[secdir] Review of: draft-ietf-ccamp-otn-g709-info-model

Warren Kumari <warren@kumari.net> Fri, 13 September 2013 22:53 UTC

Return-Path: <warren@kumari.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA00611E8218; Fri, 13 Sep 2013 15:53:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.675
X-Spam-Level:
X-Spam-Status: No, score=-101.675 tagged_above=-999 required=5 tests=[AWL=-0.565, BAYES_05=-1.11, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8TXyR-fMO8zz; Fri, 13 Sep 2013 15:53:05 -0700 (PDT)
Received: from vimes.kumari.net (smtp1.kumari.net [204.194.22.1]) by ietfa.amsl.com (Postfix) with ESMTP id E338411E821D; Fri, 13 Sep 2013 15:53:04 -0700 (PDT)
Received: from [192.168.1.153] (unknown [66.84.81.103]) by vimes.kumari.net (Postfix) with ESMTPSA id 94F301B4008B; Fri, 13 Sep 2013 18:53:03 -0400 (EDT)
From: Warren Kumari <warren@kumari.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Fri, 13 Sep 2013 18:53:03 -0400
Message-Id: <0DF61BD9-6007-4684-AB85-328D6538B81B@kumari.net>
To: "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-ccamp-otn-g709-info-model.all@tools.ietf.org
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
X-Mailer: Apple Mail (2.1508)
Subject: [secdir] Review of: draft-ietf-ccamp-otn-g709-info-model
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Sep 2013 22:53:11 -0000

Be ye not afraid...
I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.


Summary for Security AD: Nothing to see here, move along...

General summary:


This document could do with a careful reading for nits and similar.
It also use a large number of acronyms that are not defined in it -- e.g: ODUflex, GFP-F, ODUk. 
While there may be really well known in some spheres, I have *no* idea what they mean.
Please explain / expand them, or (probably much easier) simply say: "Familiarity with GMPLS and <whatever> is expected, especially [References]".


The Security Considerations section contains:
"New types of information to be conveyed regard OTN containers and hierarchies and from a security standpoint this memo does not introduce further risks with respect to the information that can be currently conveyed via GMPLS protocols."
I had a really hard time parsing this sentence -- I agree that this does't seem to introduce any new security issues, but the sentence seems to missing some words. Or something.


Some nits:

draft-ietf-ccamp-gmpls-ospf-g709v3-07 is now draft-ietf-ccamp-gmpls-ospf-g709v3-08
 
draft-ietf-ccamp-gmpls-signaling-g709v3-11 is now draft-ietf-ccamp-gmpls-signaling-g709v3-12

Section 1:
O: extensions need to support [G.709-2012] is provided in [OTN-FWK].
P:  extensions needed to support [G.709-2012] is provided in [OTN-FWK].
C: s/need/needed/

Section 2.  G.709 Mapping and Multiplexing Capabilities

O: The digital OTN layered structure is comprised of digital path layer
   (ODU) and digital section layer (OTU)
P: The digital OTN layered structure is comprised of the digital path layer
   (ODU) and the digital section layer (OTU)

O:  needs to be advertised and signaled, what is already there in GMPLS and what is missing.
P: needs to be advertised and signaled, what already exists GMPLS and what is missing.


3.  Tributary Slot Granularity

O:  ITU-T recommendation defines two types of Tributary Slot (TS)
C: Which ITU-T recommendation? Reference.

O: - If both ends of a link are new cards supporting both 1.25Gbps TS
      and 2.5Gbps TS, then the link will work with 1.25Gbps TS.
C: Throughout this section you reference "new" and "old" cards. I think you need better names or simply removed the words "new" and "old". I could presumably go to my vendor and buy a card that only supports 2.5Gbps tomorrow and that would be "new" for me.


3.2.  Control Plane considerations
O:  In case they cannot, A will compute an alternate path from itself to Z (see figure 4).
P: If not, A will compute an alternate path from itself to Z (see figure 4).
or
P:  If they cannot, A will compute an alternate path from itself to Z (see figure 4).
or
P:  In the case that they cannot, A will compute an alternate path from itself to Z (see figure 4).

O: Moreover, also TS granularity information needs to be signaled.
P: Moreover, TS granularity information also needs to be signaled.

O: the signaling to permit node C (see figure 5) choose the right one
P: the signaling to permit node C (see figure 5) to choose the right one

O: towards D. In case the full ERO is provided in the signaling with
P: towards D. In the case that the full ERO is provided in the signaling with
or
P: towards D. In cases where the full ERO is provided in the signaling with 

(I stopped here) 

W



--
I once absend-mindedly ordered Three Mile Island dressing in a restaurant and, with great presence of mind, they brought Thousand Island Dressing and a bottle of chili sauce.
    -- Terry Pratchett