[secdir] comments on draft-gont-intarea-obsolete-eid-option

"Dan Harkins" <dharkins@lounge.org> Mon, 12 November 2012 18:05 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD56C21F8539; Mon, 12 Nov 2012 10:05:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.265
X-Spam-Level:
X-Spam-Status: No, score=-6.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m5qdO+3Nd8M6; Mon, 12 Nov 2012 10:05:49 -0800 (PST)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 3C89A21F84BC; Mon, 12 Nov 2012 10:05:49 -0800 (PST)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id C4C681022400A; Mon, 12 Nov 2012 10:05:48 -0800 (PST)
Received: from 50.84.73.44 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Mon, 12 Nov 2012 10:05:48 -0800 (PST)
Message-ID: <2eb588abc880c49fa2444d4e4e06baee.squirrel@www.trepanning.net>
Date: Mon, 12 Nov 2012 10:05:48 -0800 (PST)
From: "Dan Harkins" <dharkins@lounge.org>
To: iesg@ietf.org, secdir@ietf.org, draft-gont-intarea-obsolete-eid-option.all@tools.ietf.org
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: [secdir] comments on draft-gont-intarea-obsolete-eid-option
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Nov 2012 18:05:49 -0000

  Hello,

  I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

  This draft instructs IANA to obsolete an entry in the v6 "Destination
Options and Hop-by-Hop Options" registry". That's it. Strip away the
boilerplate and this draft is about as long as the secdir review
boilerplate I added above.

  The option was used by the Nimrod routing architecture but, apparently,
wasn't deployed, hence the instruction to obsolete it. There are no
security issues with this draft and nothing for the ADs to pay close
attention to. My only suggested change would be entirely editorial
and that is to remove the "e.g" in the following sentence from the
Security Considerations:

      "[F]ormally deprecating this option may serve as a basis
       for e.g. providing advice about filtering packets containing
       such option (in a similar way to [I-D.ietf-opsec-ip-options-filtering]
       for the IPv4 case)."

It seems to me that "e.g" is superfluous; the sentence stands without
it. On the other hand, if there is some general class of behavior to which
this example belongs then say that this deprecation serves as a basis
for that class of behavior and give this specific example.

  regards,

  Dan.