Re: [secdir] Review of draft-ietf-manet-smf-13

Joe Macker <macker@itd.nrl.navy.mil> Mon, 05 March 2012 20:12 UTC

Return-Path: <macker@itd.nrl.navy.mil>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 197F611E8089; Mon, 5 Mar 2012 12:12:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.449
X-Spam-Level:
X-Spam-Status: No, score=-102.449 tagged_above=-999 required=5 tests=[AWL=0.150, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id reTeiX-0jR1U; Mon, 5 Mar 2012 12:12:41 -0800 (PST)
Received: from s2.itd.nrl.navy.mil (unknown [IPv6:2001:480:20:1083:213:21ff:fe1f:5b9c]) by ietfa.amsl.com (Postfix) with ESMTP id 3418511E8088; Mon, 5 Mar 2012 12:12:41 -0800 (PST)
Received: from smtp.itd.nrl.navy.mil (smtp.itd.nrl.navy.mil [132.250.86.3]) by s2.itd.nrl.navy.mil (8.13.8/8.13.8) with SMTP id q25KCdaV029444; Mon, 5 Mar 2012 15:12:39 -0500
Received: from aes247010.nrl.navy.mil ([132.250.247.10]) by smtp.itd.nrl.navy.mil (SMSSMTP 4.1.16.48) with SMTP id M2012030515123928297 ; Mon, 05 Mar 2012 15:12:39 -0500
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset=us-ascii
From: Joe Macker <macker@itd.nrl.navy.mil>
In-Reply-To: <4F5321A2.1070504@oracle.com>
Date: Mon, 5 Mar 2012 15:12:52 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <07F5BD20-6838-48B6-94F8-EE79F230BDF9@itd.nrl.navy.mil>
References: <4F0410AE.8050600@oracle.com> <4F5321A2.1070504@oracle.com>
To: Shawn Emery <shawn.emery@oracle.com>
X-Mailer: Apple Mail (2.1084)
X-Mailman-Approved-At: Mon, 05 Mar 2012 13:41:09 -0800
Cc: draft-ietf-manet-smf.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] Review of draft-ietf-manet-smf-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Mar 2012 20:12:42 -0000

Shawn:

I want to thank you for the comments and your time.

-joe

On Mar 4, 2012, at 3:02 AM, Shawn Emery wrote:

> 
> I know that the telechat has passed, but since I started this before then, I have posted the completed review below...
> 
> I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments.
> 
> This experimental draft describes a multicast forwarding design specifically for limited wireless mesh and mobile ad hoc networks (MANET).
> 
> The security considerations section does exist.  The section states several attacks and provides mitigation of the associated attack.  Most of the attacks listed are related to DoS.  Solutions to some of these issues involve caching TTL/hop-limits to thwart against an attacker replaying packets with reduced TTL/hop-limits.  The section goes on reference RFC6130's security consideration section in regards to MANET's neighborhood discovery protocol (NHDP).  I had originally reviewed that draft as well and had found no additional concerns.
> 
> General comments:
> 
> None.
> 
> Editorial comments:
> 
> Well written, thank you.
> 
> Shawn.
> -- 
>