[secdir] Secdir review of draft-ietf-taps-transports-usage-udp-05

Radia Perlman <radiaperlman@gmail.com> Mon, 04 September 2017 04:47 UTC

Return-Path: <radiaperlman@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A064B1329E3; Sun, 3 Sep 2017 21:47:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ElAHHkZyB5tf; Sun, 3 Sep 2017 21:47:08 -0700 (PDT)
Received: from mail-it0-x229.google.com (mail-it0-x229.google.com [IPv6:2607:f8b0:4001:c0b::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93847132E23; Sun, 3 Sep 2017 21:33:12 -0700 (PDT)
Received: by mail-it0-x229.google.com with SMTP id k189so12621449itk.0; Sun, 03 Sep 2017 21:33:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=XkelEKANE8hBFJz5pMTdijDwYvnSa8mizH0ZLOC1c9g=; b=IIKCV/vChB1zQygjk1HVddDXinT/j3UUhXAlLdTW5DgePPtPYT3OWUfrfNqnRfnBQu BANyMWGtqFqT+7VAta8K7DngEKMKwyN8rQGbjA/56WccRvJTuGs6pF0JTL8X/e9CLGR7 jj/CXFvQ1hcAoz0p/uDmjzShs/q8qAEU2TJ2xG8/aGjm3jhoIKIcTuC8qHOJS52vdEyA OFtIpZyGZD9Ctc0rHwzjT7BDHW+6RmHTumiYOw0NoWOxrKfhD7pp+ZLdD/Lp8oSjfokO d0swUOuZ5NCTT+tMIcSLxV3WrltgHP5tw68Z/gxaG4DrIroYp2d7sDxNhvgmTgo5Uwsi leBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=XkelEKANE8hBFJz5pMTdijDwYvnSa8mizH0ZLOC1c9g=; b=Sc6GeJLL+DqhqasgleLzI4WWKDECrrZuYSa0aRkOXU2qmWx2L8WS/InVh06EquOc/u lR3X/peIkgFS1V1BkO2XyA3/o6HCL4kCWUHFnbLwmcRJWPTQNFrbV6IADuVS3pluiGOf hWYQXQ0ry/iRvDFvEH64bnszYn2rtJSiGeMC/Hs3z+ttVtLQMZWIeHIMJEQEWsrXK18S kvpL1JybDscKojM65gqpN9FBsv6PxJcxIdk/qwmc/tcFUJkhaz2KY++UZABRE+urpbHT oqP78qlTiC+PYDdHK/IwhW/Mde8GY6eHyAGA6Sc3VgDrzpTbDTqe0pGKhb0W4hurX79a 91sg==
X-Gm-Message-State: AHPjjUirmNpmNDqwiUos0kY4/3X69Ov+EUWbnrx4PoojI0s4hierT0fW 1HQLcPwQJ2aBazErNjMJak3FL+BftqDx
X-Google-Smtp-Source: ADKCNb42RAgBo7nCtng9NSc7txhK33IVCRT0RVQ8IR8Lrxtvyx2+LdtWpKlABJfKQLlM7FfOnDlaMWl/zgBLQB5fETg=
X-Received: by 10.36.160.73 with SMTP id o70mr5241595ite.160.1504499591656; Sun, 03 Sep 2017 21:33:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.2.48.212 with HTTP; Sun, 3 Sep 2017 21:33:11 -0700 (PDT)
From: Radia Perlman <radiaperlman@gmail.com>
Date: Sun, 3 Sep 2017 21:33:11 -0700
Message-ID: <CAFOuuo5HjRn7SfT=q2muJ3LFner3AjpOnHTSnEObrqUpgVDWyg@mail.gmail.com>
To: "secdir@ietf.org" <secdir@ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-taps-transports-usage-udp.all@tools.ietf.org
Content-Type: multipart/alternative; boundary="94eb2c04a072b9b96a0558559b25"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/RS4KAf-bqKsRo_v4QG-BIugsjmc>
Subject: [secdir] Secdir review of draft-ietf-taps-transports-usage-udp-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Sep 2017 04:47:10 -0000

I have reviewed this document as part of the security directorate's

ongoing effort to review all IETF documents being processed by the IESG.

These comments were written primarily for the benefit of the security

area directors. Document editors and WG chairs should treat these

comments just like any other last call comments.



This informational document contains tutorial information on the use of the
sockets API to send and receive data over the UDP and UDP-lite protocols.
It is apparently part of an effort to write tutorial descriptions of APIs
to all IETF-standardized transport protocols.



This document refers the reader to the standards for all security
considerations. That is probably appropriate. It’s always difficult to
decide what information to include and what to exclude in a tutorial.  I
would have liked an explanation of how the sender knows whether to request
UDP or UDP-lite, since it doesn't look like UDP-lite would be compatible
with something that only speaks UDP.



Nits:



The abstract refers to a current I-D intended to advance with this one as
RFCxxxx, which I believe is non-standard, but the RFC editor can probably
sort it out.



In the pdf version, one of the references to [I-D.ietf-taps-transports-usage]
is not preceded with a space and did not get turned into a clickable link.
There is a similar problem with [RFC8200] on page 4.



Page 4: “Operations should be provided that allows” -> “Operations should
be provided that allow”

Page 4: “[RFC6935] and [RFC6936] defines” -> “[RFC6935] and [RFC6936]
define”


Radia