[secdir] secdir review of draft-ietf-ipfix-mediators-framework-09.txt

Stephen Hanna <shanna@juniper.net> Thu, 09 December 2010 06:22 UTC

Return-Path: <shanna@juniper.net>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 012373A69F0; Wed, 8 Dec 2010 22:22:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id thBzB5Ntl827; Wed, 8 Dec 2010 22:22:35 -0800 (PST)
Received: from exprod7og118.obsmtp.com (exprod7og118.obsmtp.com []) by core3.amsl.com (Postfix) with ESMTP id 7E7253A69F5; Wed, 8 Dec 2010 22:22:33 -0800 (PST)
Received: from source ([]) (using TLSv1) by exprod7ob118.postini.com ([]) with SMTP ID DSNKTQB1/269RZGPLnPwZfXhZ4c8e+QyPEQ+@postini.com; Wed, 08 Dec 2010 22:24:02 PST
Received: from p-emfe02-wf.jnpr.net ( by P-EMHUB02-HQ.jnpr.net ( with Microsoft SMTP Server (TLS) id; Wed, 8 Dec 2010 22:23:10 -0800
Received: from EMBX01-WF.jnpr.net ([fe80::8002:d3e7:4146:af5f]) by p-emfe02-wf.jnpr.net ([fe80::c126:c633:d2dc:8090%11]) with mapi; Thu, 9 Dec 2010 01:23:09 -0500
From: Stephen Hanna <shanna@juniper.net>
To: "ietf@ietf.org" <ietf@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, "ipfix@ietf.org" <ipfix@ietf.org>
Date: Thu, 9 Dec 2010 01:23:06 -0500
Thread-Topic: secdir review of draft-ietf-ipfix-mediators-framework-09.txt
Thread-Index: Acth3WZtFoUbk+23ReaFVG39Xm1qzw1iXwtQ
Message-ID: <AC6674AB7BC78549BB231821ABF7A9AE907B4A77CA@EMBX01-WF.jnpr.net>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [secdir] secdir review of draft-ietf-ipfix-mediators-framework-09.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Dec 2010 06:22:40 -0000

I have reviewed this document as part of the security directorate's  
ongoing effort to review all IETF documents being processed by the  
IESG. These comments were written primarily for the benefit of the  
security area directors. Document editors and WG chairs should treat  
these comments just like any other last call comments.

This document adds a new concept to the IPFIX architecture (RFC 5470):
IPFIX Mediation. This concept allows conversion, correlation, selection,
and other transformations on IPFIX records.

The document is clear and the Security Considerations section
seems to adequately cover the issues raised. I don't see any
problems from a security perspective.