[secdir] secdir review of draft-ietf-ccamp-assoc-ext-04

Leif Johansson <leifj@sunet.se> Wed, 29 August 2012 19:50 UTC

Return-Path: <leifj@sunet.se>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD35221F854D; Wed, 29 Aug 2012 12:50:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.028
X-Spam-Level:
X-Spam-Status: No, score=-3.028 tagged_above=-999 required=5 tests=[AWL=-0.429, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ogxiklWkOsGj; Wed, 29 Aug 2012 12:50:16 -0700 (PDT)
Received: from backup-server.nordu.net (backup-server.nordu.net [193.10.252.66]) by ietfa.amsl.com (Postfix) with ESMTP id B335B21F8545; Wed, 29 Aug 2012 12:50:15 -0700 (PDT)
Received: from [10.0.0.11] (ua-83-227-179-169.cust.bredbandsbolaget.se [83.227.179.169]) (authenticated bits=0) by backup-server.nordu.net (8.14.5/8.14.3) with ESMTP id q7TJmpE8009466 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 29 Aug 2012 21:48:57 +0200 (CEST)
Message-ID: <503E7223.2060005@sunet.se>
Date: Wed, 29 Aug 2012 21:48:51 +0200
From: Leif Johansson <leifj@sunet.se>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:14.0) Gecko/20120714 Thunderbird/14.0
MIME-Version: 1.0
To: "iesg@ietf.org" <iesg@ietf.org>, draft-ietf-ccamp-assoc-ext.all@tools.ietf.org, "secdir@ietf.org" <secdir@ietf.org>
X-Enigmail-Version: 1.4.4
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [secdir] secdir review of draft-ietf-ccamp-assoc-ext-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Aug 2012 19:50:17 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This draft describes use of RSVP ASSOCIATION objects that extends
their current use as defined by GMPLS.

The subject matter is well beyond my area of expertise so take this
review with a grain of salt.

In the security considerations section the authors basically say that
using ASSOCIATION objects for (say) VOIP call reservations doesn't
introduce any new security issues beyond those that already exist for
the GMPLS use of ASSOCIATION objects.

I suspect that may be simplifying the issue but I can't find any
obvious counter-examples.

	Regards
	Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlA+ch8ACgkQ8Jx8FtbMZndD9QCgijOhEHUlpvgcnjbadtiLvUWO
IZMAoKLD+m6VVMnvr133ICSZkfLTYryG
=xTw1
-----END PGP SIGNATURE-----