Re: [secdir] Security review: draft-ietf-mpls-soft-preemption-18.txt
Stephen Kent <kent@bbn.com> Mon, 07 September 2009 15:16 UTC
Return-Path: <kent@bbn.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 03ECA3A69C9 for <secdir@core3.amsl.com>; Mon, 7 Sep 2009 08:16:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.567
X-Spam-Level:
X-Spam-Status: No, score=-2.567 tagged_above=-999 required=5 tests=[AWL=0.032, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N9hm267rAuO8 for <secdir@core3.amsl.com>; Mon, 7 Sep 2009 08:16:28 -0700 (PDT)
Received: from mx11.bbn.com (mx11.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id 2D8823A695A for <secdir@ietf.org>; Mon, 7 Sep 2009 08:16:28 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15] helo=[192.168.1.5]) by mx11.bbn.com with esmtp (Exim 4.60) (envelope-from <kent@bbn.com>) id 1Mkf1a-0007uO-Dh; Mon, 07 Sep 2009 10:16:54 -0400
Mime-Version: 1.0
Message-Id: <p06240809c6cad2cc37b4@[192.168.1.5]>
In-Reply-To: <FED2184CF597405083AE68F9F2DFCE19@your029b8cecfe>
References: <200909040212.n842CS3M028820@harbor.orleans.occnc.com> <FED2184CF597405083AE68F9F2DFCE19@your029b8cecfe>
Date: Mon, 07 Sep 2009 11:10:49 -0400
To: Adrian Farrel <Adrian.Farrel@huawei.com>
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: mpls-chairs@tools.ietf.org, secdir <secdir@ietf.org>, draft-ietf-mpls-soft-preemption@tools.ietf.org
Subject: Re: [secdir] Security review: draft-ietf-mpls-soft-preemption-18.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Sep 2009 15:16:29 -0000
At 12:04 PM +0100 9/4/09, Adrian Farrel wrote: >Hi Stephen, > >Thanks for your review. After discussion with the authors, I have >added an RFC Editor note as follows. > >Thanks, >Adrian > >Section 10 >OLD > This document does not introduce new security issues. The security > considerations pertaining to the original RSVP protocol [RFC3209] > remain relevant. >NEW > This document does not introduce new security issues. The security > considerations pertaining to the original RSVP protocol [RFC3209] > remain relevant. Further details about MPLS security considerations > can be found in [I-D.ietf-mpls-mpls-and-gmpls-security]. > > As noted in Section 6.1, soft preemption may result in temporary link > under provisioning condition while the soft preempted TE LSPs are > rerouted by their respective head-end LSRs. Although this is a less > serious condition than false hard preemption, and despite the > mitigation procedures described in Section 6.1, network operators > should be aware of the risk to their network should the soft > preemption processes be subverted, and should apply the relevant MPLS > control plane security techniques to protect against attacks. >--- >Section 13.2 >ADD > [I-D.ietf-mpls-mpls-and-gmpls-security] Fang, L. Ed., "Security > Framework for MPLS and GMPLS Networks", draft-ietf-mpls- > mpls-and-gmpls-security-framework-06.txt, work in > progress. Thanks for the reply. I these minor text changes address my concerns. Steve
- [secdir] Security review: draft-ietf-mpls-soft-pr… Adrian Farrel
- Re: [secdir] Security review: draft-ietf-mpls-sof… Stephen Kent