[secdir] SECDIR review of draft-ietf-mptcp-rfc6824bis-11
Donald Eastlake <d3e3e3@gmail.com> Tue, 17 July 2018 13:15 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8572130E79; Tue, 17 Jul 2018 06:15:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MHF-mAxjYyG5; Tue, 17 Jul 2018 06:15:48 -0700 (PDT)
Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6670E130F75; Tue, 17 Jul 2018 06:15:45 -0700 (PDT)
Received: by mail-it0-x234.google.com with SMTP id 188-v6so1781876ita.5; Tue, 17 Jul 2018 06:15:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=lx7A8KPDH+gvQ4RI6kGKzjaZWkY/LWZHMLXnOR3GMs4=; b=rx9If6VXZcafeGIBfz/VahW0VMdInIgzshTxjHfwVSXhJTcCAVSQ5KePzIBA7WhkXE eCxBQttUO3KzFdOxevbcnEP78hWZQkPNXkq9HrPExtsiH4h6R/ppKd3RONvyfsh9uX2z aslyKwn78ODSw2dcFYnw59SvmXtvyPdFM4hW3Dw0FAhXlDvihGojex4MsnJyGGato2+c Ba8rs26WjCBfIU66wSOXUFOCg53aFBBnUCgDj88xTCOKYBel/OtG292+ik2Ey2/sQ5jH p1mqy5nOaD6bD6CKvxl+KLKlZf9i8VR/l5Ujd/y0GcssI7YvxJnZ1H9oOcB1V4wtifb5 dw+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=lx7A8KPDH+gvQ4RI6kGKzjaZWkY/LWZHMLXnOR3GMs4=; b=Xoi5mPQhLg+uZFjgBBm4qVbypcRGosppctP6bEwAKS7KNTpCf+RNoEIebwaGpIJfte UJ8NRL+WkkSfrPqDo9L77VMZR5DWOtQLyDcSxRNp6Kj5DD9ZoIcIQb1/KtIQgaRcp61u VgDWc9F9qCpAmiRwswcdnp0ToxK5ApW6sJ0BqRZS5yzXZODRysD3B0zLk6FMLKooa1ej xvza9zlg79o4ZLttXADnYXEAIgr6NWJgFv3x0bNEYMJaB/RLMvqQnuoC6GKvxrc6XlRl ovYz089EIPd+/IxeYyXM0ND/d4WKT2XDvOR8glv4pMg8o6ofHKhtEwoEPcGi+s7Ng4/Z A/rQ==
X-Gm-Message-State: AOUpUlGA1nKQVDM3bYqRmvsJT0UJphOBhnrlt4w/vmkB5XfuBP2OJ+F7 CPUYod6j48Od4P6+vadgQdiTtpBOGnYv69SjJhTRn+nV
X-Google-Smtp-Source: AAOMgpcK83fdIZRT2JX7RRYjAcdHKgaQoJjL6uuZhxFRaV6pZX/D2+XAdWdIaLSqpOgwbTfC8sQyKMiCqHYxwb8TrJo=
X-Received: by 2002:a24:1155:: with SMTP id 82-v6mr1425213itf.59.1531833344474; Tue, 17 Jul 2018 06:15:44 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a6b:bf84:0:0:0:0:0 with HTTP; Tue, 17 Jul 2018 06:15:28 -0700 (PDT)
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Tue, 17 Jul 2018 09:15:28 -0400
Message-ID: <CAF4+nEE2JcBtv6=9s7Z6aAivuOf8yKvJRRKaZbeqZyumv2Gwkw@mail.gmail.com>
To: draft-ietf-mptcp-rfc6824bis.all@ietf.org
Cc: secdir@ietf.org, "iesg@ietf.org" <iesg@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005a43dd057131bea0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/RwQqGewdo9Rf5_YRS3KyEUIaa6Y>
Subject: [secdir] SECDIR review of draft-ietf-mptcp-rfc6824bis-11
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jul 2018 13:15:55 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready. This draft specified version 1 of Multipath TCP obsoleting version 0. The paths are identified by the 4-tuple of IP addresses and ports for each path. The services offered to applications are the same as TCP. The additional information needed for setting up and tearing down paths, synchronizing flows, etc., is communicated using TCP options. The Security Considerations section appears to be good and the security mechanisms adequate to achieve the documents goal of being as secure as TCP. There is a good if somewhat generalized Threat Analysis in RFC 6181 as well as an Architecture document in RFC 6182 that considers security aspects. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 1424 Pro Shop Court, Davenport, FL 33896 USA d3e3e3@gmail.com
- [secdir] SECDIR review of draft-ietf-mptcp-rfc682… Donald Eastlake