Re: [secdir] secdir review of draft-ietf-pce-wson-routing-wavelength-14

"Adrian Farrel" <> Tue, 28 October 2014 14:17 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 721A31A890C; Tue, 28 Oct 2014 07:17:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id AN18cbaabr0j; Tue, 28 Oct 2014 07:17:39 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id BA8EE1A890A; Tue, 28 Oct 2014 07:17:38 -0700 (PDT)
Received: from (localhost.localdomain []) by (8.13.8/8.13.8) with ESMTP id s9SEEe4x029324; Tue, 28 Oct 2014 14:14:40 GMT
Received: from 950129200 ( []) (authenticated bits=0) by (8.13.8/8.13.8) with ESMTP id s9SEEcea029282 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 28 Oct 2014 14:14:39 GMT
From: "Adrian Farrel" <>
To: "'Dan Harkins'" <>
References: <>
In-Reply-To: <>
Date: Tue, 28 Oct 2014 14:17:30 -0000
Message-ID: <01ef01cff2b9$e9bbbc20$bd333460$>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJCQpGZ4tuqLs2ag90k+IsjrSH9t5tg6Qhg
Content-Language: en-gb
X-TM-AS-MML: disable
X-TM-AS-Product-Ver: IMSS-
X-TM-AS-Result: No--16.820-10.0-31-10
X-imss-scan-details: No--16.820-10.0-31-10
X-TMASE-MatchedRID: QfHZjzml1E/D66A+AisN3eYAh37ZsBDCC/ExpXrHizwfXPl3V+d6vt+X Q++q8wX3leq4KPTW4v/21SimJ9AOh5kiR/yCW3xP1yMJs9mBCcUXRHoL/W4Y6lpbYq2f4jz+sT6 GSFHInVUgbI7ygWn76YQXLYN5+rsPfUZxHkB4Szt1fPeXvwXdiS1sTReN4bEUdE0auG3MZh/Pv2 tEtLx7eCYUfEtNd2yEI+hdWX4lCBHDBNgbKIiiTEKcYi5Qw/RVo4jW7zSDg9lAzN12EZ9S+JMBN mFHEDBE4vM1YF6AJbZcLc3sLtjOt+TCMddcL/gjkGUtrowrXLg=
Subject: Re: [secdir] secdir review of draft-ietf-pce-wson-routing-wavelength-14
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 28 Oct 2014 14:17:46 -0000

Hi Dan,

Thanks for taking the time.

> This is a requirements document for additions to the PCEP protocol
> to support path computation in a wavelength-switched optical
> network. It describes what needs to be added to requests/responses
> to support routing and wavelength assignment to a path computation
> element (that supports both functions) for a path computation client.
> The security considerations are basically a punt. There's information
> that an operator may not want to disclose and "[c]onsideration should
> be given to securing this information." That seems a little thin. At the
> very least some explanation of how this should be done. Do only the
> TLVs that represent these required additions require confidentiality?
> Is KARP a potential solution to this problem? If so it might be nice to
> explain that; if not, then why and what else would be required?

As you say, it's a requirements document, so it may be a bit harsh to ask the
authors to describe how security should be provided.

We could possibly add a little text to the Security Considerations section to
explain who is supposed to catch the ball when we punt it.

I'll talk to the authors,