[secdir] sec-dir review of draft-ietf-bfd-unsolicited-11.txt
Derek Atkins <derek@ihtfp.com> Thu, 01 December 2022 14:18 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAE67C14CEE1; Thu, 1 Dec 2022 06:18:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kYUte5HeKWyd; Thu, 1 Dec 2022 06:18:39 -0800 (PST)
Received: from mail.ihtfp.org (MAIL.IHTFP.ORG [204.107.200.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C2F2C14CF13; Thu, 1 Dec 2022 06:18:38 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.ihtfp.org (Postfix) with ESMTP id 34BFD8095A03; Thu, 1 Dec 2022 09:18:37 -0500 (EST)
Received: from mail.ihtfp.org ([127.0.0.1]) by localhost (mail.ihtfp.org [127.0.0.1]) (maiad, port 10024) with LMTP id 469611-06; Thu, 1 Dec 2022 09:18:37 -0500 (EST)
Received: from securerf.ihtfp.org (IHTFP-DHCP-239.IHTFP.ORG [192.168.248.239]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "securerf.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (not verified)) by mail.ihtfp.org (Postfix) with ESMTPS id F3C048095A01; Thu, 1 Dec 2022 09:18:36 -0500 (EST)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ihtfp.org F3C048095A01
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1669904317; bh=evT5kvF1XHQSLNNyYf5HmnS+2nMwuX439Dpnl6GTkQw=; h=From:To:Cc:Subject:Date:From; b=Wii7Ape05x2By7lHA9ieLBqmM6iue/Q6tcLXBZOPURiLgKSEB3s4ZnyhcXWAatHv2 cMNhDjulbEkJMR0SwjvVayxl3dG/oukQHfTI0f7xeIL65r0CwWnqkhP1IjdFLlzEHx tu+nx2ChyoXZFvIIQIjxNaM00iHyV22zX6c/C96o=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.16.1/8.16.1/Submit) id 2B1EIaeb3956052; Thu, 1 Dec 2022 09:18:36 -0500
From: Derek Atkins <derek@ihtfp.com>
To: iesg@ietf.org, secdir@ietf.org
Cc: bfd-chairs@ietf.org, enchen@paloaltonetworks.com, naiming@zededa.com, robert@raszuk.net, reshad@yahoo.com
Date: Thu, 01 Dec 2022 09:18:36 -0500
Message-ID: <sjmv8mvtdfn.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/gPXM2WOTUdb6lKa5SyJcZM7Aqlg>
Subject: [secdir] sec-dir review of draft-ietf-bfd-unsolicited-11.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Dec 2022 14:18:43 -0000
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: * Ready to Publish Details: * Is "Meticulous Keyed SHA1" secure, given the known weaknesses of SHA1? -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
- [secdir] sec-dir review of draft-ietf-bfd-unsolic… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-bfd-uns… Naiming Shen
- Re: [secdir] sec-dir review of draft-ietf-bfd-uns… Reshad Rahman
- Re: [secdir] sec-dir review of draft-ietf-bfd-uns… Uri Blumenthal
- Re: [secdir] sec-dir review of draft-ietf-bfd-uns… Jeffrey Haas