[secdir] Secdir review of draft-ietf-ipfix-psamp-mib

Warren Kumari <warren@kumari.net> Sat, 04 June 2011 16:00 UTC

Return-Path: <warren@kumari.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id EB8CBE0686; Sat, 4 Jun 2011 09:00:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id x2bl5N68oJLI; Sat, 4 Jun 2011 09:00:53 -0700 (PDT)
Received: from vimes.kumari.net (vimes.kumari.net []) by ietfa.amsl.com (Postfix) with ESMTP id 6EB42E0675; Sat, 4 Jun 2011 09:00:50 -0700 (PDT)
Received: from wk-air.lan (unknown []) by vimes.kumari.net (Postfix) with ESMTPSA id 7A1D31B40425; Sat, 4 Jun 2011 10:42:32 -0400 (EDT)
From: Warren Kumari <warren@kumari.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Sat, 4 Jun 2011 10:42:28 -0400
Message-Id: <16FB357D-064E-4251-99F1-F5E7D973AA93@kumari.net>
To: secdir@ietf.org, iesg@ietf.org, draft-ietf-ipfix-psamp-mib@tools.ietf.org
Mime-Version: 1.0 (Apple Message framework v1084)
X-Mailer: Apple Mail (2.1084)
Subject: [secdir] Secdir review of draft-ietf-ipfix-psamp-mib
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Jun 2011 16:00:54 -0000

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These
comments were written primarily for the benefit of the security area
directors. Document editors and WG chairs should treat these comments just
like any other last call comments.

This document describes an extension to the IPFIX MIB module to support PSAMP (sampled) implementations.

The Security Considerations section is present and well written. There are no R/W objects and so the primary concern is disclosure of device / configuration information. The draft provides good suggestions to limit this (e.g. IPSec, SNMPv3)  -- these same concerns (and mitigations) exist for other MIBs. While the information in this MIB *could* be valuable to an attacker (to allow him try avoid having *his* packets sampled) I think that other MIBs would be a much larger target.

I did not check the MIB itself for syntax, lint, etc.