[secdir] SECDIR review of draft-housley-number-registries-02
Yoav Nir <ynir@checkpoint.com> Wed, 18 December 2013 06:31 UTC
Return-Path: <ynir@checkpoint.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 618D61AE00A; Tue, 17 Dec 2013 22:31:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.439
X-Spam-Level:
X-Spam-Status: No, score=-7.439 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hex6_sSdh4JO; Tue, 17 Dec 2013 22:31:47 -0800 (PST)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id D05981AE0BD; Tue, 17 Dec 2013 22:31:46 -0800 (PST)
Received: from IL-EX10.ad.checkpoint.com ([194.29.34.147]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id rBI6VimZ024595; Wed, 18 Dec 2013 08:31:44 +0200
X-CheckPoint: {52B13D5F-0-1B221DC2-1FFFF}
Received: from DAG-EX10.ad.checkpoint.com ([169.254.3.77]) by IL-EX10.ad.checkpoint.com ([169.254.2.82]) with mapi id 14.03.0123.003; Wed, 18 Dec 2013 08:31:44 +0200
From: Yoav Nir <ynir@checkpoint.com>
To: "draft-housley-number-registries.all@tools.ietf.org" <draft-housley-number-registries.all@tools.ietf.org>, "<iesg@ietf.org> IESG" <iesg@ietf.org>, "<secdir@ietf.org>" <secdir@ietf.org>
Thread-Topic: SECDIR review of draft-housley-number-registries-02
Thread-Index: AQHO+7rRSdB0J0wqMkWLnL48bQrnEg==
Date: Wed, 18 Dec 2013 06:31:43 +0000
Message-ID: <D2526D55-9AFD-4214-8C25-C33C16AB85CD@checkpoint.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.31.21.201]
x-kse-antivirus-interceptor-info: protection disabled
Content-Type: text/plain; charset="us-ascii"
Content-ID: <4CB755E3E9D7CE46989E15FAEE0EA04C@ad.checkpoint.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [secdir] SECDIR review of draft-housley-number-registries-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Dec 2013 06:31:48 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. TL;DR version: This document is ready This document is an informational describing the current state of the three IANA numbers registry: the AS numbers, the IPv4 addresses, and the IPv6 addresses. As such, it repeats information currently in those IANA registries, and based on a cursory review of those registries, seems to do so accurately. All I can say security-wise is that I agree with the security considerations section: "It does not change the security posture of the Internet in any way." Having read both the Abstract and the Introduction, I have to say that I don't understand who the target audience of this document is. Nowhere does it say what the value is of taking a snapshot of these registries as of early 2014. That said, while I don't see the utility, there is definitely no harm. Yoav