[secdir] Secdir last call review of draft-ietf-pim-mofrr-tilfa-05

Valery Smyslov via Datatracker <noreply@ietf.org> Thu, 19 September 2024 13:25 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from [10.244.2.67] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 0922EC14F75F; Thu, 19 Sep 2024 06:25:45 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Valery Smyslov via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.24.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <172675234546.468133.18122821817723776433@dt-datatracker-65695bf5bc-rgg8z>
Date: Thu, 19 Sep 2024 06:25:45 -0700
Message-ID-Hash: GWYYEBQZMXRKTFGMBS2O7726ZHLS4JMU
X-Message-ID-Hash: GWYYEBQZMXRKTFGMBS2O7726ZHLS4JMU
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-pim-mofrr-tilfa.all@ietf.org, last-call@ietf.org, pim@ietf.org
X-Mailman-Version: 3.3.9rc4
Reply-To: Valery Smyslov <valery@smyslov.net>
Subject: [secdir] Secdir last call review of draft-ietf-pim-mofrr-tilfa-05
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/PFQMjURw0wnbn2WOML-wOf0pk_g>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>

Reviewer: Valery Smyslov
Review result: Ready

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors. Document
editors and WG chairs should treat these comments just like any other last call
comments.

The document specifies how Topology Independent Loop-Free Alternate mechanisms
with Multicast Only Fast ReRoute can be used with Protocol Independent
Multicast (PIM) to allow selecting backup routes in complex topologies.

I'm not an expert in routing (in particular in multicast routing), but to my
best understanding of the described technology, the Security Considerations
section accurately describes all new security concerns that could raise due
this technology and provides reasonable measures to mitigate them.