IETF Logo Mail Archive

[secdir] SECDIR review of draft-ietf-roll-applicability-ami-12

Chris Lonvick <lonvick.ietf@gmail.com> Mon, 04 April 2016 23:29 UTC

Return-Path: <lonvick.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4156A12D8D7; Mon, 4 Apr 2016 16:29:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ebRq4azCnHc4; Mon, 4 Apr 2016 16:29:40 -0700 (PDT)
Received: from mail-pf0-x232.google.com (mail-pf0-x232.google.com [IPv6:2607:f8b0:400e:c00::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A2BB12D8CF; Mon, 4 Apr 2016 16:29:37 -0700 (PDT)
Received: by mail-pf0-x232.google.com with SMTP id c20so45304128pfc.1; Mon, 04 Apr 2016 16:29:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:message-id:date:user-agent:mime-version; bh=ityBS8jy2n/UFZcchfym0W3q00aTKczLFXEzP2PwVto=; b=xwajxSyEDvQuG5q6xuyN/eJKAoucduvEEK7QNzIrqyAgBR6Jalr53eNT77u+/f2U2d rgW+c0dX44i7gQMecUe5L3JhDtkbMHyo7EBEFNJv13zkDdy4Ip0aQlA5T3qNxGCX7gan 3ooN5TZvjwl8XVS18NfHtJBX6859dkhSKfl+QUjjpquuKjZdeHcLUqNc6cxE0qvdJ7Uq SmrNTB6JfSc6PXLmKWtzZXDCJqb8Y0uTHEqZNo4qEYyzPOilE6T6bbR9u/I559HPNb9L XBFMu/TB40RAC7AwderMZ8ae2ygztkjhNrKs0PsTZGa695yyEJCmhkXCJjS/FPQkpVT9 ekHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:message-id:date:user-agent :mime-version; bh=ityBS8jy2n/UFZcchfym0W3q00aTKczLFXEzP2PwVto=; b=anUGm30a+cazqySc+mpVS0ONgRsWYrmbj1rJbyXyp3BDtPztLnp/gDSI8GYpKJmUiA /JiueeCMzjEzUsiCrXbwOQiQB/bLrE3AqZS9VdG6SMMWcvL0p1XFR4kKazdS9hdDXeQY X/xUBDQXaldyTW9jKWZfasQioGULmxc309xZhrGNXihCUpfoJ1I5tj1CSzIvq3mk1Ur5 ZwfpnHBzlBTtzP2kG6Qb6fteu0lRgBz09AjcpX6V5DlUviHglOfiev4jPrFaVHOnpFp+ Ju4OPJ6CbB+ZWdsHhc/eaeG6zglj7iII3nc8wQ5qTyVIOPvN+BvDB4vXCnkn0GpuWbMJ M7Sw==
X-Gm-Message-State: AD7BkJI2F3fbcPjVBEFJNdxXonjQXVjMJgjFtOaOWvslE00UD/vtXUXv3Sar3X/sTdS73g==
X-Received: by 10.157.12.200 with SMTP id o8mr12509021otd.148.1459812577075; Mon, 04 Apr 2016 16:29:37 -0700 (PDT)
Received: from Chriss-Air.attlocal.net ([2602:306:838b:1c40:43a:4567:5271:7b4e]) by smtp.googlemail.com with ESMTPSA id v34sm9144552otv.0.2016.04.04.16.29.36 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 04 Apr 2016 16:29:36 -0700 (PDT)
From: Chris Lonvick <lonvick.ietf@gmail.com>
To: "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-roll-applicability-ami.all@ietf.org
Message-ID: <5702F8DE.8000809@gmail.com>
Date: Mon, 04 Apr 2016 18:29:34 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.7.1
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------030209010502070405060903"
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/TXdK7DdOtfsHUBizYhT5pKK5o_A>
Subject: [secdir] SECDIR review of draft-ietf-roll-applicability-ami-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Apr 2016 23:29:42 -0000

Hi,

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the IESG. 
These comments were written primarily for the benefit of the security 
area directors. Document editors and WG chairs should treat these 
comments just like any other last call comments.

Overall, the document looks great. This is a very information-dense 
document and the authors and contributors have done a wonderful job of 
putting it together. While I do not follow the technology, I was able to 
understand the concepts and I could see that the security considerations 
were appropriate.

Some very small nits that the authors may want to consider:
- the terms DODAG, DIO, and DAO are not expanded anywhere. (Yeah, I know 
I could go look them up... ;-)
- The 2nd paragraph in 9.3 ends with "Known schemes". I figure someone 
was going to write something more there.

Regards,
Chris

v2.23.0 | Report a Bug | By Email