[secdir] sec-dir review of draft-ietf-roll-building-routing-reqs-05.txt
Derek Atkins <derek@ihtfp.com> Wed, 20 May 2009 20:45 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D47853A6ED1; Wed, 20 May 2009 13:45:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.761
X-Spam-Level:
X-Spam-Status: No, score=-1.761 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, SARE_SUB_OBFU_Q1=0.227]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lsz3KotTsVHU; Wed, 20 May 2009 13:45:40 -0700 (PDT)
Received: from mail.ihtfp.org (MAIL.IHTFP.ORG [204.107.200.6]) by core3.amsl.com (Postfix) with ESMTP id DE07C3A6ABE; Wed, 20 May 2009 13:45:39 -0700 (PDT)
Received: from pgpdev.ihtfp.org (unknown [64.1.215.244]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "cliodev.ihtfp.com", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail.ihtfp.org (Postfix) with ESMTP id 374E0BD858B; Wed, 20 May 2009 16:47:16 -0400 (EDT)
Received: (from warlord@localhost) by pgpdev.ihtfp.org (8.14.3/8.14.2/Submit) id n4KKlAFr016598; Wed, 20 May 2009 16:47:10 -0400
To: iesg@ietf.org, secdir@ietf.org
From: Derek Atkins <derek@ihtfp.com>
Date: Wed, 20 May 2009 16:47:09 -0400
Message-ID: <sjmskiz4i42.fsf@pgpdev.ihtfp.org>
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: pieter.demil@intec.ugent.be, nicolas.riou@fr.schneider-electric.com, jerald.p.martocci@jci.com, wouter@vooruit.be, roll-chairs@tools.ietf.org
Subject: [secdir] sec-dir review of draft-ietf-roll-building-routing-reqs-05.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2009 20:45:40 -0000
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
The Routing Over Low power and Lossy network (ROLL) Working Group has
been chartered to work on routing solutions for Low Power and Lossy
networks (LLN) in various markets: Industrial, Commercial (Building),
Home and Urban. Pursuant to this effort, this document defines the
routing requirements for building automation.
The Security Considerations appear to take into account various
requirements for different systems. What seems to be lacking is
direction about how or when to apply various requirements and what
it means to the deployment.
For example, what would it mean to a deployment if it has
authentication versus not having authentication? Also, it's unclear
how these requirements would apply to an implementor.
Variable security policies is a good idea, but it requires more
guidance because the end user will never understand the ramifications
of choosing one policy over another.
-derek
--
Derek Atkins 617-623-3745
derek@ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
- [secdir] sec-dir review of draft-ietf-roll-buildi… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-roll-bu… Adrian Farrel