[secdir] Secdir review of draft-ietf-pce-p2mp-app-01
Brian Weis <bew@cisco.com> Mon, 15 June 2009 18:58 UTC
Return-Path: <bew@cisco.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7D2F63A6923; Mon, 15 Jun 2009 11:58:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Me4LUatocmq; Mon, 15 Jun 2009 11:58:57 -0700 (PDT)
Received: from sj-iport-2.cisco.com (sj-iport-2.cisco.com [171.71.176.71]) by core3.amsl.com (Postfix) with ESMTP id 5F91A3A6BC2; Mon, 15 Jun 2009 11:58:57 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.42,224,1243814400"; d="scan'208";a="176526641"
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-2.cisco.com with ESMTP; 15 Jun 2009 18:59:04 +0000
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id n5FIx4Xg008360; Mon, 15 Jun 2009 11:59:04 -0700
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-5.cisco.com (8.13.8/8.13.8) with ESMTP id n5FIx4pm025180; Mon, 15 Jun 2009 18:59:04 GMT
Received: from xfe-sjc-211.amer.cisco.com ([171.70.151.174]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 15 Jun 2009 11:59:04 -0700
Received: from dhcp-128-107-163-126.cisco.com ([128.107.163.126]) by xfe-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 15 Jun 2009 11:59:04 -0700
Message-Id: <C7402E48-A8C8-4D29-A5C3-AB3E08CE12F0@cisco.com>
From: Brian Weis <bew@cisco.com>
To: secdir@ietf.org, iesg@ietf.org
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v935.3)
Date: Mon, 15 Jun 2009 11:59:03 -0700
X-Mailer: Apple Mail (2.935.3)
X-OriginalArrivalTime: 15 Jun 2009 18:59:04.0212 (UTC) FILETIME=[5A232540:01C9EDEB]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1929; t=1245092344; x=1245956344; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=bew@cisco.com; z=From:=20Brian=20Weis=20<bew@cisco.com> |Subject:=20Secdir=20review=20of=20draft-ietf-pce-p2mp-app- 01 |Sender:=20; bh=gTBH4zneMiIELjpcSYZcbmzuV8w8v5yIPLbW0iI2pPQ=; b=XJvWTDbAhxhQngIW+VQHo4ymabGt3icA0U3lfLrIs6y/4UricaNRadSa7R S+zX/k01RYhn7GFk1NHffpN91vEG87Nk4Xqf68Quux/jDuSx+4VrectI2XBY c1uZ8nJbEI;
Authentication-Results: sj-dkim-2; header.From=bew@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
Cc: draft-ietf-pce-p2mp-app@tools.ietf.org, pce-chairs@tools.ietf.org
Subject: [secdir] Secdir review of draft-ietf-pce-p2mp-app-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jun 2009 18:58:58 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This Informational document describes how the Path Computation Element (PCE)-based architecture defined in RFC 4655 can support point-to- multipoint label switched paths. A PCE is a device that computes the path of Traffic Engineered Label Switched Paths (TE LSPs) within Multiprotocol Label Switching (MPLS) and Generalized MPLS (GMPLS) networks. A PCE-based architecture is generally used to offload path computation processing from Label Switching Routers (LSRs). This document does not substantially change the architecture described in RFC 4655. The Security Considerations section states that this document does not raise any additional security issues beyond those that generally apply to the PCE architecture, and I believe that is generally true. However, I do have one minor suggestion for the authors: The "Note" in the Security Considerations section points out that P2MP computation is CPU-intensive, and posits that an attacker injecting spurious P2MP path computation requests may be more successful than if the attacker injected P2P computation requests. Since you brought up the attack, it would be worth noting that the use of a message integrity mechanism by a PCE protocol should be used to mitigate attacks from devices that are not authorized to send requests to the PCE device. I hesitate to be more specific because the document does not describe a particular PCE protocol. Brian -- Brian Weis Router/Switch Security Group, ARTG, Cisco Systems Telephone: +1 408 526 4796 Email: bew@cisco.com