Re: [secdir] Secdir review of draft-ietf-manet-nhdp-olsrv2-tlv-extension-01

"Dearlove, Christopher (UK)" <> Mon, 10 February 2014 16:07 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 382CB1A086D; Mon, 10 Feb 2014 08:07:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.448
X-Spam-Status: No, score=-7.448 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.548] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6Da0WqClUw4u; Mon, 10 Feb 2014 08:07:19 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id C21EB1A0694; Mon, 10 Feb 2014 08:07:18 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.95,818,1384300800"; d="scan'208";a="348072460"
Received: from unknown (HELO ([]) by with ESMTP; 10 Feb 2014 16:07:17 +0000
From: "Dearlove, Christopher (UK)" <>
X-IronPort-AV: E=Sophos;i="4.95,818,1384300800"; d="scan'208";a="45726033"
Received: from ([]) by with ESMTP; 10 Feb 2014 16:07:17 +0000
Received: from ([]) by ([]) with mapi id 14.03.0174.001; Mon, 10 Feb 2014 16:07:17 +0000
To: Tero Kivinen <>, "" <>, "" <>, "" <>
Thread-Topic: Secdir review of draft-ietf-manet-nhdp-olsrv2-tlv-extension-01
Thread-Index: AQHPJmk7TLKBdzx/bk2glfOcmVHZWJqupw1Q
Date: Mon, 10 Feb 2014 16:07:16 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-GB, en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: Re: [secdir] Secdir review of draft-ietf-manet-nhdp-olsrv2-tlv-extension-01
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 10 Feb 2014 16:07:21 -0000

Thanks you for your review and comments. IANA want a bit more clarity in their section, so we'll roll your nit in with that.

Christopher Dearlove
Senior Principal Engineer, Communications Group
Communications, Networks and Image Analysis Capability
BAE Systems Advanced Technology Centre
West Hanningfield Road, Great Baddow, Chelmsford, CM2 8HN, UK
Tel: +44 1245 242194 |  Fax: +44 1245 242124 |

BAE Systems (Operations) Limited
Registered Office: Warwick House, PO Box 87, Farnborough Aerospace Centre, Farnborough, Hants, GU14 6YU, UK
Registered in England & Wales No: 1996687

-----Original Message-----
From: Tero Kivinen [] 
Sent: 10 February 2014 14:06
Subject: Secdir review of draft-ietf-manet-nhdp-olsrv2-tlv-extension-01

----------------------! WARNING ! ---------------------- This message originates from outside our organisation, either from an external partner or from the internet.
Consider carefully whether you should click on any links, open any attachments or reply.
Follow the 'Report Suspicious Emails' link on IT matters for instructions on reporting suspicious email messages.

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

This document seems to fix some cases in the NHDP and OLSRv2 TLVs where the original document might have been considered saying that unknown values in the TLVs can be used as a reason to reject message.
This document makes it clear how unknown values in the TLVs needs to be processed. This document also creates several IANA registries for the TLV values and changes couple of the TLV values from numbers to bitfields (the existing values were already allocated so that the numbers can be parsed as bitfield).

Security considerations section mentions that as this does not really change the current implementations, it more or less describes how new extensions should be processed with implementations it does not add any new security considerations. New extensions might of course add new security considerations but those should be addressed in the documents which make those extensions.

The document is ready with nits.

Some nits:

In the IANA considerations section the IANA is used both in singular and plural, i.e. it says both "IANA is requested" and "IANA are requested". This should be fixed to say "IANA is requested". 

This email and any attachments are confidential to the intended
recipient and may also be privileged. If you are not the intended
recipient please delete it from your system and notify the sender.
You should not copy it or use it for any purpose nor disclose or
distribute its contents to any other person.