[secdir] Secdir review of draft-ietf-idr-ix-bgp-route-server-10

"Waltermire, David A. (Fed)" <david.waltermire@nist.gov> Mon, 06 June 2016 00:33 UTC

Return-Path: <david.waltermire@nist.gov>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E51C812D1BB; Sun, 5 Jun 2016 17:33:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pT2xvISIMY9p; Sun, 5 Jun 2016 17:33:09 -0700 (PDT)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0120.outbound.protection.outlook.com [23.103.201.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8224B12D09A; Sun, 5 Jun 2016 17:33:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=g2KL9iHfYMSJWVtfrez9BXeDQUxnDhLrJlxfhS7Lo6Q=; b=x0DawwM+/scjZ+Svj9rNY+L+spH1ruyjztRYsptq3QuSl0aThFfrjWHbvpExtWGxIjyY0vg3RuxOf4sdUrn81YN97B7cGTSriQdW63GXZrdm60xwqmylYw6lJ326uWSUsy/yMROHTIzNUMsBQ2RTQJb+m55XV+IQbtTYMdh2UHY=
Received: from DM2PR09MB0365.namprd09.prod.outlook.com (10.160.247.18) by DM2PR09MB0366.namprd09.prod.outlook.com (10.160.247.20) with Microsoft SMTP Server (TLS) id 15.1.506.9; Mon, 6 Jun 2016 00:33:04 +0000
Received: from DM2PR09MB0365.namprd09.prod.outlook.com ([10.160.247.18]) by DM2PR09MB0365.namprd09.prod.outlook.com ([10.160.247.18]) with mapi id 15.01.0506.014; Mon, 6 Jun 2016 00:33:04 +0000
From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-idr-ix-bgp-route-server.all@ietf.org" <draft-ietf-idr-ix-bgp-route-server.all@ietf.org>
Thread-Topic: Secdir review of draft-ietf-idr-ix-bgp-route-server-10
Thread-Index: AdG/hLlPQmwDmXgkRK61Q8ZB5wAFgw==
Date: Mon, 6 Jun 2016 00:33:04 +0000
Message-ID: <DM2PR09MB0365563370AB330550517C50F05C0@DM2PR09MB0365.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=nist.gov;
x-originating-ip: [129.6.224.58]
x-ms-office365-filtering-correlation-id: 98b05895-e579-43a4-023a-08d38da21ff7
x-microsoft-exchange-diagnostics: 1; DM2PR09MB0366; 5:mn3qA//sRaRGcphBfPIUx+8tmnclR1hWOux44G4u/jDH7XzKDEZsO0E4tflb1Z0FXWFclZ2x3HgrjPI13Oaxsy9tAHIo1rabqBbAObwWvMGwtk8eyaSW39UYnbPrecRB0Af9s8Oy15wy92iuJTyPkg==; 24:pdEH6lY9dqUmVoQIA0ChgxEWDD7115bniBracARoZzO8o5rKR9RsfEHNGOOqUWBZr6JipZEeCmmtpUSSUIYZ/ANPncvmaZLsohDsRCaHsIo=; 7:7FjPoMyX+FBdXB76eVT4GNI8dm4uH2yEanrppEZwMz6Q4iH7ZhCP9Hf80XetYzbDHuTCrj4O3OkhPsUSf1Ass74tnmqFjCtMghlukC4trI0s0aFvt+dI+mcQFMPjCl09eaneh38U621xhkfh9AXLb3dH3tuxish4KlarbvCkBnMdwqbH3E7fuYxSbhKv+Rok3JMXGzreA3XFoPBAa0emGTzJ5nRuUXnZZSszGWmf6s0=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR09MB0366;
x-microsoft-antispam-prvs: <DM2PR09MB0366507CAC6E4772D930704AF05C0@DM2PR09MB0366.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026); SRVR:DM2PR09MB0366; BCL:0; PCL:0; RULEID:; SRVR:DM2PR09MB0366;
x-forefront-prvs: 096507C068
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(92566002)(2501003)(2906002)(81166006)(76576001)(74316001)(5003600100002)(5004730100002)(189998001)(107886002)(5002640100001)(6116002)(9686002)(8676002)(102836003)(586003)(3846002)(8936002)(3660700001)(230783001)(10400500002)(86362001)(87936001)(77096005)(5008740100001)(66066001)(99286002)(2900100001)(54356999)(2201001)(122556002)(33656002)(11100500001)(50986999)(450100001)(3280700002)(5001770100001)(229853001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR09MB0366; H:DM2PR09MB0365.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jun 2016 00:33:04.4871 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR09MB0366
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/_L9STYB9VqXWHzTLCZrPAeYIDCk>
Subject: [secdir] Secdir review of draft-ietf-idr-ix-bgp-route-server-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jun 2016 00:33:12 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

Summary: ready with (potential) issues.

This standards track draft describes a method to exchange routing information between 3 or more BGP peers on shared network access media. The approach is intended to reduce the overhead involved in sharing routes in densely populated interconnection points through the use of a common route broker.

I found the draft clearly articulates the problem it is trying to solve.

The following is a minor nit on the organization of the text:

In general the security considerations section covers the issues fairly well. In the first paragraph, the last sentence suggests that steps should be taken to address path hiding, but the text does not point to the text in section 2.3.2 on this topic. One way to improve this consideration would be to move the text in 2.3.3 to the end of this paragraph. Section 2.3.3 is adjacent to the security consideration section, so I don't see this as a significant change.

Some (potentially) minor issues:

A number of the requirements in section 2.2 and the subsections define requirements that differ and often conflict with requirements in RFC 4271. It would be good to indicate this at the start of 2.2.  Should this relationship also be called out in the abstract?

I am not an expert in BGP security, so please consider this issue in that context:

The statement at the end of the security considerations section points the reader to RFC7454. I was left wondering if this draft changes any of considerations in RFC7454. It would be beneficial if some text was added to this draft speaking to this point. Again not being an expert in BGP security, I am not certain what the new text should say on this matter.

Regards,
Dave Waltermire