[secdir] Secdir review of draft-ietf-pim-drlb-13
Carl Wallace <carl@redhoundsoftware.com> Sat, 09 November 2019 10:49 UTC
Return-Path: <carl@redhoundsoftware.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 512C512091E for <secdir@ietfa.amsl.com>; Sat, 9 Nov 2019 02:49:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FC6ybvZi08BJ for <secdir@ietfa.amsl.com>; Sat, 9 Nov 2019 02:49:36 -0800 (PST)
Received: from mail-yb1-xb30.google.com (mail-yb1-xb30.google.com [IPv6:2607:f8b0:4864:20::b30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEAC2120851 for <secdir@ietf.org>; Sat, 9 Nov 2019 02:49:35 -0800 (PST)
Received: by mail-yb1-xb30.google.com with SMTP id q18so4191216ybq.6 for <secdir@ietf.org>; Sat, 09 Nov 2019 02:49:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:message-id:thread-topic :mime-version:content-transfer-encoding; bh=3WxnjSmESfcDJjqh83SPcpJxnZsK+jNmy/woDJkAwPM=; b=ib+ga3ekUVdL5vylz1wAsrale0TbxI4AmRj7YQEr70AuAKOydUCXl7yB2nCzW6KNSf 0eLXWDCOrfOT/FsHesL93vBijHG8f87Np63z02u3UYW10V3uAv4JI5ZH3kMOQstfY0sz S67w+He3T6QXvvjYy/Y4bxu++9nRgm0w2vnGI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:mime-version:content-transfer-encoding; bh=3WxnjSmESfcDJjqh83SPcpJxnZsK+jNmy/woDJkAwPM=; b=aSUp+3D8NH7igdVDo0jLlcgXJMMfj27KEjIjpylVIYocs0X34G2cMSzK3NP0bvF6lP JdRjf0RGQ09fKvblojb7tUEw7wwe1mhbuDIuBVsaPKk/tXPvzA5PO9wBHm7+qHzfvBHP Fpcnjxm2u8NZQKxhJ7xXZm2yJPfeeuPQPZu7+N7h3JzGO7R6bFEMdfpSMdEMOKCu2Cnl ZYsRAiPR24qzNMxGFCZeQqJal35ETmT0z7P9P9Rx1Jgs31CbZFINuyxI8W61rVzzYKtE Anv58/2tahrPOLzoS7y5N7HOr1ydoQoAX3ETjZFYvTERsOgUE67VSMRXF3wJeR4EIvSZ TUyg==
X-Gm-Message-State: APjAAAVf940o4UBAH6ap3ii1/o1vS/baxl4Ss8+tBJncG9WV2S2a7q3E wXDyA70IguxbbQQZXHtavtaFy/ySN1PW/Q==
X-Google-Smtp-Source: APXvYqw938lo4Hddy8XsZR1xlL8hj11T3IcDcXxae9gx37yLdwgZL/2SkwB1+sdKI5ogWLoY6QRXgw==
X-Received: by 2002:a25:4057:: with SMTP id n84mr12290218yba.435.1573296574825; Sat, 09 Nov 2019 02:49:34 -0800 (PST)
Received: from [10.130.0.123] (rrcs-98-101-204-34.midsouth.biz.rr.com. [98.101.204.34]) by smtp.gmail.com with ESMTPSA id p126sm2502296ywc.16.2019.11.09.02.49.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 09 Nov 2019 02:49:33 -0800 (PST)
User-Agent: Microsoft-MacOutlook/10.10.f.191014
Date: Sat, 09 Nov 2019 05:49:33 -0500
From: Carl Wallace <carl@redhoundsoftware.com>
To: draft-ietf-pim-drlb-13.all@ietf.org, secdir@ietf.org, ietf@ietf.org
Message-ID: <2572EB02-5F21-451B-95EA-B7D8D2207AC8@redhoundsoftware.com>
Thread-Topic: Secdir review of draft-ietf-pim-drlb-13
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Xf6AB_K_qLwKxhsch6yx4VO7lqI>
Subject: [secdir] Secdir review of draft-ietf-pim-drlb-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Nov 2019 10:49:38 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document defines an extension to the PIM-SM protocol to allow some responsibilities of is Designated Router to be distributed amongst a set of routers instead of the router elected as DR. The document is well written and has clear examples. The security considerations references those of the DR as applicable to the new mechanism. This seems fine. One minor comment, the last sentence in the operational considerations section seemed odd to me. It wasn't clear to me why migration between different hash algorithms is not considered in this document (or why this is much different from changes in DR priority, which is also required to be considered as a GDR candidate). The document is ready to my eye.
- [secdir] Secdir review of draft-ietf-pim-drlb-13 Carl Wallace
- Re: [secdir] Secdir review of draft-ietf-pim-drlb… Benjamin Kaduk