[secdir] Secdir last call review of draft-ietf-6lo-fragment-recovery-08

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Mon, 03 February 2020 13:53 UTC

Return-Path: <tirumaleswarreddy_konda@mcafee.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08C9912009E for <secdir@ietfa.amsl.com>; Mon, 3 Feb 2020 05:53:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kuMcT4BVZ7PH for <secdir@ietfa.amsl.com>; Mon, 3 Feb 2020 05:53:49 -0800 (PST)
Received: from us-smtp-delivery-140.mimecast.com (us-smtp-delivery-140.mimecast.com [216.205.24.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 22C99120026 for <secdir@ietf.org>; Mon, 3 Feb 2020 05:53:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=mimecast20190606; t=1580738027; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=hklV6a/Mr2asYsU/LWPgYOgl39gLO1Fc/H1rhk0FxDg=; b=hC4uLrAsM5E0zu+f4fhkoHwgzV0pxcZK2uVmzAAZULSmrhi+6qr38x4v5PBve0rK01oxGe mCiXO3xUoOOdXRp5YFiLeIewwbiTrA/RUYt85x26/5+sV8h4S4AENdWDPxkJHjmOLlnLN4 9kKN6M3oVR+VP/cPl/rbx9a050rkaMM=
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2107.outbound.protection.outlook.com [104.47.55.107]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-11-HT0TbvKyNdewHyTFAcVHkA-1; Mon, 03 Feb 2020 08:53:41 -0500
Received: from CY4PR1601MB1254.namprd16.prod.outlook.com (10.172.118.12) by CY4PR1601MB1317.namprd16.prod.outlook.com (10.172.116.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32; Mon, 3 Feb 2020 13:53:38 +0000
Received: from CY4PR1601MB1254.namprd16.prod.outlook.com ([fe80::e851:20e8:57bd:fedd]) by CY4PR1601MB1254.namprd16.prod.outlook.com ([fe80::e851:20e8:57bd:fedd%12]) with mapi id 15.20.2686.028; Mon, 3 Feb 2020 13:53:38 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-6lo-fragment-recovery.all@ietf.org" <draft-ietf-6lo-fragment-recovery.all@ietf.org>
Thread-Topic: Secdir last call review of draft-ietf-6lo-fragment-recovery-08
Thread-Index: AdXalCLFRlrAAOY/RCW/KaF9W1FCvA==
Date: Mon, 3 Feb 2020 13:53:38 +0000
Message-ID: <CY4PR1601MB1254AAB128CD71BB283BDA72EA000@CY4PR1601MB1254.namprd16.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.4.0.45
dlp-reaction: no-action
x-originating-ip: [49.37.206.28]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2c63dbfa-5b7c-4e99-4648-08d7a8b0788d
x-ms-traffictypediagnostic: CY4PR1601MB1317:
x-microsoft-antispam-prvs: <CY4PR1601MB13170B470A1AA0B5978DEC80EA000@CY4PR1601MB1317.namprd16.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0302D4F392
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(366004)(39860400002)(346002)(376002)(396003)(189003)(32952001)(199004)(66476007)(64756008)(66556008)(66446008)(52536014)(33656002)(66946007)(76116006)(5660300002)(9686003)(110136005)(450100002)(7696005)(55016002)(316002)(186003)(26005)(8936002)(81156014)(81166006)(86362001)(6506007)(478600001)(966005)(71200400001)(2906002)(8676002)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR1601MB1317; H:CY4PR1601MB1254.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: tytbOTPfUQWMaAySq25PDNFllp+iuQRPFYKVmHBgqgIb6Y8660JBwvd6/imZ78l8yt2dxXc2XKXvxvKMMlzAwwmn4P1t1if96NUyljdq4tGoLxaVH996jRad7RA7O39zdqleuglpxeSwWXvowWUlxuBbR3vX+UF6+TwNOjankrdhMrJV2PeFIDBRd8ZrTsX832kECt7q/TGiJdvrPykkPdNzZT+WezLHlFdOubJ0eAkoIE/72VX91blqmamRaEwrJpBuT+ny8DrYCrPl9Xkg+a0H0+nxoIfZU5mE76+ULoPP+gzF1XFf+u0eATP7euqPmGCtdvwpCq6UlJEvzQeouISnVAqtUFvS6L7JR8LkiBFZy4ORZqmrRlR5V+TSwqhrPJytsdRl33bGFv9sX7eQ2JuDDDWq2X5rNWvJLserdtIGvylqGeZPXZqcSeh52Pk0RBBvf2Jq5jpIWdfHTELJwixv1DLYVBx0wI6KtBxP2OX0Yw8mIAQeQO2OxoWpmPL4UnGyWVk4wG2dLrd9zNn7RoojEre+B71Mj0HtDO9G/CVWTc9lLehRRonsB9fFA45nRRSkH3aEB3sfIUASRhcOa11ts5OTzVwR+zejYE46TrE=
x-ms-exchange-antispam-messagedata: +aYebAJZD2CknkCrouczuVcyWdI+KI3T7I5RqgS+rEV2ItvhIE+vPjtF6/YU+RTFtbOVOU/8gBluNKe1yAfcF0F+Pc/lj+MMGgq2nnzAqaQLEjwTom+N1ZH6MY7NxKyD99B1GFApltziRhcWtpPAdA==
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: mcafee.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2c63dbfa-5b7c-4e99-4648-08d7a8b0788d
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Feb 2020 13:53:38.4510 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: y4VQ7dwujudICLVQmQ+TnN1GOXCgnbEV4E9DcwNnbRHeXbl//azkKiLdaW2nB4jnlL59xJ8VjL3upnL/v8JFUXO//7PuZFqcEJQZ03lv1bTO/xOrbkQTLs7vp/JxDNJ1
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1601MB1317
X-MC-Unique: HT0TbvKyNdewHyTFAcVHkA-1
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: mcafee.com
Content-Type: multipart/alternative; boundary="_000_CY4PR1601MB1254AAB128CD71BB283BDA72EA000CY4PR1601MB1254_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/ha9rOmKSj7Bp6HXSFgUz4bSv5R4>
Subject: [secdir] Secdir last call review of draft-ietf-6lo-fragment-recovery-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Feb 2020 13:53:51 -0000

Reviewer: Tirumaleswar Reddy
Review result: Ready with nits

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

Summary: Ready with nits

[1] It is not clear to me how the Security sections of I-D.ietf-core-cocoa apply to this specification ?
[2] The security considerations section discusses I-D.ietf-lwig-6lowpan-virtual-reassembly but that document does not discuss any security considerations yet.
[3] It is not clear how the DoS attack of bogus first fragments is handled and other attacks discussed in https://tools.ietf.org/html/draft-ietf-intarea-frag-fragile-17#section-3.7 are tackled ?
[4] How does the document align with the recommendations given in https://tools.ietf.org/html/draft-ietf-intarea-frag-fragile-17#section-6 ?

Cheers,
-Tiru