[secdir] secdir review of draft-ietf-ccamp-flexigrid-lambda-label

Paul Wouters <paul@nohats.ca> Tue, 08 September 2015 19:15 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id DD7F81B5284; Tue, 8 Sep 2015 12:15:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id Ta0r6igWPC6b; Tue, 8 Sep 2015 12:15:41 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44C0D1B524C; Tue, 8 Sep 2015 12:15:41 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3n9bmB5syhz3LN; Tue, 8 Sep 2015 21:15:38 +0200 (CEST)
Authentication-Results: mx.nohats.ca; dkim=pass (1024-bit key) header.d=nohats.ca header.i=@nohats.ca header.b=okQjnemV
X-OPENPGPKEY: Message passed unmodified
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id zChG80eEfa5c; Tue, 8 Sep 2015 21:15:36 +0200 (CEST)
Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Tue, 8 Sep 2015 21:15:36 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca []) by bofh.nohats.ca (Postfix) with ESMTP id 00D338009F; Tue, 8 Sep 2015 15:15:35 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1441739736; bh=48R2AFkl2NF0IHTK1FvdbN43W4RpqDWCNyHWDl5RPgU=; h=Date:From:To:Subject; b=okQjnemV5hNCehnHxEUTS5/l42oXKPjOegh8fLe68Z+I+haO8KPaqLey6NLhr/jnf IHVFpKIOhNat25Fhd/JhIVV4GOMrMIBncBQELgX7MXB129Yf1YdfSDErK2axgBwaN6 rD4S5YYC34XAgJsDEi/LyHjEtyAecHvPkRX1mmsk=
Received: from localhost (paul@localhost) by bofh.nohats.ca (8.15.2/8.15.2/Submit) with ESMTP id t88JFZrA030461; Tue, 8 Sep 2015 15:15:35 -0400
X-Authentication-Warning: bofh.nohats.ca: paul owned process doing -bs
Date: Tue, 08 Sep 2015 15:15:35 -0400
From: Paul Wouters <paul@nohats.ca>
To: secdir <secdir@ietf.org>, iesg@ietf.org, draft-ietf-ccamp-flexigrid-lambda-label.all@tools.ietf.org
Message-ID: <alpine.LFD.2.20.1509081500110.30077@bofh.nohats.ca>
User-Agent: Alpine 2.20 (LFD 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="US-ASCII"
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/hxyRNnAC8O1ZO8BWBfbf07gSwhU>
Subject: [secdir] secdir review of draft-ietf-ccamp-flexigrid-lambda-label
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Sep 2015 19:15:45 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

The draft is Ready with nits

This document defines a new Flexi-Grid value for Lambda Switch Capable
(LSC) Label Switching Routers. The specification of this new label
references an external (ITU) specification.

The security considerations of this document properly refers to other
documents, such as RFC3471, RFC3473 and RFC5920. No new security issues
are introduced in this document, as it merely defines a new label to use
which causes no backwards compatibility issues.


  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
      have content which was first submitted before 10 November 2008.  If you
      have contacted all the original authors and they are all willing to grant
      the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
      this comment.  If not, you may need to add the pre-RFC5378 disclaimer.
      (See the Legal Provisions document at
      http://trustee.ietf.org/license-info for more information.)