Re: [secdir] Secdir review of draft-ietf-mpls-oam-ipv6-rao-02
"Carlos Pignataro (cpignata)" <cpignata@cisco.com> Fri, 30 January 2015 14:26 UTC
Return-Path: <cpignata@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06CD61A9067; Fri, 30 Jan 2015 06:26:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.511
X-Spam-Level:
X-Spam-Status: No, score=-16.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, GB_I_LETTER=-2, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QLxe9Qm6aA4g; Fri, 30 Jan 2015 06:26:43 -0800 (PST)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8384C1A9066; Fri, 30 Jan 2015 06:26:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2730; q=dns/txt; s=iport; t=1422628003; x=1423837603; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=zD7ImfQ6mK+1q6j8tav7NAbzW9VRLqoipZ9dewjzreI=; b=MWcFm5t9jcFAL2ZRsl+7o1lesByp/rq+jTB4HW9npIntdaeuOk0ODx3/ GdCs6qDx/yOcrSOHlA58gA6/6viQQzlR0CK0B97/9FLXf1DEbgPrllryi pAlAzVwW2q2VfR6oi1R4Ol1DOt05Ol16xr2K/lPowRohy8Ur2tS/43KMU c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CABQBkk8tU/5ldJa1agmQigSsEgn2/SIgWAhyBAUMBAQEBAX2EDAEBAQMBIxFFBQcEAgEIEQQBAQECAiMDAgICMBQBCAgCBA4FiCQIAcEQlX4BAQEBAQEBAQEBAQEBAQEBAQEBAQEXgSGOJDMHBoJiLoETAQSOfIkiklEig25vgUR+AQEB
X-IronPort-AV: E=Sophos;i="5.09,491,1418083200"; d="scan'208";a="119038223"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by alln-iport-7.cisco.com with ESMTP; 30 Jan 2015 14:26:42 +0000
Received: from xhc-aln-x04.cisco.com (xhc-aln-x04.cisco.com [173.36.12.78]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id t0UEQgF4028894 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 30 Jan 2015 14:26:42 GMT
Received: from xmb-aln-x02.cisco.com ([fe80::8c1c:7b85:56de:ffd1]) by xhc-aln-x04.cisco.com ([173.36.12.78]) with mapi id 14.03.0195.001; Fri, 30 Jan 2015 08:26:42 -0600
From: "Carlos Pignataro (cpignata)" <cpignata@cisco.com>
To: Adrian Farrel <adrian@olddog.co.uk>
Thread-Topic: Secdir review of draft-ietf-mpls-oam-ipv6-rao-02
Thread-Index: AQHQO/rWH+CYXFr8DUaiFa8Y0LuXwpzX5icAgAE3/4A=
Date: Fri, 30 Jan 2015 14:26:40 +0000
Message-ID: <B0FE3A54-3DED-487B-9176-304ACDE5D8B0@cisco.com>
References: <53F9995B-6F70-49D2-ABA1-AD293C185121@inria.fr> <00f101d03bfc$c5708f30$5051ad90$@olddog.co.uk>
In-Reply-To: <00f101d03bfc$c5708f30$5051ad90$@olddog.co.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.150.53.173]
Content-Type: text/plain; charset="utf-8"
Content-ID: <414DEEFBBC5142498FBD84CB1B3A81F7@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/qp0wHe16vTsHNZd14oLb6Odvc5U>
Cc: IESG <iesg@ietf.org>, "draft-ietf-mpls-oam-ipv6-rao@tools.ietf.org" <draft-ietf-mpls-oam-ipv6-rao@tools.ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Secdir review of draft-ietf-mpls-oam-ipv6-rao-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jan 2015 14:26:45 -0000
Thanks indeed, Vincent. Adrian, we fixed these two nits in our working copy. Thanks, — Carlos. > On Jan 29, 2015, at 2:50 PM, Adrian Farrel <adrian@olddog.co.uk> wrote: > > Thanks Vincent. Good nits. > Adrian > >> -----Original Message----- >> From: iesg [mailto:iesg-bounces@ietf.org] On Behalf Of Vincent Roca >> Sent: 29 January 2015 19:36 >> To: IESG; secdir@ietf.org; draft-ietf-mpls-oam-ipv6-rao@tools.ietf.org >> Cc: Vincent Roca >> Subject: Secdir review of draft-ietf-mpls-oam-ipv6-rao-02 >> >> Hello, >> >> I have reviewed this document as part of the security directorate's ongoing >> effort to review all IETF documents being processed by the IESG. These >> comments were written primarily for the benefit of the security area >> directors. Document editors and WG chairs should treat these comments just >> like any other last call comments. >> >> Summary: ready >> >> This document specifies a new Router Alert Option Value for IPv6, to be used >> by MPLS OAM tools in IPv6 environments. >> It does not introduce any new mechanism that is likely to create security >> threats. Additionally, RFC 6398 discusses the security aspects of IP Router >> Alert in detail. The Security Considerations section of the present document >> refers to this (and related RFCs) for security aspects which I think is > appropriate. >> >> >> Non-Security comments: >> >> ** The Introduction uses several terms that appear to me synonymous, namely: >> generic Option Value >> generic IPV6 Router Alert code point >> Value field in the Router Alert Option >> IPv6 Router Alert Option Value >> And later in Section 3: >> option value (i.e., without any upper case letter) >> Or in Section 6: >> defines a new code point (value TBD1) >> It's worth to harmonize them. >> >> ** Section 5: there's probably a missing word in: >> "...examine the packet the MPLS OAM purpose." >
- [secdir] Secdir review of draft-ietf-mpls-oam-ipv… Vincent Roca
- Re: [secdir] Secdir review of draft-ietf-mpls-oam… Adrian Farrel
- Re: [secdir] Secdir review of draft-ietf-mpls-oam… Carlos Pignataro (cpignata)