[secdir] Secdir last call review of draft-ietf-teas-rsvp-ingress-protection-13
Joseph Salowey <joe@salowey.net> Wed, 28 February 2018 06:57 UTC
Return-Path: <joe@salowey.net>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E72B612DA14; Tue, 27 Feb 2018 22:57:43 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Joseph Salowey <joe@salowey.net>
To: secdir@ietf.org
Cc: iesg@ietf.org, teas@ietf.org, draft-ietf-teas-rsvp-ingress-protection.all@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.73.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <151980106388.5124.1750215397283002470@ietfa.amsl.com>
Date: Tue, 27 Feb 2018 22:57:43 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/awOHHDaBpO0o7pCDoxlHmOOzEWs>
Subject: [secdir] Secdir last call review of draft-ietf-teas-rsvp-ingress-protection-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Feb 2018 06:57:44 -0000
Reviewer: Joseph Salowey Review result: Ready I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. In general I felt that the document was a bit difficult to read and the issues raised in the Genart and RTG reviews should be addressed. >From a security point of view I believe the document is ready, but I have a comment below that might improve the document. I find the security considerations as reference to other documents a bit unsettling, however, based on my somewhat limited understanding of RSVP it think it is accurate in this case. The problem I have with the security considerations as reference is that most implementors are probably are not going to follow the links to the other documents to find out what security wisdom lies therein. If the document pointed to specific considerations in other documents that were particularly relevant to this document that would be an improvement. I couldn't work my way back through the chain of references to something specific, but someone with a bit more RSVP domain knowledge may be able to make some specific recommendations.
- [secdir] Secdir last call review of draft-ietf-te… Joseph Salowey
- Re: [secdir] Secdir last call review of draft-iet… Huaimo Chen