[secdir] Secdir review of draft-ietf-manet-nhdp-olsrv2-tlv-extension-01

Tero Kivinen <kivinen@iki.fi> Mon, 10 February 2014 14:20 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E4861A085F; Mon, 10 Feb 2014 06:20:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9_qh2zTegMGt; Mon, 10 Feb 2014 06:20:03 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.kivinen.iki.fi [IPv6:2001:1bc8:100d::2]) by ietfa.amsl.com (Postfix) with ESMTP id 7793D1A0863; Mon, 10 Feb 2014 06:05:35 -0800 (PST)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.7/8.14.5) with ESMTP id s1AE5X1D003080 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 10 Feb 2014 16:05:33 +0200 (EET)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.7/8.12.11) id s1AE5WJ2014785; Mon, 10 Feb 2014 16:05:32 +0200 (EET)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <21240.56492.25650.629460@fireball.kivinen.iki.fi>
Date: Mon, 10 Feb 2014 16:05:32 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-manet-nhdp-olsrv2-tlv-extension.all@tools.ietf.org
X-Edit-Time: 8 min
X-Total-Time: 8 min
Subject: [secdir] Secdir review of draft-ietf-manet-nhdp-olsrv2-tlv-extension-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Feb 2014 14:20:11 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document seems to fix some cases in the NHDP and OLSRv2 TLVs
where the original document might have been considered saying that
unknown values in the TLVs can be used as a reason to reject message.
This document makes it clear how unknown values in the TLVs needs to
be processed. This document also creates several IANA registries for
the TLV values and changes couple of the TLV values from numbers to
bitfields (the existing values were already allocated so that the
numbers can be parsed as bitfield).

Security considerations section mentions that as this does not really
change the current implementations, it more or less describes how new
extensions should be processed with implementations it does not add
any new security considerations. New extensions might of course add
new security considerations but those should be addressed in the
documents which make those extensions.

The document is ready with nits.

Some nits:

In the IANA considerations section the IANA is used both in singular
and plural, i.e. it says both "IANA is requested" and "IANA are
requested". This should be fixed to say "IANA is requested". 
-- 
kivinen@iki.fi