[secdir] SecDir Review of draft-ietf-behave-dccp-03
Catherine Meadows <catherine.meadows@nrl.navy.mil> Tue, 21 October 2008 15:45 UTC
Return-Path: <secdir-bounces@ietf.org>
X-Original-To: secdir-archive@ietf.org
Delivered-To: ietfarch-secdir-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1A8053A6A39; Tue, 21 Oct 2008 08:45:51 -0700 (PDT)
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 56BA33A67C0; Tue, 21 Oct 2008 08:45:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.599
X-Spam-Level:
X-Spam-Status: No, score=-4.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, GB_I_LETTER=-2]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nmENTzD2JhgF; Tue, 21 Oct 2008 08:45:49 -0700 (PDT)
Received: from fw5540.nrl.navy.mil (fw5540.nrl.navy.mil [132.250.196.100]) by core3.amsl.com (Postfix) with ESMTP id 711793A6A7C; Tue, 21 Oct 2008 08:45:49 -0700 (PDT)
Received: from chacs.nrl.navy.mil (sun1.fw5540.net [10.0.0.11]) by fw5540.nrl.navy.mil (8.13.6/8.13.6) with ESMTP id m9LFl0PS014562; Tue, 21 Oct 2008 11:47:00 -0400 (EDT)
Received: from chacs.nrl.navy.mil (sun1 [10.0.0.11]) by chacs.nrl.navy.mil (8.13.6/8.13.6) with SMTP id m9LFkuBR028627; Tue, 21 Oct 2008 11:46:58 -0400 (EDT)
Received: from enkidu.fw5540.net ([10.0.3.64]) by chacs.nrl.navy.mil (SMSSMTP 4.1.16.48) with SMTP id M2008102111465707796 ; Tue, 21 Oct 2008 11:46:57 -0400
Message-Id: <A627C94E-3550-46AB-936F-0208AE304014@nrl.navy.mil>
From: Catherine Meadows <catherine.meadows@nrl.navy.mil>
To: secdir@ietf.org, iesg@ietf.org, rem@videolan.org, dthaler@microsoft.com, dwing@cisco.com
Mime-Version: 1.0 (Apple Message framework v929.2)
Date: Tue, 21 Oct 2008 11:45:51 -0400
X-Mailer: Apple Mail (2.929.2)
Subject: [secdir] SecDir Review of draft-ietf-behave-dccp-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Sender: secdir-bounces@ietf.org
Errors-To: secdir-bounces@ietf.org
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft gives a set of behavioral requirements for network address translation for DCCP. In the secure considerations section, the authors discuss the requirements that have security considerations, and give recommendations. This mostly looks in good shape, but I have trouble understanding the discussion of Requirement 5 in this section. It reads, in its entirety: REQ-5 recommends that a NAT that passively monitors DCCP state keep idle sessions alive for at least 124 minutes or 4 minutes depending on the state of the connection. it may attempt to actively determine the liveliness of a DCCP connection or let the NAT administrator configure more conservative timeouts. It's unclear what the relationship is to security is here. The discussion needs to make that explicit. Some minor nits: "problems. and" in the discussion of REQ-4 should be "problems and" Second sentence in the discussion of REQ-5 should begin with a capital letter. Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows@nrl.navy.mil _______________________________________________ secdir mailing list secdir@ietf.org https://www.ietf.org/mailman/listinfo/secdir
- [secdir] SecDir Review of draft-ietf-behave-dccp-… Catherine Meadows
- Re: [secdir] SecDir Review of draft-ietf-behave-d… Catherine Meadows
- Re: [secdir] SecDir Review of draft-ietf-behave-d… Rémi Denis-Courmont