[secdir] secdir review of draft-ietf-abfab-arch-10

Tom Yu <tlyu@MIT.EDU> Thu, 23 January 2014 03:15 UTC

Return-Path: <tlyu@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id DA7851A00BF; Wed, 22 Jan 2014 19:15:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.136
X-Spam-Status: No, score=-3.136 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id sa3pFR57YUZU; Wed, 22 Jan 2014 19:15:46 -0800 (PST)
Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu []) by ietfa.amsl.com (Postfix) with ESMTP id ED13E1A00CD; Wed, 22 Jan 2014 19:15:45 -0800 (PST)
X-AuditID: 12074422-f79526d000000c47-37-52e089612335
Received: from mailhub-auth-4.mit.edu ( []) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id BF.4D.03143.16980E25; Wed, 22 Jan 2014 22:15:45 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu []) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id s0N3FgMm023853; Wed, 22 Jan 2014 22:15:44 -0500
Received: from cathode-dark-space.mit.edu (cathode-dark-space.mit.edu []) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s0N3Fek8026464 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 22 Jan 2014 22:15:41 -0500
Received: (from tlyu@localhost) by cathode-dark-space.mit.edu ( id s0N3FdEX016300; Wed, 22 Jan 2014 22:15:39 -0500 (EST)
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-abfab-arch.all@tools.ietf.org
From: Tom Yu <tlyu@MIT.EDU>
Date: Wed, 22 Jan 2014 22:15:39 -0500
Message-ID: <ldvy527pew4.fsf@cathode-dark-space.mit.edu>
Lines: 28
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrLIsWRmVeSWpSXmKPExsUixG6nrpvY+SDIYMc9Nou1a06xWMz4M5HZ 4sPChywOzB5Llvxk8vhy+TNbAFMUl01Kak5mWWqRvl0CV8akmT/ZCtq4K67sPMbawNjD2cXI ySEhYCLRfHMNO4QtJnHh3nq2LkYuDiGB2UwS5x9cgnI2Mkq8ObKLEcI5xyRxdcEaJpAWIYEu Romze1RAbBEBH4mNk+aCxYUFjCReL/sK1MDBwSYgLXF0cRlImEVAVeLxwQeMIDavgIXE3xPP wWweAU6J48umsUPEBSVOznzCAmIzC2hJ3Pj3kmkCI98sJKlZSFILGJlWMcqm5Fbp5iZm5hSn JusWJyfm5aUW6Zrq5WaW6KWmlG5iBIeai9IOxp8HlQ4xCnAwKvHwJny5HyTEmlhWXJl7iFGS g0lJlHdy+4MgIb6k/JTKjMTijPii0pzU4kOMEhzMSiK8J5OAcrwpiZVVqUX5MClpDhYlcd5b HPZBQgLpiSWp2ampBalFMFkZDg4lCV6hDqBGwaLU9NSKtMycEoQ0EwcnyHAeoOFfQRbzFhck 5hZnpkPkTzEqSonz+oAkBEASGaV5cL2wVPCKURzoFWHePyBVPMA0Atf9CmgwE9Dg6C33QAaX JCKkpBoY1bL3GdYytNxvW3bsu9D+fUqX+d5XFyyrdz/J4/QtRFrfsj6m80l4oHXD8urTe65/ 2O0e/ubQojCeJesf7zacr1jr8+KBrcf9i9wbpgX73ynb8/fI7CkHCs/ZOt/r3HR1gZzevfKy OR66n+Z9fyDY+mvqQUFxi2fBW3lZckXq/lVHL0gyE6iXV2Ipzkg01GIuKk4EAJXOmIXgAgAA
Subject: [secdir] secdir review of draft-ietf-abfab-arch-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jan 2014 03:15:48 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

Summary: ready with issues

The Security Considerations (section 5) appears incomplete.  The
next-to-last paragraph of the Security Considerations text is:

   Partial list of issues to be addressed in this section: Privacy,
   SAML, Trust Anchors, EAP Algorithm Selection, Diameter/RADIUS/AAA
   Issues, Naming of Entities, Protection of passwords, Channel Binding,
   End-point-connections (TLS), Proxy problems

The bulk of the Security Considerations adequately describes the
security properties of the different communication channels.  Section
4 is Privacy Considerations, so maybe just make a cross-reference to
it in Security Considerations?  If the other listed "to be addressed"
security considerations are already described elsewhere in the
document, possibly summarize them in section 5 and provide

The final paragraph of section 5 describes privacy considerations
related to reverse engineering of pseudonyms, but this text seems to
be logically disconnected from the rest of the section.  Maybe it
belongs in section 4?