[secdir] Secdir review of draft-ietf-mpls-ldp-end-of-lib-03

Alan DeKok <aland@deployingradius.com> Mon, 10 August 2009 15:22 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 4B29D3A6BA8; Mon, 10 Aug 2009 08:22:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.073
X-Spam-Status: No, score=-2.073 tagged_above=-999 required=5 tests=[AWL=0.526, BAYES_00=-2.599]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id Kc4HWKVSfAOO; Mon, 10 Aug 2009 08:22:01 -0700 (PDT)
Received: from liberty.deployingradius.com (liberty.deployingradius.com []) by core3.amsl.com (Postfix) with ESMTP id 725523A6D07; Mon, 10 Aug 2009 08:22:01 -0700 (PDT)
Received: from Thor.local (mey38-2-82-228-181-7.fbx.proxad.net []) by liberty.deployingradius.com (Postfix) with ESMTPSA id 6D4F11234593; Mon, 10 Aug 2009 17:22:04 +0200 (CEST)
Message-ID: <4A803B1C.3040007@deployingradius.com>
Date: Mon, 10 Aug 2009 17:22:04 +0200
From: Alan DeKok <aland@deployingradius.com>
User-Agent: Thunderbird (Macintosh/20090605)
MIME-Version: 1.0
To: secdir@ietf.org, IESG IESG <iesg@ietf.org>, draft-ietf-mpls-ldp-end-of-lib-03@tools.ietf.org
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [secdir] Secdir review of draft-ietf-mpls-ldp-end-of-lib-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2009 15:22:02 -0000

  I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

  This document defines an mechanism to signal "end of label"
advertisement to an LDP peer.  It uses pre-existing security mechanisms
in LDP to protect the LDP traffic.

  As such, it appears to have no additional security issues over and
above those in LDP.

  Alan DeKok.