Re: [secdir] Secdir review of draft-ietf-sfc-control-plane-02

<mohamed.boucadair@orange.com> Fri, 04 December 2015 06:24 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 378211B2BDE for <secdir@ietfa.amsl.com>; Thu, 3 Dec 2015 22:24:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id niQTXt_EJf6J for <secdir@ietfa.amsl.com>; Thu, 3 Dec 2015 22:24:29 -0800 (PST)
Received: from relais-inet.francetelecom.com (relais-ias91.francetelecom.com [193.251.215.91]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4AAD81B2B11 for <secdir@ietf.org>; Thu, 3 Dec 2015 22:24:29 -0800 (PST)
Received: from omfedm07.si.francetelecom.fr (unknown [xx.xx.xx.3]) by omfedm13.si.francetelecom.fr (ESMTP service) with ESMTP id E0AF33247DD; Fri, 4 Dec 2015 07:24:27 +0100 (CET)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [10.114.31.57]) by omfedm07.si.francetelecom.fr (ESMTP service) with ESMTP id BF3EB4C05D; Fri, 4 Dec 2015 07:24:27 +0100 (CET)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM23.corporate.adroot.infra.ftgroup ([fe80::787e:db0c:23c4:71b3%19]) with mapi id 14.03.0248.002; Fri, 4 Dec 2015 07:24:27 +0100
From: <mohamed.boucadair@orange.com>
To: Catherine Meadows <catherine.meadows@nrl.navy.mil>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-sfc-control-plane.all@tools.ietf.org" <draft-ietf-sfc-control-plane.all@tools.ietf.org>
Thread-Topic: Secdir review of draft-ietf-sfc-control-plane-02
Thread-Index: AQHRLd52aRpOIzp1RECnKia2ZvD6vZ66W9Jg
Date: Fri, 4 Dec 2015 06:24:27 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B933008CB135C@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <4B3DAAC7-2926-47AD-8E43-322DA7BA9F6A@nrl.navy.mil>
In-Reply-To: <4B3DAAC7-2926-47AD-8E43-322DA7BA9F6A@nrl.navy.mil>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.3]
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B933008CB135COPEXCLILMA3corp_"
MIME-Version: 1.0
X-PMX-Version: 6.2.1.2478543, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2015.12.4.54515
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/YasfPvLWLeAV1yoqtnjf19PxdoQ>
Subject: Re: [secdir] Secdir review of draft-ietf-sfc-control-plane-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Dec 2015 06:24:31 -0000

Dear Catherine,

Thank you very much for the review.

Cheers,
Med

De : Catherine Meadows [mailto:catherine.meadows@nrl.navy.mil]
Envoyé : jeudi 3 décembre 2015 16:22
À : secdir@ietf.org; iesg@ietf.org; draft-ietf-sfc-control-plane.all@tools.ietf.org
Cc : Catherine Meadows
Objet : Secdir review of draft-ietf-sfc-control-plane-02

A Service Function Chain is a chain of different services (firewalls, load balancers, etc.) that are stitched together to provide a coordinated service.
This document describes requirements for conveying information between Service Function Chaining (SFC) control elements and SFC function elements,
and identifies a set of interfaces to interact with SFC-aware elements to establish, maintain or recover service function chains.  However, recommendations
and specifications of specific protocols are explicitly out of scope.

The Security Considerations section of this document identifies the various security threats and requirements.  It is very well-thought out and comprehensive.
  It stops short of recommending any particular techniques (except in the very broad sense, e.g. authentication), but this is very much in the spirit of the
rest of the document, whose purpose is to identify requirements rather than to recommend specific solutions.

I consider this document READY.

Catherine Meadows
Naval Research Laboratory
Code 5543
4555 Overlook Ave., S.W.
Washington DC, 20375
phone: 202-767-3490
fax: 202-404-7942
email: catherine.meadows@nrl.navy.mil<mailto:catherine.meadows@nrl.navy.mil>