Re: [secdir] sec-dir review of draft-ietf-roll-building-routing-reqs-05.txt
Adrian Farrel <Adrian.Farrel@huawei.com> Wed, 20 May 2009 21:23 UTC
Return-Path: <Adrian.Farrel@huawei.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 61C513A6ABE; Wed, 20 May 2009 14:23:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.237
X-Spam-Level:
X-Spam-Status: No, score=-2.237 tagged_above=-999 required=5 tests=[AWL=0.134, BAYES_00=-2.599, SARE_SUB_OBFU_Q1=0.227, STOX_REPLY_TYPE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gzk+kNS6Uo91; Wed, 20 May 2009 14:23:47 -0700 (PDT)
Received: from lhrga03-in.huawei.com (lhrga03-in.huawei.com [195.33.106.148]) by core3.amsl.com (Postfix) with ESMTP id 64EDB3A67E1; Wed, 20 May 2009 14:23:47 -0700 (PDT)
Received: from huawei.com (localhost [127.0.0.1]) by lhrga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KJY00LN0OUBP9@lhrga03-in.huawei.com>; Wed, 20 May 2009 22:25:24 +0100 (BST)
Received: from your029b8cecfe (dsl-sp-81-140-15-32.in-addr.broadbandscope.com [81.140.15.32]) by lhrga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0KJY0057POU97D@lhrga03-in.huawei.com>; Wed, 20 May 2009 22:25:23 +0100 (BST)
Date: Wed, 20 May 2009 22:17:02 +0100
From: Adrian Farrel <Adrian.Farrel@huawei.com>
To: Derek Atkins <derek@ihtfp.com>, iesg@ietf.org, secdir@ietf.org
Message-id: <DE56A3729C6D4932BE12162561741025@your029b8cecfe>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
Content-type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-transfer-encoding: 7bit
X-Priority: 3
X-MSMail-priority: Normal
References: <sjmskiz4i42.fsf@pgpdev.ihtfp.org>
Cc: nicolas.riou@fr.schneider-electric.com, jerald.p.martocci@jci.com, pieter.demil@intec.ugent.be, wouter@vooruit.be, roll-chairs@tools.ietf.org
Subject: Re: [secdir] sec-dir review of draft-ietf-roll-building-routing-reqs-05.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Adrian Farrel <Adrian.Farrel@huawei.com>
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2009 21:23:48 -0000
Derek, I appreciate the review and hope that it will be useful to the authors. Since a new revision is expected, maybe the authors will be able to work with this. Cheers, Adrian ----- Original Message ----- From: "Derek Atkins" <derek@ihtfp.com> To: <iesg@ietf.org>; <secdir@ietf.org> Cc: <pieter.demil@intec.ugent.be>; <nicolas.riou@fr.schneider-electric.com>; <jerald.p.martocci@jci.com>; <wouter@vooruit.be>; <roll-chairs@tools.ietf.org> Sent: Wednesday, May 20, 2009 9:47 PM Subject: sec-dir review of draft-ietf-roll-building-routing-reqs-05.txt >I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the > IESG. These comments were written primarily for the benefit of the > security area directors. Document editors and WG chairs should treat > these comments just like any other last call comments. > > The Routing Over Low power and Lossy network (ROLL) Working Group has > been chartered to work on routing solutions for Low Power and Lossy > networks (LLN) in various markets: Industrial, Commercial (Building), > Home and Urban. Pursuant to this effort, this document defines the > routing requirements for building automation. > > The Security Considerations appear to take into account various > requirements for different systems. What seems to be lacking is > direction about how or when to apply various requirements and what > it means to the deployment. > > For example, what would it mean to a deployment if it has > authentication versus not having authentication? Also, it's unclear > how these requirements would apply to an implementor. > > Variable security policies is a good idea, but it requires more > guidance because the end user will never understand the ramifications > of choosing one policy over another. > > -derek > > -- > Derek Atkins 617-623-3745 > derek@ihtfp.com www.ihtfp.com > Computer and Internet Security Consultant >
- [secdir] sec-dir review of draft-ietf-roll-buildi… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-roll-bu… Adrian Farrel