[secdir] secdir review of draft-ietf-softwire-map-t-06

Tom Yu <tlyu@mit.edu> Wed, 29 October 2014 17:54 UTC

Return-Path: <tlyu@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E42CB1A8760; Wed, 29 Oct 2014 10:54:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id llXtwfOLsOJ8; Wed, 29 Oct 2014 10:54:14 -0700 (PDT)
Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7F571A875D; Wed, 29 Oct 2014 10:54:13 -0700 (PDT)
X-AuditID: 1209190c-f795e6d000006c66-81-545129c4d977
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 26.13.27750.4C921545; Wed, 29 Oct 2014 13:54:12 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id s9THsB0D012183; Wed, 29 Oct 2014 13:54:12 -0400
Received: from localhost (sarnath.mit.edu [18.18.1.190]) (authenticated bits=0) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s9THsAUI007665; Wed, 29 Oct 2014 13:54:11 -0400
From: Tom Yu <tlyu@mit.edu>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-softwire-map-t.all@tools.ietf.org
Date: Wed, 29 Oct 2014 13:54:09 -0400
Message-ID: <ldvbnouwym6.fsf@sarnath.mit.edu>
Lines: 14
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrNIsWRmVeSWpSXmKPExsUixG6nrntEMzDEYPUSDYsH/b4WM/5MZLb4 sPAhiwOzx5IlP5k8vlz+zBbAFMVlk5Kak1mWWqRvl8CVsfjXXbaCh6wVX6ddYWtgvMPSxcjJ ISFgInHq7T9WCFtM4sK99WwgtpDAbCaJdU0yXYxcQPZGRont6zewQDhvGCVWdswB62ATkJY4 fnkXE4gtIhApsX/hfDBbWMBMYsHzm0A1HBwsAqoSfXvjQMK8AroSFxp7wBbzCHBKrO9/xggR F5Q4OfMJWJxZQEvixr+XTBMYeWchSc1CklrAyLSKUTYlt0o3NzEzpzg1Wbc4OTEvL7VI11Av N7NELzWldBMjKJw4JXl2ML45qHSIUYCDUYmH90VyQIgQa2JZcWXuIUZJDiYlUV4e5cAQIb6k /JTKjMTijPii0pzU4kOMEhzMSiK8WmpAOd6UxMqq1KJ8mJQ0B4uSOO+mH3whQgLpiSWp2amp BalFMFkZDg4lCd5MDaBGwaLU9NSKtMycEoQ0EwcnyHAeoOGFIDW8xQWJucWZ6RD5U4y6HC1N b3uZhFjy8vNSpcR5NUCKBECKMkrz4ObA0sArRnGgt4R5J4NU8QBTCNykV0BLmICWfJ4aALKk JBEhJdXAKMZvqig64/HUWemfWFpeZC3rtTB42Dorb9ZdXQUz3y+PucLfyLyWfZRbNyFn17ZX hcvnfZt5dW838+U0jt2cC3gmG5/IdNVKj77TlnF3sQ+jl3nj8qyn10rVdqul9mqfVWJ7MyFA 8fdtvQXC/3d8nxP/TTtRrVi2q9J5zrXK4CNVva/2XgybrcRSnJFoqMVcVJwIAPyD6TTeAgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/bfSaPoE7qusg7nlLSgg9pOmZUdI
Subject: [secdir] secdir review of draft-ietf-softwire-map-t-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Oct 2014 17:54:16 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors.  Document editors and WG chairs should treat these
comments just like any other last call comments.

Summary: ready with nits

The security considerations section of this document seems reasonable.
I am wondering if deploying MAP-T has any significant effect on
enumeration and topology probing attacks, but I suspect that any such
effects are minor.  If people with more experience than me in this area
have an opinion on this issue, it might be worth mentioning in the
security considerations.