[secdir] Secdir last call review of draft-ietf-bess-evpn-optimized-ir-09
Derek Atkins via Datatracker <noreply@ietf.org> Thu, 07 October 2021 12:53 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 728CE3A101F; Thu, 7 Oct 2021 05:53:30 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Derek Atkins via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: bess@ietf.org, draft-ietf-bess-evpn-optimized-ir.all@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.38.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <163361121039.16337.12285140758441545338@ietfa.amsl.com>
Reply-To: Derek Atkins <derek@ihtfp.com>
Date: Thu, 07 Oct 2021 05:53:30 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/fAsS6YPiAXFGj6oiTjs4B504vGM>
Subject: [secdir] Secdir last call review of draft-ietf-bess-evpn-optimized-ir-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Oct 2021 12:53:33 -0000
Reviewer: Derek Atkins Review result: Ready Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: * Ready to Publish Details: * It is unclear to me how one would protect from a (D)DoS attack with a forged BM packet sent into the replicator and prevent amplification attacks. -derek
- [secdir] Secdir last call review of draft-ietf-be… Derek Atkins via Datatracker
- Re: [secdir] Secdir last call review of draft-iet… Rabadan, Jorge (Nokia - US/Mountain View)