Re: [secdir] Secdir last call review of draft-ietf-dmm-distributed-mobility-anchoring-13

CARLOS JESUS BERNARDOS CANO <> Fri, 18 October 2019 11:12 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B9DBB120110 for <>; Fri, 18 Oct 2019 04:12:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hkgXosWE7mIQ for <>; Fri, 18 Oct 2019 04:12:41 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::530]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 523E7120851 for <>; Fri, 18 Oct 2019 04:12:40 -0700 (PDT)
Received: by with SMTP id y91so4246886ede.9 for <>; Fri, 18 Oct 2019 04:12:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kFke+xMnACHK4gRyehapddZVAaZLJqvaDBZc8OohRMo=; b=sFqsMhqjDOFzOwhutj4blbpv5Wpt2PKOxwO8R18G+Gdov9q14qewEcwXr0daBrCxzm /81019CyIj9i15biclbrddbSCCzMabYw3nSuX3d7qnXXjF9v7YTwjOPNZJLHncIMGvVj FqUWFWBZlJYuflqq9nUDZSOkQ1abnstrjQXVoMlmWirVTMbSTOM15WCAhNAwdg2lDis7 Sc1xrD9HaECPNCmZOIHqffbq5KfkqizCo3maIbCga+oJ4FcJfrVwQYdIvvstsJmoxcF1 NLdxdwB23CacT0HA+klLCDmHgKOC+UdTPL0YgNugHyfi0OCzNcLqs4+RJMsHIa4f/HDO uMQA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kFke+xMnACHK4gRyehapddZVAaZLJqvaDBZc8OohRMo=; b=Od4hvbSQxXbykhvvJWyM2NaGVS1O+wqx3GpNY4bnNrTmOdA4LniU2IJvxOFfkejend J5d3jxXrw2uNou7d5HFVpD/Sn1y+aLA/36YxZr2IaW4FxN77bmP8JJLjuHwyp55AhTPT Z7FrRFgwxXLmLnGkiC2dsNrwFqW0zsrhhCwimEx42hRVcysV/VtYJKLcoA24EptiL1G8 y+Ozy51tCLGYZtRuWWWg91zT5cc3Ci577+52ANc1J9a/Jl5+X5kByDODlh+FeTgrvEKt O4ybRluxMb/Z+A4VhghE5MqvBIyEjm6mhMFLXP8I0AG36efX2TgNTCU6FbOwTa5iTc5U JcZw==
X-Gm-Message-State: APjAAAWupXd1FRNRuOLJMvUpiY2lRObnn4rvSwrnpnmE5aMAfdS48pXK 0TU/T9zYlpXqnX70lNyHL6v/B2qEtLu9BKSYS0G/3w==
X-Google-Smtp-Source: APXvYqwrQ1Tsllc6ZguvIHVqe8uZVx+viVXd8gBuxAoRdrnXz8kEtu/P6bOyC5lJphtRaug2hhqImhx05DoIwP5p2WA=
X-Received: by 2002:a17:906:6ad7:: with SMTP id q23mr7813041ejs.214.1571397158408; Fri, 18 Oct 2019 04:12:38 -0700 (PDT)
MIME-Version: 1.0
References: <>
In-Reply-To: <>
Date: Fri, 18 Oct 2019 13:12:22 +0200
Message-ID: <>
To: Joseph Salowey <>
Cc:,, The IESG <>, dmm <>
Content-Type: multipart/alternative; boundary="0000000000006db02105952d69ef"
Archived-At: <>
Subject: Re: [secdir] Secdir last call review of draft-ietf-dmm-distributed-mobility-anchoring-13
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 18 Oct 2019 11:12:44 -0000

Dear Joseph,

Thanks a lot for the review. We will improve the security consideration
section by including also some of the considerations mentioned in draft-ietf
-dmm-deployment-models-04, and also by better scoping current text. We
believe we don't need much more in terms of text, as the document is
informational, and the actual security mechanisms for a distributed
anchoring solution would depend on the specifics of that solution. We can
also better reflect that rational in the text.



On Mon, Oct 14, 2019 at 12:25 AM Joseph Salowey via Datatracker <>; wrote:

> Reviewer: Joseph Salowey
> Review result: Has Issues
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG.  These comments were written primarily for the benefit of the
> security area directors.  Document editors and WG chairs should treat
> these comments just like any other last call comments.
> The summary of the review is the document has issues with the security
> considerations section.
> The security consideration section is extremely light.  It mainly contains
> text
> from RFC 7333.  It seems that there should be more discussion of security
> as it
> relates to the different configurations and different cases.   Do each of
> these
> cases have the same security properties and require the same types of
> security
> controls?
> Are the IPSEC recommendations mentioned in the security considerations of
> draft-ietf-dmm-deployment-models-04 applicable for all the cases?   Should
> these be pointed out in the security considerations section?

Special Issue "Beyond 5G Evolution":