[secdir] SecDir review of draft-ietf-pwe3-fat-pw-06

Yaron Sheffer <yaronf.ietf@gmail.com> Thu, 12 May 2011 05:32 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5501EE06A4; Wed, 11 May 2011 22:32:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id HbTG6ppBwgPb; Wed, 11 May 2011 22:32:25 -0700 (PDT)
Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com []) by ietfa.amsl.com (Postfix) with ESMTP id 74FB8E0689; Wed, 11 May 2011 22:32:25 -0700 (PDT)
Received: by wwa36 with SMTP id 36so920177wwa.13 for <multiple recipients>; Wed, 11 May 2011 22:32:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:content-type:content-transfer-encoding; bh=r50tHU+tSzN1zG6fxhBkGEldrHEfq2v1fQAWkD6YSA8=; b=Zgvh2fFbx05u4JyAhOEeyD4GeOGj4f8/tGgLDXSmx7VcHR/ve8QdMoNcuaWcg40VCp 0X0e9Oee1BKytD52YBCxrDS+uHssweYSns7T+4K46ccJUNtbdac8GILl0dj4KC5JsDrY U6gGy6x2LoBvBXBUqiNlr3tJi7XZTsLA4knjY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=oUZ4DHOXpeJQ1p3aSRwD4Jj6Ayxwkh1caD+V2FieX1iBBZkwPM+sRf9q3jaSNYpLDA 6TzwDJjYHpIIgwsDQYULe8UTYgCUjv+3PYXcztllfpbEISngQra9hHnmTSWeXxwS/BsV azUKLBwSMRLoCBmVAEakJPqlCZki9Vz90p+eg=
Received: by with SMTP id e8mr10650963wbz.50.1305178344636; Wed, 11 May 2011 22:32:24 -0700 (PDT)
Received: from [] ( []) by mx.google.com with ESMTPS id s20sm512046wbh.6.2011. (version=SSLv3 cipher=OTHER); Wed, 11 May 2011 22:32:24 -0700 (PDT)
Message-ID: <4DCB70E5.8090906@gmail.com>
Date: Thu, 12 May 2011 08:32:21 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20110424 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: Security Area Directorate <secdir@ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-pwe3-fat-pw.all@tools.ietf.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [secdir] SecDir review of draft-ietf-pwe3-fat-pw-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 May 2011 05:32:26 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the IESG. 
These comments were written primarily for the benefit of the security 
area directors.  Document editors and WG chairs should treat these
comments just like any other last call comments.

This document proposes the addition of MPLS flow labels, to enable 
multiplexing of a single pseudowire (PW) over multiple paths, while 
retaining the packet order within each IP flow.

The document's security considerations simply reference several former 
MPLS documents. I believe this is appropriate in this case.

Nits: although very readable, the document needs another round of 
proofreading. The following is from the abstract and the first sentence 
of the Introduction (!):

- Abstract: "most forwarding engines": the sentence is unclear - hash 
what? Also a dangling "END" at the end of the abstract.

- Intro first sentence: exit -> exist, equipments -> equipment/devices.