[secdir] secdir review of draft-ietf-karp-threats-reqs-03
Stephen Kent <kent@bbn.com> Wed, 10 August 2011 18:51 UTC
Return-Path: <kent@bbn.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 040F721F8B13 for <secdir@ietfa.amsl.com>; Wed, 10 Aug 2011 11:51:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=5 tests=[]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id psRnX7FgSl7B for <secdir@ietfa.amsl.com>; Wed, 10 Aug 2011 11:51:45 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 65CE921F8B1B for <secdir@ietf.org>; Wed, 10 Aug 2011 11:51:44 -0700 (PDT)
Received: from dhcp89-089-043.bbn.com ([128.89.89.43]:49219) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1QrDt2-000PuJ-8F for secdir@ietf.org; Wed, 10 Aug 2011 14:52:16 -0400
Mime-Version: 1.0
Message-Id: <p0624080aca6883578cf1@[128.89.89.43]>
Date: Wed, 10 Aug 2011 14:52:14 -0400
To: secdir@ietf.org
From: Stephen Kent <kent@bbn.com>
Content-Type: multipart/mixed; boundary="============_-899120161==_============"
Subject: [secdir] secdir review of draft-ietf-karp-threats-reqs-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Aug 2011 18:51:46 -0000
I reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document (draft-ietf-karp-threats-reqs-03) is a document intended to help guide protocol development in the KARP WG. The abstract states "This document has two main parts - the first describes the threat analysis for attacks against routing protocols' transports and the second enumerates the requirements for addressing the described threats." The threat analysis is VERY badly written; it is a hodgepodge of attack discussions, using mostly non-standard security terminology, and peppered with a lot of redundant statements. The requirements discussion is somewhat better, but also suffers from use of poor terminology, an ad hoc approach to organization, and substantial redundancy. I have provided extensive comments and some questions in the attached PDF (an MS Word change tracked version of the document). The comments are so extensive as to not admit discussion in this message. Section 1.1 provides definitions for terms used in the document, and it has a number of problems. I suggest that the authors refer to NIST SP 800 series documents for definitions of terms associated with cryptographic keying, and to the IETF Security Glossary (RFC 4949) for other security terms. Also, many terms are used in the threat discussion (Section 2) that should be described based on the 4949 glossary, rather than what appear to be author-generated definitions. The goals discussion (Section 1.5) is one of the few sections of the document without major problems (other than editing). This document needs to be sent back to the WG for substantial revision. Steve
- [secdir] secdir review of draft-ietf-karp-threats… Stephen Kent