[secdir] Secdir early review of draft-ietf-bmwg-ngfw-performance-00

Kathleen Moriarty via Datatracker <noreply@ietf.org> Mon, 08 July 2019 20:38 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 77599120041; Mon, 8 Jul 2019 13:38:08 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Kathleen Moriarty via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-bmwg-ngfw-performance.all@ietf.org, ietf@ietf.org, bmwg@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.98.3
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Message-ID: <156261828836.820.7530581707536369773@ietfa.amsl.com>
Date: Mon, 08 Jul 2019 13:38:08 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/QBDNlfOjd9jiu55OifS6mKUfTeM>
Subject: [secdir] Secdir early review of draft-ietf-bmwg-ngfw-performance-00
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jul 2019 20:38:09 -0000

Reviewer: Kathleen Moriarty
Review result: Has Nits

Thank you for your work on draft-ietf-bmwg-ngfw-performance.  This is a
straightforward review establishing metrics for comparison of SUT/DUT for
firewalls establishing measurement requirements as well as acceptance criteria.
 When crypto is recommended for use in testing, it's current, although it
should be noted that this is just for test environments.  In terms of security,
I think this document is ready with nits.

Please add a security considerations section.  Feel free to include something
like what's above.

Section 4.1: Nit

Spell out Device under test/system under test on first use.  I don't think it
comes up that often in the IESG review cycle.  I had to look it up and my
memory was jogged.

Sorry for my late 'early' review!