[secdir] secdir review of draft-ietf-pce-wson-routing-wavelength-14

"Dan Harkins" <dharkins@lounge.org> Mon, 27 October 2014 17:04 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id B711D1A0103; Mon, 27 Oct 2014 10:04:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.467
X-Spam-Status: No, score=-2.467 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id dqRP84Tz9Lk9; Mon, 27 Oct 2014 10:04:21 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net []) by ietfa.amsl.com (Postfix) with ESMTP id 702441A1B8A; Mon, 27 Oct 2014 10:03:44 -0700 (PDT)
Received: from www.trepanning.net (localhost []) by colo.trepanning.net (Postfix) with ESMTP id 31CF31022404C; Mon, 27 Oct 2014 10:03:44 -0700 (PDT)
Received: from (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Mon, 27 Oct 2014 10:03:44 -0700 (PDT)
Message-ID: <28335d401a6c792d0259a03c5767c1dc.squirrel@www.trepanning.net>
Date: Mon, 27 Oct 2014 10:03:44 -0700
From: Dan Harkins <dharkins@lounge.org>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-pce-wson-routing-wavelength.all@tools.ietf.org
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/MpDoLibhU_9wk7CVwUXKf6oj8PQ
Subject: [secdir] secdir review of draft-ietf-pce-wson-routing-wavelength-14
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Oct 2014 17:04:31 -0000


  I have reviewed draft-ietf-pce-wson-routing-wavelength as part of
the security directorate's ongoing effort to review all IETF documents
being processed by the IESG.  These comments were written primarily
for the benefit of the security area directors. Document editors and
WG chairs should treat  these comments just like any other last call

  This is a requirements document for additions to the PCEP protocol
to support path computation in a wavelength-switched optical
network. It describes what needs to be added to requests/responses
to support routing and wavelength assignment to a path computation
element (that supports both functions) for a path computation client.

  The security considerations are basically a punt. There's information
that an operator may not want to disclose and "[c]onsideration should
be given to securing this information." That seems a little thin. At the
very least some explanation of how this should be done. Do only the
TLVs that represent these required additions require confidentiality?
Is KARP a potential solution to this problem? If so it might be nice to
explain that; if not, then why and what else would be required?

  It is a well-organized and well-written document. I would say it
is "ready with nits", my nits being the thinness of the Security
Consideration section.