything miss (I didn't check)? > > > ** Clarification needed: > It is said: > "Even if the network itself is secure (for example by using IPsec), > even then, there is no control as to who on the secure network is > allowed to access and GET/SET (read/change/create/delete) the objects > in this MIB module." > I'm rather surprised that no ACL (or similar) functionality > be available. If IPsec is enabled, then hosts are authenticated > (using one of several techniques) and it's no longer a big deal > to check the authorizations associated to the peer. So that's > surprising. > > BTW, you can maybe remove the redundant "even then," in above > sentence. > > > ** Wrong reference: > It is said: > "It is RECOMMENDED that implementers consider the security features as > provided by the SNMPv3 framework (see [RFC3410], section 8) [...]" > Section is not the section of interest as it only focuses > on the standardization status. More interesting sections in RFC3410 > are: > - section 6.3 "SNMPv3 security and administration", and in particular > - section 7, in particular section 7.8 "user based security model". > > NB: RFC3410 is from Dec 2002. At that time using MD5/DES was not an > issue, now it is. The last sentence of RFC3410/section 7.8 mentions > on-going work on using AES in the user-based security model. If this > work gave birth to an RFC, that's probably a good document to refer > too. > > > ** Obscur: > The last sentence of this section: > "It is then a customer/operator... them." > could easily be improved (split the sentence, please). As such it > remains rather obscure. > > > I hope this is useful. > Cheers, > > Vincent > >
- [secdir] SecDir review of draft-ietf-netlmm-pmipv… Vincent Roca
- Re: [secdir] SecDir review of draft-ietf-netlmm-p… Juergen Schoenwaelder
- Re: [secdir] SecDir review of draft-ietf-netlmm-p… Vincent Roca
- Re: [secdir] SecDir review of draft-ietf-netlmm-p… Jari Arkko
- Re: [secdir] SecDir review of draft-ietf-netlmm-p… Sri Gundavelli
- Re: [secdir] SecDir review of draft-ietf-netlmm-p… Vincent Roca
- Re: [secdir] SecDir review of draft-ietf-netlmm-p… Glenn M. Keeni