[secdir] Review of draft-ietf-ccamp-gmpls-vcat-lcas-13.txt
Ondřej Surý <ondrej.sury@nic.cz> Thu, 02 June 2011 12:48 UTC
Return-Path: <ondrej.sury@nic.cz>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3B17E07BA; Thu, 2 Jun 2011 05:48:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Level:
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_23=0.6, MIME_8BIT_HEADER=0.3, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e7G5aZbIkRbp; Thu, 2 Jun 2011 05:48:01 -0700 (PDT)
Received: from mail.nic.cz (mail.nic.cz [IPv6:2001:1488:800:400::400]) by ietfa.amsl.com (Postfix) with ESMTP id D2E97E07B9; Thu, 2 Jun 2011 05:48:00 -0700 (PDT)
Received: from [IPv6:2001:1488:ac14:1400:224:e8ff:fea9:f617] (unknown [IPv6:2001:1488:ac14:1400:224:e8ff:fea9:f617]) by mail.nic.cz (Postfix) with ESMTPSA id 85C6E2A2C48; Thu, 2 Jun 2011 14:47:54 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nic.cz; s=default; t=1307018874; bh=Q+v3ZDHZHXCQpqhSpsldN2LOV8sw0yWLNPzQmC2Hh5Q=; h=Message-ID:Date:From:MIME-Version:To:Subject:Content-Type: Content-Transfer-Encoding; b=GkZX0E2b1Z+34GKJNO/gPBJEh+tgiN+G4JKWyxnnj90AvlGCqd6j8dChM4lcK5dcn UIguscs3yjSKswABjQiWWBYJDg6NYT0zI+B9c4jpwZuM0kp7+uKr1svtYJWuhdx3R1 7YEyYYDkWKW9JJ1qc0maIOZyEh9Tr1Xy80jSUrTY=
Message-ID: <4DE78679.3060308@nic.cz>
Date: Thu, 02 Jun 2011 14:47:53 +0200
From: Ondřej Surý <ondrej.sury@nic.cz>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.17) Gecko/20110424 Thunderbird/3.1.10
MIME-Version: 1.0
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-ccamp-gmpls-vcat-lcas.all@tools.ietf.org
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.96.5 at mail
X-Virus-Status: Clean
Subject: [secdir] Review of draft-ietf-ccamp-gmpls-vcat-lcas-13.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jun 2011 12:48:02 -0000
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document summarizes requirements and use of Generalized Multi-Protocol Label Switching (GMPLS) control plane in support of the Virtual Concatentation and Link Capacity Adjustment Scheme. In addition to this it add a specific use of the Notify message and admin status object for GMPLS signaling. The security consideration is very short stating that the interceptor may see informations about different routes and that these members are of the same VCAT group. I do not see any new security consideration on top of existing RFC5920. You should read this review with one fact in mind: the subject of the draft is far far away from my expertise, however it seems to be well written and ready for publication. Ondrej -- Ondřej Surý vedoucí výzkumu/Head of R&D department ------------------------------------------- CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC Americka 23, 120 00 Praha 2, Czech Republic mailto:ondrej.sury@nic.cz http://nic.cz/ tel:+420.222745110 fax:+420.222745112 -------------------------------------------