[secdir] Review of draft-ietf-manet-smf-13
Shawn Emery <shawn.emery@oracle.com> Sun, 04 March 2012 08:03 UTC
Return-Path: <shawn.emery@oracle.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48C9911E8073; Sun, 4 Mar 2012 00:03:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.265
X-Spam-Level:
X-Spam-Status: No, score=-9.265 tagged_above=-999 required=5 tests=[AWL=1.334, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i13LW3wk0p7x; Sun, 4 Mar 2012 00:03:47 -0800 (PST)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id 9F5B911E8072; Sun, 4 Mar 2012 00:03:46 -0800 (PST)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2483hwL020575 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 4 Mar 2012 08:03:44 GMT
Received: from acsmt357.oracle.com (acsmt357.oracle.com [141.146.40.157]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2483gHd010865 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 4 Mar 2012 08:03:43 GMT
Received: from abhmt112.oracle.com (abhmt112.oracle.com [141.146.116.64]) by acsmt357.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2483gLv027175; Sun, 4 Mar 2012 02:03:42 -0600
Received: from [10.159.34.98] (/10.159.34.98) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Sun, 04 Mar 2012 00:03:42 -0800
Message-ID: <4F5321A2.1070504@oracle.com>
Date: Sun, 04 Mar 2012 01:02:42 -0700
From: Shawn Emery <shawn.emery@oracle.com>
User-Agent: Mozilla/5.0 (X11; SunOS i86pc; rv:9.0) Gecko/20120113 Thunderbird/9.0.1
MIME-Version: 1.0
To: secdir@ietf.org
References: <4F0410AE.8050600@oracle.com>
In-Reply-To: <4F0410AE.8050600@oracle.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
X-CT-RefId: str=0001.0A090209.4F5321E1.0017,ss=1,re=0.000,fgs=0
Cc: draft-ietf-manet-smf.all@tools.ietf.org, iesg@ietf.org
Subject: [secdir] Review of draft-ietf-manet-smf-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Mar 2012 08:03:48 -0000
I know that the telechat has passed, but since I started this before then, I have posted the completed review below... I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This experimental draft describes a multicast forwarding design specifically for limited wireless mesh and mobile ad hoc networks (MANET). The security considerations section does exist. The section states several attacks and provides mitigation of the associated attack. Most of the attacks listed are related to DoS. Solutions to some of these issues involve caching TTL/hop-limits to thwart against an attacker replaying packets with reduced TTL/hop-limits. The section goes on reference RFC6130's security consideration section in regards to MANET's neighborhood discovery protocol (NHDP). I had originally reviewed that draft as well and had found no additional concerns. General comments: None. Editorial comments: Well written, thank you. Shawn. --
- [secdir] Review of draft-ietf-mpls-tp-identifiers… Shawn Emery
- [secdir] Review of draft-ietf-sidr-ghostbusters-14 Shawn Emery
- [secdir] Review of draft-ietf-rtgwg-lfa-applicabi… Shawn Emery
- Re: [secdir] Review of draft-ietf-rtgwg-lfa-appli… Stewart Bryant
- [secdir] Review of draft-ietf-manet-smf-13 Shawn Emery
- Re: [secdir] Review of draft-ietf-manet-smf-13 Joe Macker
- [secdir] Review of draft-ietf-conex-concepts-uses… Shawn Emery
- [secdir] Review of draft-melnikov-smtp-priority-t… Shawn Emery
- Re: [secdir] Review of draft-melnikov-smtp-priori… Alexey Melnikov
- [secdir] Review of draft-ietf-dnsop-rfc4641bis-12 Shawn Emery
- Re: [secdir] Review of draft-ietf-dnsop-rfc4641bi… Matthijs Mekking
- Re: [secdir] Review of draft-ietf-dnsop-rfc4641bi… Shawn Emery
- [secdir] Review of draft-ietf-karp-ospf-analysis-… Shawn Emery
- [secdir] Review of draft-ietf-oauth-assertions-09 Shawn Emery
- Re: [secdir] Review of draft-ietf-oauth-assertion… Shawn Emery
- [secdir] Review of draft-ietf-dhc-dhcpv6-client-l… Shawn Emery
- Re: [secdir] Review of draft-ietf-dhc-dhcpv6-clie… Gaurav Halwasia (ghalwasi)
- [secdir] Review of draft-ietf-netmod-interfaces-c… Shawn Emery
- Re: [secdir] Review of draft-ietf-netmod-interfac… Martin Bjorklund
- Re: [secdir] Review of draft-ietf-netmod-interfac… Benoit Claise
- Re: [secdir] Review of draft-ietf-netmod-interfac… Shawn Emery
- [secdir] Review of draft-ietf-xrblock-rtcp-xr-jb-… Shawn M Emery
- Re: [secdir] Review of draft-ietf-xrblock-rtcp-xr… Qin Wu
- Re: [secdir] Review of draft-ietf-xrblock-rtcp-xr… Gonzalo Camarillo
- Re: [secdir] Review of draft-ietf-xrblock-rtcp-xr… Gonzalo Camarillo
- Re: [secdir] Review of draft-ietf-xrblock-rtcp-xr… Donald Eastlake
- [secdir] Review of draft-ietf-repute-query-http-09 Shawn M Emery
- Re: [secdir] Review of draft-ietf-repute-query-ht… Shawn M Emery
- Re: [secdir] Review of draft-ietf-repute-query-ht… Uri Blumenthal
- Re: [secdir] Review of draft-ietf-repute-query-ht… Dave Crocker
- Re: [secdir] Review of draft-ietf-repute-query-ht… Murray S. Kucherawy
- Re: [secdir] Review of draft-ietf-repute-query-ht… Shawn M Emery
- [secdir] Review of draft-ietf-tictoc-security-req… Shawn M Emery
- Re: [secdir] Review of draft-ietf-tictoc-security… Tal Mizrahi
- [secdir] Review of draft-ietf-cdni-requirements-13 Shawn M Emery
- Re: [secdir] Review of draft-ietf-cdni-requiremen… Kent Leung (kleung)
- [secdir] Review of draft-ietf-isis-rfc6326bis-01 Shawn M Emery
- [secdir] Review of draft-ietf-tcpm-fastopen-08 Shawn M Emery
- Re: [secdir] Review of draft-ietf-tcpm-fastopen-08 Scharf, Michael (Michael)
- [secdir] Review of draft-ietf-hip-rfc5202-bis-05 Shawn M Emery