[secdir] Secdir last call review of draft-ietf-rtgwg-multihomed-prefix-lfa-07

Adam Montville <adam.w.montville@gmail.com> Sat, 06 October 2018 16:46 UTC

Return-Path: <adam.w.montville@gmail.com>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id CE9C6130E0C; Sat, 6 Oct 2018 09:46:47 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Adam Montville <adam.w.montville@gmail.com>
To: <secdir@ietf.org>
Cc: draft-ietf-rtgwg-multihomed-prefix-lfa.all@ietf.org, ietf@ietf.org, rtgwg@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.85.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <153884440779.19283.3433013141521591146@ietfa.amsl.com>
Date: Sat, 06 Oct 2018 09:46:47 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/cjxdS3sl1qvRkcU1WfoMHbghaKU>
Subject: [secdir] Secdir last call review of draft-ietf-rtgwg-multihomed-prefix-lfa-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Oct 2018 16:46:48 -0000

Reviewer: Adam Montville
Review result: Ready

This draft does not seem to introduce any security considerations beyond what
has already been treated in RFC5286, provided the last claim in the security
considerations of RFC5286 still hold (label information is to neighbors with a
trusted LDP session).

One suggestion I have is to rewrite the last sentence of the security
considerations of this draft. At present that sentence ends up with, "...this
does not introduce any new security issues *other than* as noted in the LFA
base specification..." (emphasis added), which seems to suggest that the
existing RFC has somehow introduced a new security issue to this draft.

Perhaps something like, "This document does not change any of the discussed
protocol specifications [insert list here], and the security considerations of
the LFA base specification [RFC5286] therefore continue to apply." Or something
like that.

Kind regards,

Adam