Re: [secdir] Secdir review of draft-ietf-pwe3-vccv-impl-survey-results-02
"Malis, Andrew G (Andy)" <andrew.g.malis@verizon.com> Thu, 03 October 2013 19:33 UTC
Return-Path: <andrew.g.malis@verizon.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E7C921F9C83; Thu, 3 Oct 2013 12:33:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rD4-m4jOV8Aa; Thu, 3 Oct 2013 12:33:02 -0700 (PDT)
Received: from fldsmtpe02.verizon.com (fldsmtpe02.verizon.com [140.108.26.141]) by ietfa.amsl.com (Postfix) with ESMTP id 4106721F93BA; Thu, 3 Oct 2013 12:15:41 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: false
Received: from unknown (HELO fldsmtpi03.verizon.com) ([166.68.71.145]) by fldsmtpe02.verizon.com with ESMTP; 03 Oct 2013 19:14:57 +0000
From: "Malis, Andrew G (Andy)" <andrew.g.malis@verizon.com>
X-IronPort-AV: E=Sophos;i="4.90,1027,1371081600"; d="scan'208";a="561343071"
Received: from fhdp1lumxc7hb04.verizon.com (HELO FHDP1LUMXC7HB04.us.one.verizon.com) ([166.68.59.191]) by fldsmtpi03.verizon.com with ESMTP; 03 Oct 2013 19:14:57 +0000
Received: from fhdp1lumxc7v22.us.one.verizon.com ([166.68.59.158]) by FHDP1LUMXC7HB04.us.one.verizon.com ([166.68.59.191]) with mapi; Thu, 3 Oct 2013 15:14:57 -0400
To: Alexey Melnikov <alexey.melnikov@isode.com>, IESG <iesg@ietf.org>, "draft-ietf-pwe3-vccv-impl-survey-results.all@tools.ietf.org" <draft-ietf-pwe3-vccv-impl-survey-results.all@tools.ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Date: Thu, 03 Oct 2013 15:14:55 -0400
Thread-Topic: Secdir review of draft-ietf-pwe3-vccv-impl-survey-results-02
Thread-Index: Ac7AbNix+BMqvgz9TUuoVIKtL2//KA==
Message-ID: <CE733A11.4BE72%andrew.g.malis@one.verizon.com>
In-Reply-To: <522CA828.1010103@isode.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.7.130812
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailman-Approved-At: Thu, 03 Oct 2013 12:36:59 -0700
Cc: "Malis, Andrew G (Andy)" <andrew.g.malis@verizon.com>
Subject: Re: [secdir] Secdir review of draft-ietf-pwe3-vccv-impl-survey-results-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Oct 2013 19:33:15 -0000
Alexey, Thanks for your review, and sorry for the delay. Stewart shared with me an email conversation about the draft and I'll be updating the draft to include the results of that conversation. Cheers, Andy On 9/8/2013 12:39 , "Alexey Melnikov" <alexey.melnikov@isode.com> wrote: Hello, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. -- Most pseudowire Emulation Edge-to-Edge (PWE3) encapsulations mandate the use of the Control Word (CW) to carry information essential to the emulation, to inhibit Equal-Cost Multipath (ECMP) behavior, and to discriminate Operations, Administration, and Maintenance (OAM) from Pseudowire (PW) packets. However, some encapsulations treat the Control Word as optional. As a result, implementations of the CW, for encapsulations for which it is optional, vary by equipment manufacturer, equipment model and service provider network. Similarly, Virtual Circuit Connectivity Verification (VCCV) supports three Control Channel (CC) types and multiple Connectivity Verification (CV) Types. This flexibility has led to reports of interoperability issues within deployed networks and associated drafts to attempt to remedy the situation. This survey of the PW/ VCCV user community was conducted to determine implementation trends. The survey and results are presented in this document. As the document is a survey of what existing implementations do in this area, I agree with editors that it doesn't introduce new security concerns. Editors also clarified that they took precautions to ensure the validity of the sample and the data, in particular they verified email addresses of respondents and that they are representing different companies, not including equipment vendors. I don't have any concerns about security considerations for this document. With no disrespect to document editors, the WG and the shepherding AD, I am however concerns that this document doesn't contain information that is useful for publishing as an RFC. I would be happy to be proven wrong on this. Best Regards, Alexey
- [secdir] Secdir review of draft-ietf-pwe3-vccv-im… Alexey Melnikov
- Re: [secdir] Secdir review of draft-ietf-pwe3-vcc… Malis, Andrew G (Andy)