IETF Logo Mail Archive

[secdir] secdir review of draft-ietf-intarea-gre-mtu-03

Tom Yu <tlyu@mit.edu> Thu, 23 April 2015 23:45 UTC

Return-Path: <tlyu@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33D1B1AD367; Thu, 23 Apr 2015 16:45:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZWqxodoqhBor; Thu, 23 Apr 2015 16:45:14 -0700 (PDT)
Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE9EF1AD259; Thu, 23 Apr 2015 16:45:02 -0700 (PDT)
X-AuditID: 1209190e-f79a76d000000d1b-d8-553983fd945c
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id B5.2C.03355.DF389355; Thu, 23 Apr 2015 19:45:01 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id t3NNj09X004552; Thu, 23 Apr 2015 19:45:00 -0400
Received: from localhost (sarnath.mit.edu [18.18.1.190]) (authenticated bits=0) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t3NNiwJX002697; Thu, 23 Apr 2015 19:44:59 -0400
From: Tom Yu <tlyu@mit.edu>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-intarea-gre-mtu.all@tools.ietf.org
Date: Thu, 23 Apr 2015 19:44:57 -0400
Message-ID: <ldvwq129zpi.fsf@sarnath.mit.edu>
Lines: 13
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrDIsWRmVeSWpSXmKPExsUixG6nrvu32TLUYNMlWYsl208yWsz4M5HZ 4sPChywOzB5Llvxk8vhy+TNbAFMUl01Kak5mWWqRvl0CV8aqnYsYC+azVry4uJa9gXEtSxcj J4eEgInEgedvmSBsMYkL99azdTFycQgJLGaSuPVtGSOEs5FR4lLDOyjnDaNEy/plbCAtbALS Escv7wJq5+AQEYiS6JgXDWIKC5hLbFooDVLBIqAqcej9O7BqXgFdictnXzGC2DwCnBJL+7Yy QcQFJU7OfAJ2ELOAlsSNfy+ZJjDyzkKSmoUktYCRaRWjbEpulW5uYmZOcWqybnFyYl5eapGu sV5uZoleakrpJkZQQHFK8u1g/HpQ6RCjAAejEg/vi2yLUCHWxLLiytxDjJIcTEqivEdiLEOF +JLyUyozEosz4otKc1KLDzFKcDArifDurgbK8aYkVlalFuXDpKQ5WJTEeTf94AsREkhPLEnN Tk0tSC2CycpwcChJ8AY3ATUKFqWmp1akZeaUIKSZODhBhvMADW8GqeEtLkjMLc5Mh8ifYtTl uDPl/yImIZa8/LxUKXHeNpAiAZCijNI8uDmwRPCKURzoLWHeLSBVPMAkAjfpFdASJqAlM5da gCwpSURISTUwhoYX8HFvu7H94ZYAx6DLq1ImVd1b4rqrf0vPok9vtnq18QnkM9kwuC8MXvVU KDypN/TQr8ydlYq+Wt3XeuPio7siTn5fKS7FN63n4vbLp9YfvxJ6X+aXkwgff+a9XMOlVeli 7Bcv7LtwJ+Oo608tZraJ0wu+326xVNBdLWNcmLTAYZ7G3G5pJZbijERDLeai4kQABMn1At8C AAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/mSSS6RvAPY4L9UNnviqcBiXU5tM>
Subject: [secdir] secdir review of draft-ietf-intarea-gre-mtu-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2015 23:45:16 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

Summary: ready

This document deals with fragmentation issues in the General Routing
Encapsulation (GRE).  Fragmentation naturally presents potential denial
of service and resource exhaustion vulnerabilities.  I think the
Security Considerations section of this document adequately addresses
these potential vulnerabilities.

v2.23.0 | Report a Bug | By Email