[secdir] secdir review of draft-ietf-ippm-spatial-composition-15.txt

Stephen Hanna <shanna@juniper.net> Mon, 19 July 2010 06:33 UTC

Return-Path: <shanna@juniper.net>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F1B083A687A; Sun, 18 Jul 2010 23:33:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.374
X-Spam-Level:
X-Spam-Status: No, score=-5.374 tagged_above=-999 required=5 tests=[AWL=1.225, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bWjNbKfyaSyK; Sun, 18 Jul 2010 23:33:23 -0700 (PDT)
Received: from exprod7og125.obsmtp.com (exprod7og125.obsmtp.com [64.18.2.28]) by core3.amsl.com (Postfix) with ESMTP id 123EC3A6407; Sun, 18 Jul 2010 23:33:19 -0700 (PDT)
Received: from source ([66.129.224.36]) (using TLSv1) by exprod7ob125.postini.com ([64.18.6.12]) with SMTP ID DSNKTEPxvQmWj8J3gtwFaD3PQH1W4wItzCuC@postini.com; Sun, 18 Jul 2010 23:33:37 PDT
Received: from p-emfe02-wf.jnpr.net (172.28.145.25) by P-EMHUB03-HQ.jnpr.net (172.24.192.37) with Microsoft SMTP Server (TLS) id 8.2.254.0; Sun, 18 Jul 2010 23:31:34 -0700
Received: from EMBX01-WF.jnpr.net ([fe80::1914:3299:33d9:e43b]) by p-emfe02-wf.jnpr.net ([fe80::c126:c633:d2dc:8090%11]) with mapi; Mon, 19 Jul 2010 02:31:34 -0400
From: Stephen Hanna <shanna@juniper.net>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "draft-ietf-ippm-spatial-composition@tools.ietf.org" <draft-ietf-ippm-spatial-composition@tools.ietf.org>
Date: Mon, 19 Jul 2010 02:31:33 -0400
Thread-Topic: secdir review of draft-ietf-ippm-spatial-composition-15.txt
Thread-Index: AcslEFISFuNQhbB+QaW6sG9LyNEL5AB3/Z6A
Message-ID: <AC6674AB7BC78549BB231821ABF7A9AE904E26753F@EMBX01-WF.jnpr.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-cr-puzzleid: {AB750BE7-0792-482F-8946-66359297442E}
x-cr-hashedpuzzle: CIyY C+jl DuBn FSIx G47F IzIM aqK4 ce6x cxP0 dvoy f2xa mnAj n1Sp ocmL p7GV q8ta; 4; ZAByAGEAZgB0AC0AaQBlAHQAZgAtAGkAcABwAG0ALQBzAHAAYQB0AGkAYQBsAC0AYwBvAG0AcABvAHMAaQB0AGkAbwBuAEAAdABvAG8AbABzAC4AaQBlAHQAZgAuAG8AcgBnADsAaQBlAHMAZwBAAGkAZQB0AGYALgBvAHIAZwA7AGkAZQB0AGYAQABpAGUAdABmAC4AbwByAGcAOwBzAGUAYwBkAGkAcgBAAGkAZQB0AGYALgBvAHIAZwA=; Sosha1_v1; 7; {AB750BE7-0792-482F-8946-66359297442E}; cwBoAGEAbgBuAGEAQABqAHUAbgBpAHAAZQByAC4AbgBlAHQA; Mon, 19 Jul 2010 03:20:53 GMT; cwBlAGMAZABpAHIAIAByAGUAdgBpAGUAdwAgAG8AZgAgAGQAcgBhAGYAdAAtAGkAZQB0AGYALQBpAHAAcABtAC0AcwBwAGEAdABpAGEAbAAtAGMAbwBtAHAAbwBzAGkAdABpAG8AbgAtADEANQAuAHQAeAB0AA==
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [secdir] secdir review of draft-ietf-ippm-spatial-composition-15.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jul 2010 06:33:25 -0000

I have reviewed this document as part of the security directorate's  
ongoing effort to review all IETF documents being processed by the  
IESG.  These comments were written primarily for the benefit of the  
security area directors.  Document editors and WG chairs should treat  
these comments just like any other last call comments.

This document gives guidance on composing path metrics from sub-path
metrics within the IP Performance Metrics framework. I am not an
expert on IPPM but after some analysis I have concluded that the
security considerations in this draft are adequate. They raise all
the relevant security issues that I could come up with and provide
guidance for how those issues can be addressed.