[secdir] draft-ietf-mpls-stamp-pw-04 early Secdir review
Yaron Sheffer via Datatracker <noreply@ietf.org> Wed, 10 June 2026 20:17 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@mail2.ietf.org
Received: from [10.244.22.121] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id 6E6D3FEEEC98; Wed, 10 Jun 2026 13:17:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1781122651; bh=8QtOclfiA9zOtB89THX9YaiTM/GGCq2g+P+3cX8YqWk=; h=From:To:Cc:Subject:Reply-To:Date; b=cDrVeu8WtQMwfCTMcgYtOpgcIOpxxKqMKDIUs1dnHT/foCp83VWVcDLQd3zEmFG/+ 5DvnKoItgbu//3l/Qvbt4avk8jv4JmNj1T9kKLa9nXa5I+giqyQ9mYvCQ5vRDlwfQe uVulsmJ0vMAX+KNL70DE8hgelupM4s9ftfHK3uiQ=
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Yaron Sheffer via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.67.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <178112265134.265229.7984319200962947746@dt-datatracker-56f887f959-hdgj4>
Date: Wed, 10 Jun 2026 13:17:31 -0700
Message-ID-Hash: AFBPMSG7FTKQTMMBPQZLUZ6ABIGECQSO
X-Message-ID-Hash: AFBPMSG7FTKQTMMBPQZLUZ6ABIGECQSO
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-mpls-stamp-pw.all@ietf.org, mpls@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: Yaron Sheffer <yaronf.ietf@gmail.com>
Subject: [secdir] draft-ietf-mpls-stamp-pw-04 early Secdir review
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/macRPH2nl6pBBrOuDxh9oOmXENA>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>
Document: draft-ietf-mpls-stamp-pw Title: Encapsulation of Simple Two-Way Active Measurement Protocol for LSPs and Pseudowires in MPLS Networks Reviewer: Yaron Sheffer Review result: Ready This document defines the encapsulation of the STAMP OAM protocol within multiple deployment variants of MPLS. The Security Considerations appear adequate, although much of the section consists of references to the security considerations of the underlying protocols and mechanisms. What I'm missing is an explicit statement of (what I see as) the main threat model, which is cross-tenant leakage. That is, one tenant interfering with the OAM traffic of another tenant's, with the goal of triggering automated responses. The document could be strengthened by explicitly stating that STAMP packets received via a PW or LSP are processed in the context of that PW or LSP, and that the encapsulations defined here do not introduce a mechanism for cross-service OAM interaction.
- [secdir] draft-ietf-mpls-stamp-pw-04 early Secdir… Yaron Sheffer via Datatracker
- [secdir] Re: [mpls] draft-ietf-mpls-stamp-pw-04 e… Rakesh Gandhi