[secdir] Review of draft-ietf-ospf-hmac-sha-06.txt
"Hilarie Orman" <ho@alum.mit.edu> Wed, 26 August 2009 23:49 UTC
Return-Path: <hilarie@purplestreak.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E8DB13A6B02; Wed, 26 Aug 2009 16:49:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.349
X-Spam-Level:
X-Spam-Status: No, score=-3.349 tagged_above=-999 required=5 tests=[AWL=0.250, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FoE-2G-RF63x; Wed, 26 Aug 2009 16:49:38 -0700 (PDT)
Received: from out01.mta.xmission.com (out01.mta.xmission.com [166.70.13.231]) by core3.amsl.com (Postfix) with ESMTP id 40C413A68A8; Wed, 26 Aug 2009 16:49:38 -0700 (PDT)
Received: from mx03.mta.xmission.com ([166.70.13.213]) by out01.mta.xmission.com with esmtp (Exim 4.62) (envelope-from <hilarie@purplestreak.com>) id 1MgSFa-0007pg-EM; Wed, 26 Aug 2009 17:49:58 -0600
Received: from 166-70-57-249.ip.xmission.com ([166.70.57.249] helo=localhost.localdomain) by mx03.mta.xmission.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <hilarie@purplestreak.com>) id 1MgSFI-00020P-Lr; Wed, 26 Aug 2009 17:49:41 -0600
Received: from localhost.localdomain (tobermory [127.0.0.1]) by localhost.localdomain (8.12.10/8.12.10) with ESMTP id n7QNlY7t025790; Wed, 26 Aug 2009 17:47:34 -0600
Received: (from ho@localhost) by localhost.localdomain (8.12.10/8.12.10/Submit) id n7QNlXCp025786; Wed, 26 Aug 2009 17:47:33 -0600
Date: Wed, 26 Aug 2009 17:47:33 -0600
Message-Id: <200908262347.n7QNlXCp025786@localhost.localdomain>
X-Authentication-Warning: localhost.localdomain: ho set sender to hilarie using -f
From: Hilarie Orman <ho@alum.mit.edu>
To: iesg@ietf.org, secdir@ietf.org
X-XM-SPF: eid=; ; ; mid=; ; ; hst=mx03.mta.xmission.com; ; ; ip=166.70.57.249; ; ; frm=hilarie@purplestreak.com; ; ; spf=none
X-XM-DomainKey: sender_domain=alum.mit.edu; ; ; sender=ho@alum.mit.edu; ; ; status=no signature
X-SA-Exim-Connect-IP: 166.70.57.249
X-SA-Exim-Mail-From: hilarie@purplestreak.com
X-Spam-DCC: XMission; sa02 1397; Body=1 Fuz1=1 Fuz2=1
X-Spam-Combo: ;iesg@ietf.org, secdir@ietf.org
X-Spam-Relay-Country:
X-SA-Exim-Version: 4.2.1 (built Thu, 25 Oct 2007 00:26:12 +0000)
X-SA-Exim-Scanned: Yes (on mx03.mta.xmission.com)
Cc: rja@extremenetworks.com, mjbarnes@cisco.com, mfanto@aegisdatasecurity.com, tony.li@tony.li, acee@redback.com, manav@alcatel-lucent.com, akr@cisco.com, riw@cisco.com
Subject: [secdir] Review of draft-ietf-ospf-hmac-sha-06.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Hilarie Orman <ho@alum.mit.edu>
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Aug 2009 23:49:39 -0000
Review of draft-ietf-ospf-hmac-sha-06.txt Do not be alarmed. I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. My only comment on this greatly improved document concerns the last paragraph of section 4: Use of full digital signatures would ... eliminat[e] the replay issue that was noted above. Replay can remain a problem even with signed data, can't it? I think that two-way communication is may be a requirement for eliminating the possibility of replay. Hilarie
- [secdir] Review of draft-ietf-ospf-hmac-sha-06.txt Hilarie Orman