[secdir] review of draft-ietf-mpls-gmpls-lsp-reroute-04

"Scott G. Kelly" <scott@hyperthought.com> Fri, 28 August 2009 03:31 UTC

Return-Path: <scott@hyperthought.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3883628C34E for <secdir@core3.amsl.com>; Thu, 27 Aug 2009 20:31:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Ucbg4r-yyEd for <secdir@core3.amsl.com>; Thu, 27 Aug 2009 20:31:39 -0700 (PDT)
Received: from smtp162.iad.emailsrvr.com (smtp162.iad.emailsrvr.com [207.97.245.162]) by core3.amsl.com (Postfix) with ESMTP id 1363528C33C for <secdir@ietf.org>; Thu, 27 Aug 2009 20:31:39 -0700 (PDT)
Received: from relay6.relay.iad.emailsrvr.com (localhost [127.0.0.1]) by relay6.relay.iad.emailsrvr.com (SMTP Server) with ESMTP id 1D5247B829D; Thu, 27 Aug 2009 23:31:44 -0400 (EDT)
Received: by relay6.relay.iad.emailsrvr.com (Authenticated sender: scott-AT-hyperthought.com) with ESMTPSA id 48A587B81E8; Thu, 27 Aug 2009 23:31:43 -0400 (EDT)
Message-ID: <4A974FA1.6010400@hyperthought.com>
Date: Thu, 27 Aug 2009 20:31:45 -0700
From: "Scott G. Kelly" <scott@hyperthought.com>
User-Agent: Thunderbird 2.0.0.21 (Windows/20090302)
MIME-Version: 1.0
To: secdir@ietf.org, lberger@labn.net, Dimitri.Papadimitriou@alcatel-lucent.be, jpv@cisco.com, mpls-chairs@tools.ietf.org, iesg@ietf.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [secdir] review of draft-ietf-mpls-gmpls-lsp-reroute-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Aug 2009 03:31:39 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the IESG. 
  These comments were written primarily for the benefit of the security 
area directors.  Document editors and WG chairs should treat these 
comments just like any other last call comments.

The abstract does a good job of summarizing: This document describes how 
Resource ReserVation Protocol (RSVP) PathErr Messages may be used to 
trigger rerouting of Multi-Protocol Label Switching (MPLS) and 
Generalized MPLS (GMPLS) point-to-point Traffic Engineering (TE) Label 
Switched Paths (LSPs) without first removing LSP state or resources.

The security considerations section says the document introduces no new 
security considerations as it describes usage of existing formats and 
mechanisms, and I agree. It also points the reader to the security 
considerations sections of RFC4920 and RFC4736, and these do seem to do 
a reasonable job of summarizing.

I see no issues of concern for the security area ADs with this document.

--Scott