Re: [secdir] Secdir last call review of draft-ietf-bfd-yang-09

"Reshad Rahman (rrahman)" <> Fri, 02 February 2018 03:01 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C9AC112EB14; Thu, 1 Feb 2018 19:01:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -14.531
X-Spam-Status: No, score=-14.531 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dLlgia-NglUX; Thu, 1 Feb 2018 19:01:27 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0B1241205D3; Thu, 1 Feb 2018 19:01:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=2176; q=dns/txt; s=iport; t=1517540487; x=1518750087; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=PjdUJsdvrppO/MzFX/scYaIzh2h2A5syxBVwtowbPFI=; b=g6WtkVe1rCx7kgxyI+ZgFj06QM6xiv+jpYysmoEY/gEcvQkj+7u4pbAJ t1gLb9PpNzK9/Ifc4ho1hGlGDzTtoZYQlzFlJvJW2DZv8JM/s7/7bCVsM lVbihQDUDaih35d0dgYzyJe8zcyX/DpoSjuxfUpmEOQq9SPK4O2NNpfEp U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.46,445,1511827200"; d="scan'208";a="350742710"
Received: from ([]) by with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Feb 2018 03:01:26 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id w1231QZc023796 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 2 Feb 2018 03:01:26 GMT
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1320.4; Thu, 1 Feb 2018 21:01:25 -0600
Received: from ([]) by ([]) with mapi id 15.00.1320.000; Thu, 1 Feb 2018 21:01:25 -0600
From: "Reshad Rahman (rrahman)" <>
To: Christian Huitema <>, "" <>
CC: "" <>, "" <>, "" <>
Thread-Topic: Secdir last call review of draft-ietf-bfd-yang-09
Thread-Index: AQHTm62AiPKYaoJtDUuDmicV6NCuCqOQ0XOA
Date: Fri, 2 Feb 2018 03:01:25 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/f.27.0.171010
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-ID: <>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [secdir] Secdir last call review of draft-ietf-bfd-yang-09
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 02 Feb 2018 03:01:29 -0000

Christian, thank you for the review.

Regarding the concern expressed below, the alarm is issued at the other end via the Notifications (section 2.3).


On 2018-02-01, 5:39 PM, "Christian Huitema" <>; wrote:

    Reviewer: Christian Huitema
    Review result: Has Nits
    BFD, defined in RFC5880, is a protocol intended to detect faults in the
    bidirectional path between two forwarding engines, including interfaces, data
    link(s), and to the extent possible the forwarding engines themselves, with
    potentially very low latency. The Yang module defined in this draft enables
    management of this protocol, such as toggling parameters or receiving
    As stated in the security section, the module is "to be accessed via the
    NETCONF protocol [RFC6241]", and as such its security is pretty much tied to
    that of NETCONF.
    My only nit comes from reading section 6.8.16 of RFC 5880, about
    "Administrative Control". This points to an obvious issue when the
    administrator of a router disables BFD on a particular link, either by mistake
    or by malice. This will make future failures harder to notify, and can affect
    operation of the network. Nothing much can be done about that on the node
    itself, but I would expect that disabling BFD would raise some kind of alarm at
    the other end of the link. I did not understand how that alarm is described in
    the Yang module, but that may be because I am not all that familiar with Yang.