Re: [secdir] Combined Gen-art and secdir LC review: draft-ietf-manet-smc-sec-threats-05

Robert Sparks <rjsparks@nostrum.com> Mon, 08 August 2016 15:33 UTC

Return-Path: <rjsparks@nostrum.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C762712D18D; Mon, 8 Aug 2016 08:33:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.147
X-Spam-Level:
X-Spam-Status: No, score=-3.147 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.247] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hij9bGkTp1YH; Mon, 8 Aug 2016 08:33:23 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 212B912B044; Mon, 8 Aug 2016 08:33:22 -0700 (PDT)
Received: from unnumerable.local ([173.57.161.14]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id u78FXLDU056439 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=OK); Mon, 8 Aug 2016 10:33:21 -0500 (CDT) (envelope-from rjsparks@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host [173.57.161.14] claimed to be unnumerable.local
To: General Area Review Team <gen-art@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-manet-smf-sec-threats.all@ietf.org
References: <c2c8df34-e456-be3f-ffb3-6b64d71bd458@nostrum.com>
From: Robert Sparks <rjsparks@nostrum.com>
Message-ID: <597043f8-f24a-df96-43bc-06a8d3142bf7@nostrum.com>
Date: Mon, 8 Aug 2016 10:33:21 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <c2c8df34-e456-be3f-ffb3-6b64d71bd458@nostrum.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/ipOb3gvcm-KeaBxEQPTNF74Ky-4>
Subject: Re: [secdir] Combined Gen-art and secdir LC review: draft-ietf-manet-smc-sec-threats-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Aug 2016 15:33:25 -0000

Resending (to a subset of the original distro) correcting a typo in the 
draft name to make this easier to search for later.

RjS


On 8/8/16 10:17 AM, Robert Sparks wrote:
> I am the assigned Gen-ART and secdir reviewer for this draft. The 
> General Area
> Review Team (Gen-ART) reviews all IETF documents being processed by 
> the IESG
> for the IETF Chair. The secdir does the same for the security area 
> directors.
> Please treat these comments just like any other last call comments.
>
> For more information on Gen-Art, please see the FAQ at
> <https://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
>
> For moe information on secdir, see the wiki at
> <https://trac.tools.ietf.org/area/sec/trac/wiki/SecDirReview>
>
> Document: draft-ietf-manet-smf-sec-threats-05
> Reviewer: Robert Sparks
> Review Date: 8 Aug 2016
> IETF LC End Date: 11 Aug 2016
> IESG Telechat date: 18 Aug 2016
>
> Summary: Ready for publication as an Informational RFC
>
> This draft provides a discussion of vulnerabilities in Simplified 
> Multicast
> Forwarding (SMF), focusing on attacking the Duplicate Packet Detection 
> and
> Relay Set Selection mechanisms. It positions itself as being useful 
> information
> for those deploying SMF as currently defined.  It does not propose 
> mitigations,
> but does have a section that identifies potential future work that might.
>
> I have sent several editorial nits directly to the authors.
>