[secdir] Secdir last call review of draft-ietf-grow-bmp-local-rib-10
Chris Lonvick via Datatracker <noreply@ietf.org> Mon, 29 March 2021 22:51 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 722E63A2486; Mon, 29 Mar 2021 15:51:17 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Chris Lonvick via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-grow-bmp-local-rib.all@ietf.org, grow@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.27.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <161705827740.13468.11344469654269107377@ietfa.amsl.com>
Reply-To: Chris Lonvick <lonvick.ietf@gmail.com>
Date: Mon, 29 Mar 2021 15:51:17 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/t8cuYma97iLnKlfTwaUAKim8j48>
Subject: [secdir] Secdir last call review of draft-ietf-grow-bmp-local-rib-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Mar 2021 22:51:18 -0000
Reviewer: Chris Lonvick Review result: Has Nits Hello, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is READY. The authors state in the Security Considerations section that the same considerations that are documented in Section 11 of RFC 7854 also apply to this document. I see no reason to doubt that and I believe that is appropriate for this document. The second and third sentences of the Security Considerations section may need to be reworked. Although I skimmed the rest of the document, these were the only nits I could see. For the second sentence, rather than: Implementations of this protocol SHOULD require to establish sessions with authorized and trusted monitoring devices. Perhaps, Implementations of this protocol SHOULD require +monitored routers+ to establish +secure+ sessions with authorized and trusted monitoring -devices-+stations+. The term "monitoring devices" is not used anywhere else in the document, and only once in RFC 7854. On the other hand "monitoring stations" is used extensively in both. For the third sentence, rather than: It is also believed that this document does not add any additional security considerations. Perhaps, It is also believed that this document does not add any +features that require any+ additional security considerations. Best regards, Chris
- [secdir] Secdir last call review of draft-ietf-gr… Chris Lonvick via Datatracker
- Re: [secdir] Secdir last call review of draft-iet… Tim Evens (tievens)