[secdir] Secdir review of draft-ietf-multi-cost
Magnus Nyström <magnusn@gmail.com> Mon, 27 March 2017 03:50 UTC
Return-Path: <magnusn@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E43AC127241; Sun, 26 Mar 2017 20:50:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Me90KVg1PTdL; Sun, 26 Mar 2017 20:50:43 -0700 (PDT)
Received: from mail-qt0-x229.google.com (mail-qt0-x229.google.com [IPv6:2607:f8b0:400d:c0d::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DA1E1292D0; Sun, 26 Mar 2017 20:50:41 -0700 (PDT)
Received: by mail-qt0-x229.google.com with SMTP id n21so27876999qta.1; Sun, 26 Mar 2017 20:50:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=i6PbsDc2t8VOP/AZ1nXYb7oESlufxXSYAYIAsfqdG44=; b=Z0WjszP1tYQ18dfYOnbPk7trlQx9emfIBRwA/xIeVucYiaO2nAonI5Gc7SYJTxORUo DXfZPEODKppb7a6y+IJC0i1R3+gxW3kLbkTM56yYy1WZbmTT5L2JVf73fqgDuEPSx/yT sLidlBxE+tZgavzFjmA4Ep8WfU37G+1IDGWaOzh6ocZppYLFGmV3Ml8U/tG0jHWh1L+f 3mNDQ9uBjcH8vEFSbdPrgtmnGiv2ubIczdi6soj/jh1rBy3+Ou0VE+lNqCsNaW2mzGez wZl9sA5B3AXlgUsv5l32b81Z3D9bkQCQ3Uv4Rm06CXZdMfANXy5SByASaduJb/R4bJpI CkPg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=i6PbsDc2t8VOP/AZ1nXYb7oESlufxXSYAYIAsfqdG44=; b=pNeyr+CzkxbV3QxJBCk+s643QWlAMo/AV0I1sFw1NwYd7difoOZ/ISX+yTOSLFMPaI yqwKYCFOXuqhq59mCUfstHBf9uZ5bAiZDAqx9caB7XIx0z5VLkRoBIGuGA+ZCy/ykTOO iFFN3QpdUiXw8uzcX8LIBVDg4ATqaRU8gN1lDZ4FY4XjqZYm9v3H2y8QGDyVGRu9j8fg WEy5NemcXNeuAdsT+00bkvNK7esFfy56U3GxeRaCHu4PlNWlGC7l+AUKnWwul9GNS6ep nfA9zQQFozn7y++7Q1sHOuMfQVS0AUD+XEqaOZWSpjbshUpbJR7qpjGV3O9YiYr4vzab I8og==
X-Gm-Message-State: AFeK/H0EQ1J+cxr2b522i7hG8KeMoF/FlCymSEF8jwplAkKLhGe7manW7ijRnqYl6uLPHjnkLljii9O9PA1i2Q==
X-Received: by 10.200.40.42 with SMTP id 39mr18556184qtq.149.1490586640220; Sun, 26 Mar 2017 20:50:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.237.48.47 with HTTP; Sun, 26 Mar 2017 20:50:39 -0700 (PDT)
From: Magnus Nyström <magnusn@gmail.com>
Date: Sun, 26 Mar 2017 20:50:39 -0700
Message-ID: <CADajj4Yb_aCga9H5ZuTzpDEN+-OD-xWJiqL_60XAP=HAfwWz9Q@mail.gmail.com>
To: "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-alto-multi-cost@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/NNWtaPe-T1-LyrNxCPRJUdl9OG4>
Subject: [secdir] Secdir review of draft-ietf-multi-cost
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2017 03:50:46 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes extensions to the ALTO (Application Layer Traffic Optimization) protocol that allows for more efficient information exchanges between an ALTO client and an ALTO server. Specifically, it allows a client to query for multiple metrics in one request. The security considerations section correctly refers to the basic ALTO protocol I only have one additional consideration (and I don't even know if it applies ...): With the existing ALTO protocol, a server could defend against dDOS by not throttling requests. However, each accepted request is simple in that it only deals with one metric. With this document, a malicious client could send a highly complicated query to the server, which may cause significant resources to be used on the server end and without an ability to throttle. Is that a risk? Other than that, the document may benefit from a language/grammar review. Example: "Hence a legacy may send a request with a constraint test on any of the cost types listed in "cost-type-name" - should likely be "legacy client". There are more such examples. Thanks, -- Magnus
- [secdir] Secdir review of draft-ietf-multi-cost Magnus Nyström
- Re: [secdir] Secdir review of draft-ietf-multi-co… Randriamasy, Sabine (Nokia - FR/Nozay)