[secdir] Secdir review of draft-ietf-ccamp-flexible-grid-ospf-ext-07
Catherine Meadows <catherine.meadows@nrl.navy.mil> Thu, 19 January 2017 23:24 UTC
Return-Path: <catherine.meadows@nrl.navy.mil>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 424301295BC; Thu, 19 Jan 2017 15:24:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.1
X-Spam-Level:
X-Spam-Status: No, score=-5.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-3.199, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KBP7Ng1UWrTo; Thu, 19 Jan 2017 15:24:34 -0800 (PST)
Received: from ccs.nrl.navy.mil (mx0.ccs.nrl.navy.mil [IPv6:2001:480:20:118:118::211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5E66129688; Thu, 19 Jan 2017 15:24:33 -0800 (PST)
Received: from ashurbanipal.fw5540.net (fw5540.nrl.navy.mil [132.250.196.100]) by ccs.nrl.navy.mil (8.14.4/8.14.4) with ESMTP id v0JNOV8B011476 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Thu, 19 Jan 2017 18:24:32 -0500
From: Catherine Meadows <catherine.meadows@nrl.navy.mil>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C28807D6-41B5-4E11-8D30-360A9F593982"
Date: Thu, 19 Jan 2017 18:24:31 -0500
Message-Id: <898B3216-8D9F-47F8-971C-1CD7CC61A4CE@nrl.navy.mil>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-ccamp-flexible-grid-ospf-ext.all@ietf.org
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
X-CCS-MailScanner: No viruses found.
X-CCS-MailScanner-Info: See: http://www.nrl.navy.mil/ccs/support/email
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/jWA7m3hgZTVt698dNSx_bpi8f3g>
Subject: [secdir] Secdir review of draft-ietf-ccamp-flexible-grid-ospf-ext-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jan 2017 23:24:37 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes extensions to the Open Shortest Path First (OSPF) Traffic-Engineering (TE) protocol to support GPLS control of networks that include devices that use the new flexible optical grid introduced by the International Telecommunication Union Telecommunications Standardization Sector (ITU-T). It defines GLMPS OSPF-TE extensions that support advertising available frequency ranges for flex-grid links. In the Security Considerations section, the authors point out that this document extends RFCs [RFC3630] and [RFC7580] to carry flex-grid specific information in OSPF Opaque LSAs. Thus this document does not introduce any new security considerations beyond previous RFCs specifying these LSAs, and the security mechanisms described in [RFC2328] applying to these mechanisms still apply. I think this is a valid point, and well expressed. However, when I looked through the document (using both manual and automatic search methods) I was surprised to find that no explicit mention of OSPF Opaque LSAs other than in the Security Considerations section. It would be helpful to have a specific mention of them in the body of the document, and a brief discussion of how they are used to implement the extensions. This would give a the reader a better understanding of how the Security Considerations section relates to the rest of the document. Other than that, I think the document is ready. Cathy Meadows Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows@nrl.navy.mil <mailto:catherine.meadows@nrl.navy.mil>
- [secdir] Secdir review of draft-ietf-ccamp-flexib… Catherine Meadows