IETF Logo Mail Archive

Re: [secdir] Sector Review: draft-ietf-ospf-te-metric-extensions-09

Ben Laurie <benl@google.com> Mon, 05 January 2015 21:41 UTC

Return-Path: <benl@google.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A86F11A8ACE for <secdir@ietfa.amsl.com>; Mon, 5 Jan 2015 13:41:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.389
X-Spam-Level:
X-Spam-Status: No, score=-1.389 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4kP05r2lmFy9 for <secdir@ietfa.amsl.com>; Mon, 5 Jan 2015 13:41:18 -0800 (PST)
Received: from mail-qa0-x233.google.com (mail-qa0-x233.google.com [IPv6:2607:f8b0:400d:c00::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CD541A8AB4 for <secdir@ietf.org>; Mon, 5 Jan 2015 13:41:18 -0800 (PST)
Received: by mail-qa0-f51.google.com with SMTP id i13so13232003qae.38 for <secdir@ietf.org>; Mon, 05 Jan 2015 13:41:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=Rsow4jK3dFo7MwtpUnfHA36AEfkUq0szgLwwDNiNJg0=; b=hwwaM6Xr1gnoLGa3up/fjJTlW34G8GZ+55FxYgQeXPSY5xxTLqSwKLYA7XCWrrJ/JS Xk2qrl3qlzT1EEWS2IZFSpH9vfauD14XIX60VwOX8Vwr/vD5cf02QC7pdhysUYPGYJ9b Nnuox4nG9OUZ6PuO+Yd8+fqGFp3Z7YunPfZboFtcIBFAng+jiQ5ggAcDKWlsBic3mgg2 EkEdLl+uc7mzQK2WQtzHo/tqrr/yqAhoc2xXtsbbv19W8aLNHPNNWjBOQMnjk/DxEsKn DwuiwcoaOM3pl/MjxhBCr23QsyqDYuJFz1LWjoXHxiHw94H7RzEWjnGgGo6OMpN1Hspp 8F1g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=Rsow4jK3dFo7MwtpUnfHA36AEfkUq0szgLwwDNiNJg0=; b=Cc1tmKF34jxK1sn7jhDN6UUT0GcQPtGvn9c5neaKACOVVPUi00ggTREaE9f10rY3MH bfsm/wSFmghn5TTSMQGsDAeI6LaDvY65Cs0ptUiHD8CMG8Bu3UV4zSMcqMP3l0oGc/AV SAi/2P4CLnk06uOFRYfjtKzbDhJNp/L0PmbSueboZs4qxoi4Xmo5uT7M3+O2YLrF8wsy GrEVVX3cgd2Cz96h/L10Lj6NdkNcghjcME1AHsp6cbPNpxBaPNR4lCbyy4EX1SCOn18o a8m+Ir1HbBpjmqKsbhW05AoNIJ8JHajpGuTezqqAoT6hvOI7D6zSrhJKqtCOmG0tlUPL TnWQ==
X-Gm-Message-State: ALoCoQm2DzOCbMAVs28BpNaYgVwdCsePZ/+BUev0L/29hDmESepyHxd6+dlCXd2poo0rTGA91EMr
MIME-Version: 1.0
X-Received: by 10.140.36.239 with SMTP id p102mr142369222qgp.8.1420494077462; Mon, 05 Jan 2015 13:41:17 -0800 (PST)
Received: by 10.229.183.201 with HTTP; Mon, 5 Jan 2015 13:41:17 -0800 (PST)
In-Reply-To: <m2a91wzze6.wl%randy@psg.com>
References: <4E0F5009-4811-4FFE-AA26-ECFAC2398101@ogud.com> <m28uhj2wxg.wl%randy@psg.com> <96B524C4-B2E8-443E-871D-60B5FCD2F44A@ogud.com> <m2bnmdym1g.wl%randy@psg.com> <CABrd9STqBsPQpp_N751ybF_0uF8C3MGG3hKhzoPCBO_pgoCULw@mail.gmail.com> <m2a91wzze6.wl%randy@psg.com>
Date: Mon, 05 Jan 2015 21:41:17 +0000
Message-ID: <CABrd9ST1BCoMSVV3c4Lz+0i2XgZdW_r3_akOkR7FEmo8ci2HWw@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Randy Bush <randy@psg.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/jrcIsACewchHjYn-CZD63D61LwM
Cc: ietf <ietf@ietf.org>, secdir <secdir@ietf.org>
Subject: Re: [secdir] Sector Review: draft-ietf-ospf-te-metric-extensions-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Jan 2015 21:41:19 -0000

On 5 January 2015 at 21:33, Randy Bush <randy@psg.com> wrote:
>>>>> and the new lsas could not be used in path shortening attacks,
>>>>> right?
>>>>
>>>> this document only defines the format of the LSA’s it does not talk
>>>> about processing by the routing engines.
>>>
>>> so the secdir sees no need to warn about it.  got it.  </sarcasm>
>>
>> If secdir is going to warn about it through this process, then surely
>> the right place to do that is in the comments on the document that
>> does talk about processing by the routing engines?
>
> a naïve person might think that all documents in a series that have
> security implications would be flagged in the security considerations
> section.

Seriously? What about the implications of other sections? Should they
also be flagged? Or would a naive person perhaps think that to
understand a series, you should read all of it?

v2.23.0 | Report a Bug | By Email