[secdir] SecDir Review of draft-ietf-l2vpn-vpls-mcast-14
Catherine A Meadows <catherine.meadows@nrl.navy.mil> Thu, 19 September 2013 18:21 UTC
Return-Path: <catherine.meadows@nrl.navy.mil>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 626BB21F90CC; Thu, 19 Sep 2013 11:21:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZcKHQ16DoNCD; Thu, 19 Sep 2013 11:21:14 -0700 (PDT)
Received: from ccs.nrl.navy.mil (mx0.ccs.nrl.navy.mil [IPv6:2001:480:20:118:118::211]) by ietfa.amsl.com (Postfix) with ESMTP id 2EFFA21F9123; Thu, 19 Sep 2013 11:21:13 -0700 (PDT)
Received: from vpn212036.nrl.navy.mil (vpn212036.nrl.navy.mil [132.250.212.36]) by ccs.nrl.navy.mil (8.14.4/8.14.4) with ESMTP id r8JIL6es000536; Thu, 19 Sep 2013 14:21:07 -0400
From: Catherine A Meadows <catherine.meadows@nrl.navy.mil>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 19 Sep 2013 14:21:05 -0400
Message-Id: <69ED1CC5-F819-481A-BB90-FB2178A07DDD@nrl.navy.mil>
To: "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-l2vpn-vpls-mcast.all@tools.ietf.org
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
X-Mailer: Apple Mail (2.1508)
X-CCS-MailScanner: No viruses found.
X-CCS-MailScanner-Info: See: http://www.nrl.navy.mil/ccs/support/email
Subject: [secdir] SecDir Review of draft-ietf-l2vpn-vpls-mcast-14
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Sep 2013 18:21:19 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This ID describes a method by which service providers for Virtual Private LANs can use multicast trees for routing muilticast messages to customers in VPLS. This extends RFC's 4761 "Virtual Private LAN Service using BGP for Auto-Discovery and Signaling" and 4762, "Virtual Private LAN Services over MPLS Label Distribution Protocol (LDP) Signaling". In these RFC's, the ingress Provider Edge Device (ingress PE) replicates a copy of the message for each relevant exit PE. This can become a performance bottleneck when the number of recipients is large. This ID addresses this problem. This ID addresses mainly internal network management, and so, as the authors point out in the Security Considerations Section, it does not introduce many security problems other than already discussed in those RFC's, which are mainly addressed by the security features of BGP, upon which the protocols rely. The main security issue introduced by this draft is that neither BGP nor VPLS provide for secrecy of the multicast tree data. However, as the authors point out, providing such security is the responsibility of the Service Provider managing the LAN, and this is beyond the scope of VPLS. I do not think any modifications or extensions need to be made to the security section, but I have a couple of other questions: This ID is described as being intended for use with RFC's 4761 and 4762, but when I checked on 4761 in the ID tracker, it said that it is updated by 4762, although 4762 itself says nothing about this. In that case, is there any reason to provide support for 4761? Or was this an error in the ID tracker? Likewise, the ID refers to both 4761 and 4762 for definitions of terms. What happens if the two RFC's don't agree on a definition? Should one default to 4762, or to the RFC the implementer is using? According to RFC 4762, the protocol defined by the two RFC's, although they perform similar functions, are independent and incompatible, so this could make possibly a difference. Cathy Meadows
- [secdir] SecDir Review of draft-ietf-l2vpn-vpls-m… Catherine A Meadows
- Re: [secdir] SecDir Review of draft-ietf-l2vpn-vp… Stewart Bryant
- Re: [secdir] SecDir Review of draft-ietf-l2vpn-vp… Yakov Rekhter