[secdir] Secdir last call review of draft-ietf-anima-prefix-management-05
Russ Housley <housley@vigilsec.com> Thu, 05 October 2017 20:15 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BF0AC134315; Thu, 5 Oct 2017 13:15:56 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Russ Housley <housley@vigilsec.com>
To: secdir@ietf.org
Cc: draft-ietf-anima-prefix-management.all@ietf.org, ietf@ietf.org, anima@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.63.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150723455673.6154.11287987531699991961@ietfa.amsl.com>
Date: Thu, 05 Oct 2017 13:15:56 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/JAf56ZEoFZwj963suwqWCo54VYo>
Subject: [secdir] Secdir last call review of draft-ietf-anima-prefix-management-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Oct 2017 20:15:57 -0000
Reviewer: Russ Housley Review result: Has Issues I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Security Area Directors. Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments. Document: draft-ietf-anima-prefix-management-05 Reviewer: Russ Housley Review Date: 2017-10-05 IETF LC End Date: 2017-10-12 IESG Telechat date: Unknown Summary: Has Issues I did not review the state machines in detail. I assume that others that are far more familiar with PIM have done s detailed review of them. No Major Concerns Minor Concerns This document uses "DHCPv6-PD" and "DHCPv6 PD". At first, I was going to recommend picking one spelling. However, RFC 3633 does not define either of these. So, some explanation is needed in addition to being consistent. In Section 3, the document says that roles can be locally defined. If I properly understood the rest of the document, this is just a indirect way to state the prefix size. If I got that right, it would help to explain this to the reader as soon as possible. In Section 3.2.1, please give some examples of device identities. Are we talking about a serial number or something else? In Section 4.1, the document says: It should decide the length of the requested prefix and request it by the mechanism described in Section 6. However, Section 6 talks about: ... Thus it would be possible to apply an intended policy for every device in a simple way, without traditional configuration files. I do not see how the mechanisms in Section 6 increases the allocation for a single router. It seems to increase the allocation to all routers with a particular role. Nits Throughout the document, I find that "administrator(s)" grabs my attention. I suggest that "administrators" would be better for the reader. In Section 1, please spell out the first use of "ASA". In Section 3.1: s/with minimum efforts/with minimum effort/
- [secdir] Secdir last call review of draft-ietf-an… Russ Housley
- Re: [secdir] Secdir last call review of draft-iet… Brian E Carpenter