[secdir] Review of draft-ietf-sidr-rpki-rtr-rfc6810-bis-08

Matthew Miller <linuxwolf+ietf@outer-planes.net> Mon, 06 March 2017 16:41 UTC

Return-Path: <linuxwolf+ietf@outer-planes.net>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C51881298A5; Mon, 6 Mar 2017 08:41:00 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Matthew Miller <linuxwolf+ietf@outer-planes.net>
To: <secdir@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.46.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <148881846080.15058.7367435968376657921.idtracker@ietfa.amsl.com>
Date: Mon, 06 Mar 2017 08:41:00 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/c7IQYqseD9mCusi0FFeWWHmcsbg>
Cc: draft-ietf-sidr-rpki-rtr-rfc6810-bis.all@ietf.org, ietf@ietf.org, sidr@ietf.org
Subject: [secdir] Review of draft-ietf-sidr-rpki-rtr-rfc6810-bis-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Mar 2017 16:41:01 -0000

Reviewer: Matthew Miller
Review result: Has Nits

[ re-posting old review to get it onto the mailing list archives; some
bugs prevented it the first time ]

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat

these comments just like any other last call comments.

Document:
Reviewer: Matthew A. Miller
Review Date: 2017-02-14
IETF LC End Date: 2017-01-30
IESG Telechat date: 2017-02-16

Summary:

This document is ready for publication as a Proposed Standard, but
has
a minor concern that should be addressed.

This document describes a protocol for distributing RPKI information
to routers from trusted caches.

Major issues:  NONE

Minor issues:

* In Section 5.1. "Fields of a PDU", for the Flags: definition, it
states that:

    """
    The remaining bits in the flags field are reserved for future
use.
    In protocol version 1, they MUST be 0 on transmission and SHOULD
    be ignored on receipt.
    """

However, this seems backwards to me.  Would it seem safer that the
reserved flags "MUST be ignored on receipt".


Nits/editorial comments: NONE