[secdir] Secdir review of draft-baker-ietf-core-11.txt

Charlie Kaufman <charliek@microsoft.com> Mon, 10 January 2011 07:41 UTC

Return-Path: <charliek@microsoft.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 80BD928C0CF; Sun, 9 Jan 2011 23:41:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id gmkNIYOwe9FC; Sun, 9 Jan 2011 23:41:29 -0800 (PST)
Received: from smtp.microsoft.com (smtp.microsoft.com []) by core3.amsl.com (Postfix) with ESMTP id F218428C0E5; Sun, 9 Jan 2011 23:41:28 -0800 (PST)
Received: from TK5EX14MLTC103.redmond.corp.microsoft.com ( by TK5-EXGWY-E802.partners.extranet.microsoft.com ( with Microsoft SMTP Server (TLS) id; Sun, 9 Jan 2011 23:43:35 -0800
Received: from TK5EX14MBXC115.redmond.corp.microsoft.com ([]) by TK5EX14MLTC103.redmond.corp.microsoft.com ([]) with mapi id 14.01.0255.003; Sun, 9 Jan 2011 23:43:35 -0800
From: Charlie Kaufman <charliek@microsoft.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-baker-ietf-core.all@tools.ietf.org" <draft-baker-ietf-core.all@tools.ietf.org>
Thread-Topic: Secdir review of draft-baker-ietf-core-11.txt
Thread-Index: AcuwlFYRhTqo2OiETVufesZBsiT2pw==
Date: Mon, 10 Jan 2011 07:43:34 +0000
Message-ID: <D80EDFF2AD83E648BD1164257B9B09122C2F2C86@TK5EX14MBXC115.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_D80EDFF2AD83E648BD1164257B9B09122C2F2C86TK5EX14MBXC115r_"
MIME-Version: 1.0
Subject: [secdir] Secdir review of draft-baker-ietf-core-11.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jan 2011 07:41:35 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

I don't know the back story on this document. It is an individual submission, I assume targeting Informational status. The title is "Internet Protocols for the Smart Grid". I didn't immediately know what "Smart Grid" referred to, and the document assumes the reader already knows, but a quick web search says that current usage is for an upgrade to the electrical power grid supporting innovations like having large numbers of small providers and intelligently managing load (i.e. turning off low priority devices under conditions of peak load) so that we don't need to provision for peak loads so much larger than average loads.

Most of this document has little to do with the Smart Grid. It is largely an overview of the Internet Protocol Suite referencing the relevant RFCs for details. I would have thought that such an overview would already exist, but my quick search of RFCs did not find one. This would be a handy document to be able to point newbies at, though this title might dissuade them. It's possible that this overview leaves out broad swaths of IETF work  on the theory that it would be irrelevant to Smart Grid designers, but such filtering was not obvious.

The part of this document that is about the Smart Grid is Appendix A, which speculates on several ways the Smart Grid might take advantages of Internet technology. I would hope that the people designing the Smart Grid would be familiar with the Internet Protocol Suite, but perhaps I'm being naïve.

Security is one of the most important challenges designers of a Smart Grid will face, and this document emphasizes parts of the Internet Protocol Suite that provide security and that might be applicable (i.e. IPsec, TLS, XML-DSIG, and S/MIME). [Note: I believe a reference to CMS would be more useful than the indirect references to it via S/MIME]. It does not address (that I saw) the fact that since the Smart Grid is a real time control system, dealing effectively with Denial of Service attacks will be particularly important in this context. While a lot of work has gone into QoS guarantees on the Internet, my impression is that most of that work is not standardized. The fact that the use of the power grid as a networking mechanism appears to target non-general purpose use (i.e. it does not appear anyone is planning to run on-demand video over it) makes it plausible that this problem is solvable.

Because this document does not propose a specific protocol, is has only a token "Security Considerations" section (that notes that security is discussed in some other sections). That seems appropriate to me.

I noted a couple of typos:

P50 next to last line: "a distributed application in a set collectors" -> ???

P52 first line: unbalanced quotes.