Re: [secdir] Secdir review of draft-ietf-sfc-control-plane-02

<> Fri, 04 December 2015 06:24 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 378211B2BDE for <>; Thu, 3 Dec 2015 22:24:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id niQTXt_EJf6J for <>; Thu, 3 Dec 2015 22:24:29 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4AAD81B2B11 for <>; Thu, 3 Dec 2015 22:24:29 -0800 (PST)
Received: from (unknown [xx.xx.xx.3]) by (ESMTP service) with ESMTP id E0AF33247DD; Fri, 4 Dec 2015 07:24:27 +0100 (CET)
Received: from Exchangemail-eme2.itn.ftgroup (unknown []) by (ESMTP service) with ESMTP id BF3EB4C05D; Fri, 4 Dec 2015 07:24:27 +0100 (CET)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM23.corporate.adroot.infra.ftgroup ([fe80::787e:db0c:23c4:71b3%19]) with mapi id 14.03.0248.002; Fri, 4 Dec 2015 07:24:27 +0100
From: <>
To: Catherine Meadows <>, "" <>, "" <>
Thread-Topic: Secdir review of draft-ietf-sfc-control-plane-02
Thread-Index: AQHRLd52aRpOIzp1RECnKia2ZvD6vZ66W9Jg
Date: Fri, 4 Dec 2015 06:24:27 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B933008CB135C@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <>
In-Reply-To: <>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B933008CB135COPEXCLILMA3corp_"
MIME-Version: 1.0
X-PMX-Version:, Antispam-Engine:, Antispam-Data: 2015.12.4.54515
Archived-At: <>
Subject: Re: [secdir] Secdir review of draft-ietf-sfc-control-plane-02
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 04 Dec 2015 06:24:31 -0000

Dear Catherine,

Thank you very much for the review.


De : Catherine Meadows []
Envoyé : jeudi 3 décembre 2015 16:22
À :;;
Cc : Catherine Meadows
Objet : Secdir review of draft-ietf-sfc-control-plane-02

A Service Function Chain is a chain of different services (firewalls, load balancers, etc.) that are stitched together to provide a coordinated service.
This document describes requirements for conveying information between Service Function Chaining (SFC) control elements and SFC function elements,
and identifies a set of interfaces to interact with SFC-aware elements to establish, maintain or recover service function chains.  However, recommendations
and specifications of specific protocols are explicitly out of scope.

The Security Considerations section of this document identifies the various security threats and requirements.  It is very well-thought out and comprehensive.
  It stops short of recommending any particular techniques (except in the very broad sense, e.g. authentication), but this is very much in the spirit of the
rest of the document, whose purpose is to identify requirements rather than to recommend specific solutions.

I consider this document READY.

Catherine Meadows
Naval Research Laboratory
Code 5543
4555 Overlook Ave., S.W.
Washington DC, 20375
phone: 202-767-3490
fax: 202-404-7942