[secdir] Secdir review of draft-ietf-teas-yang-te-topo-15

Melinda Shore <melinda.shore@gmail.com> Fri, 01 June 2018 03:19 UTC

Return-Path: <melinda.shore@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44BC61250B8; Thu, 31 May 2018 20:19:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id geMW7DYk9wtq; Thu, 31 May 2018 20:19:49 -0700 (PDT)
Received: from mail-pg0-x233.google.com (mail-pg0-x233.google.com [IPv6:2607:f8b0:400e:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD843124D6C; Thu, 31 May 2018 20:19:46 -0700 (PDT)
Received: by mail-pg0-x233.google.com with SMTP id 15-v6so10280891pge.2; Thu, 31 May 2018 20:19:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:message-id:date:user-agent:mime-version :content-language:content-transfer-encoding; bh=D7/OXtx0B4phrfgZYYWq+/JS6RkoQMaaFfkbrVlAHRo=; b=UMcDaU8Sn5e5Ypa7zoe90RtLiDc7M7pmm7fBUNognO+vQJeCm0a+HKVr7JZsW/06gu TcdjRmo0kHgWqnM8vMTJuqOiP7OQfsgtuAbt6Lmj3EoghMYTIpxx8kcncp7Agb39H2ZG mUsnrdJdqUmeN0WA8A7CKZP8Y7MOYlruHYfSexjtI3kcP+HBsWTgO/hJAjpNqCQxvwz5 Lm7CX/ULI0mveH6bhHKRYwuCWAZ1amj+5bNhWrLBdMucKZqGpeGu1d7uSOo20y1Fy1uA YYXJHnM2SiAKrxkaeDf7Zgv5q9/T/YeeOVsBLIyqj+YSug4RKV9DUVmsiISXKrOTWMmy hKLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:message-id:date:user-agent :mime-version:content-language:content-transfer-encoding; bh=D7/OXtx0B4phrfgZYYWq+/JS6RkoQMaaFfkbrVlAHRo=; b=J3jg41vTVQoiD5s26qhIYc7R3MaMNQAX3xq6VY6amQvXWCgHBQ40f3arZY/Pslnw9q T5jxDCAuZ/atI5j1WJYarTEbUz1RP59j1BQ7NWfU25XrAfzyRrpHcH/S0tBFGLJTn0Mx puc5dnpsuzcvVcBAclOy/k3+pAEvAXd0qiDgEjTvr0cF97qnmmXTkL46JedGhKbXlJyE PBn5YtQS5xz7zvH8Nnd2DfVoqdjNkRSoQA3rTLr3F55gVVqkGoSXu0db68dLKKcv5jq8 pDdHNG4g4/vmgJKrgQaGZeFcjP4AEU1YEC7+ULTUW4QsZ6dC8ZjohH/CxU5SejNJgJbz VyGg==
X-Gm-Message-State: ALKqPwcVmGjZaL2WrvFW8iSvFcjGgJ01cBVMnYK7DljFniCndWT5xOC8 1NGd8O0zU0tJfUsAWLDbDMFrGEy7
X-Google-Smtp-Source: ADUXVKLxUuFp6TpXJEakrVs77wNKh90ZF8yY2c284cIIbv3mLD4InRGPObBFUJ6iRpFF+nhDmtiUPQ==
X-Received: by 2002:a65:4b49:: with SMTP id k9-v6mr7365382pgt.369.1527823185763; Thu, 31 May 2018 20:19:45 -0700 (PDT)
Received: from aspen.local (216-67-39-96-radius.dynamic.acsalaska.net. [216.67.39.96]) by smtp.gmail.com with ESMTPSA id x124-v6sm67959480pfx.72.2018.05.31.20.19.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 31 May 2018 20:19:44 -0700 (PDT)
From: Melinda Shore <melinda.shore@gmail.com>
To: secdir@ietf.org, IESG <iesg@ietf.org>, draft-ietf-teas-yang-te-topo.all@ietf.org
Message-ID: <1b9239b4-ff6a-4f85-4c6e-8b714cf6b6a3@gmail.com>
Date: Thu, 31 May 2018 19:19:42 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/kF39-zSCO0QGcUy6MwHfl65u1wk>
Subject: [secdir] Secdir review of draft-ietf-teas-yang-te-topo-15
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jun 2018 03:19:51 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

The summary of the review is Ready with issues

This document defines a technology-agnostic YANG data model for
representation of traffic engineering topologies, and is intended to
serve as a base model for other technology-specific traffic engineering
topology models.

The document is clearly written and appears comprehensive with respect
to its subject matter.  I suspect that sections 1-4 would be a useful
reference for people wanting to learn about TE topologies in general,
and I enjoyed reading it.

The security considerations section is scanty and, unfortunately,
insufficient.  The statement "The data-model by itself does not create
any security implications" seems questionable at best, since it contains
information about network topology and the treatment of traffic,
which may be of value to an attacker.  The lack of discussion of
the threat environment is particularly problematic given that the
model is intended to be used for manipulating TE topologies.  The
authors may want to look to draft-ietf-i2rs-yang-network-topo as
a model (no pun intended) of a good security considerations
section for a topology model.  I don't see how this document can
be published with the security considerations section in its current
condition.

This is really a trivial nit, but a nit nevertheless - the second
paragraph of the terminology section probably belongs in the
introduction instead, as it lays out expectations for the reader
and contains a pointer to introductory material for readers
unfamiliar with the IETF's traffic engineering work.

Melinda