[secdir] secdir review of draft-binay-tictoc-ptp-mib

"Salz, Rich" <rsalz@akamai.com> Wed, 02 March 2016 17:41 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 98CDA1B2F51; Wed, 2 Mar 2016 09:41:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.707
X-Spam-Status: No, score=-2.707 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.006, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id gFn-QOWqaHI8; Wed, 2 Mar 2016 09:41:43 -0800 (PST)
Received: from prod-mail-xrelay05.akamai.com (prod-mail-xrelay05.akamai.com []) by ietfa.amsl.com (Postfix) with ESMTP id E27A91B2F43; Wed, 2 Mar 2016 09:41:42 -0800 (PST)
Received: from prod-mail-xrelay05.akamai.com (localhost.localdomain []) by postfix.imss70 (Postfix) with ESMTP id BBEDE3F4013; Wed, 2 Mar 2016 17:41:41 +0000 (GMT)
Received: from prod-mail-relay11.akamai.com (prod-mail-relay11.akamai.com []) by prod-mail-xrelay05.akamai.com (Postfix) with ESMTP id A5BDB3F4012; Wed, 2 Mar 2016 17:41:41 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1456940501; bh=TTwSwOGJ+B6mCxDDLt86u/lCMsNPa1OO2Smbgwp4mJ0=; l=904; h=From:To:Date:From; b=s4nxG7ch4bto8V1Pq+kV72BYJJ2dlbBSoXE4MROqsiAltaAWli9JdiAWJYMqHT1Ai toAFaiP3TJek2O14bitt8CylO7aKciQ/YzcSHEtk6lTA60kNZ/mXPv+tBdVnLVNTwq igHKU9iNvYWx/tzuGJo4y7QaHOtiugK2cV8Sdq7Y=
Received: from email.msg.corp.akamai.com (usma1ex-cas2.msg.corp.akamai.com []) by prod-mail-relay11.akamai.com (Postfix) with ESMTP id A2D751FC88; Wed, 2 Mar 2016 17:41:41 +0000 (GMT)
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ( by usma1ex-dag1mb4.msg.corp.akamai.com ( with Microsoft SMTP Server (TLS) id 15.0.1130.7; Wed, 2 Mar 2016 12:41:41 -0500
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([]) by usma1ex-dag1mb1.msg.corp.akamai.com ([]) with mapi id 15.00.1130.005; Wed, 2 Mar 2016 12:41:41 -0500
From: "Salz, Rich" <rsalz@akamai.com>
To: "'iesg@ietf.org'" <iesg@ietf.org>, "'secdir@ietf.org'" <secdir@ietf.org>, "draft-vinay-tictoc-ptp-mib.all@tools.ietf.org" <draft-vinay-tictoc-ptp-mib.all@tools.ietf.org>
Thread-Topic: secdir review of draft-binay-tictoc-ptp-mib
Thread-Index: AdF0qjnK4/zyJuQBQOuVwbdY1gkHkg==
Date: Wed, 2 Mar 2016 17:41:40 +0000
Message-ID: <9b6fb08db3b1430da5f218033a4a5265@usma1ex-dag1mb1.msg.corp.akamai.com>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/WQtqM3wcogl5tchJTGyPfMlWrwg>
Subject: [secdir] secdir review of draft-binay-tictoc-ptp-mib
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2016 17:41:44 -0000

I have reviewed this document as part of the security directorate's  ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat  these comments just like any other last call comments.

Summary: ready with nits.

This is a read-only MIB.  I didn't realize that until the end.  PLEASE put that in the abstract.  Perhaps replace "objects for managing networks" to "objects for monitoring networks"

Also the abstract talks about SNMPv2 and v1.  Why are those mentioned?  And why called out in the abstract as important?  Perhaps add "For backward compatibility," at the start of that last sentence.

The security considerations sections seem fine.
Senior Architect, Akamai Technologies
IM: richsalz@jabber.at Twitter: RichSalz