Re: [secdir] secdir review of draft-ietf-tcpm-tcpmss-04

"Scharf, Michael (Michael)" <michael.scharf@alcatel-lucent.com> Mon, 04 June 2012 14:20 UTC

Return-Path: <michael.scharf@alcatel-lucent.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 483E021F887D; Mon, 4 Jun 2012 07:20:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.782
X-Spam-Level:
X-Spam-Status: No, score=-9.782 tagged_above=-999 required=5 tests=[AWL=0.111, BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_HI=-8, SARE_SUB_6CONS_WORD=0.356]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7cKNP1f6PLgk; Mon, 4 Jun 2012 07:20:30 -0700 (PDT)
Received: from smail6.alcatel.fr (smail6.alcatel.fr [64.208.49.42]) by ietfa.amsl.com (Postfix) with ESMTP id 67C4621F8864; Mon, 4 Jun 2012 07:20:30 -0700 (PDT)
Received: from FRMRSSXCHHUB01.dc-m.alcatel-lucent.com (FRMRSSXCHHUB01.dc-m.alcatel-lucent.com [135.120.45.61]) by smail6.alcatel.fr (8.14.3/8.14.3/ICT) with ESMTP id q54EKPXW024200 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Mon, 4 Jun 2012 16:20:27 +0200
Received: from FRMRSSXCHMBSE3.dc-m.alcatel-lucent.com ([135.120.45.55]) by FRMRSSXCHHUB01.dc-m.alcatel-lucent.com ([135.120.45.61]) with mapi; Mon, 4 Jun 2012 16:19:32 +0200
From: "Scharf, Michael (Michael)" <michael.scharf@alcatel-lucent.com>
To: David Borman <David.Borman@quantum.com>
Date: Mon, 4 Jun 2012 16:19:30 +0200
Thread-Topic: secdir review of draft-ietf-tcpm-tcpmss-04
Thread-Index: AQHNPnXIPFIPS9owW0+7AUuNti9CaZbi+xyAgAAC+4CAAAs/AP//voCggAMfLYCABE8hoA==
Message-ID: <2A886F9088894347A3BE0CC5B7A85F3E891A9BB408@FRMRSSXCHMBSE3.dc-m.alcatel-lucent.com>
References: <4FC63731.7060409@cisco.com> <58B9B09F-ECA8-457E-B22C-34CE7A69CCFA@quantum.com> <B00101B3-C986-4283-87D4-EA125860F1C6@cisco.com> <EF0B56D9-99F2-49D0-AE22-457E6E1A7944@quantum.com> <2A886F9088894347A3BE0CC5B7A85F3E891A9BB37B@FRMRSSXCHMBSE3.dc-m.alcatel-lucent.com> <94ADA294-87DB-488F-B784-A1FDCDF97A56@quantum.com>
In-Reply-To: <94ADA294-87DB-488F-B784-A1FDCDF97A56@quantum.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: de-DE, en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.69 on 155.132.188.84
X-Mailman-Approved-At: Mon, 04 Jun 2012 07:21:28 -0700
Cc: "<draft-ietf-tcpm-tcpmss.all@tools.ietf.org>" <draft-ietf-tcpm-tcpmss.all@tools.ietf.org>, The IESG <iesg@ietf.org>, "<secdir@ietf.org>" <secdir@ietf.org>
Subject: Re: [secdir] secdir review of draft-ietf-tcpm-tcpmss-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jun 2012 14:20:31 -0000

> >> Ok, I'll move the content to section 5, and leave "Security 
> >> Considerations"
> >> empty, unless someone else objects to making that change.
> > 
> > Instead of an empty security considerations section, you 
> could also add a sentence explaining that the document just 
> clarifies what is mandated by RFC 1122, and that it thus does 
> not result in new security issues.
> > 
> > According to the working group discussions and the WGLC 
> feedback, TCPM is apparently not aware of any security issues 
> with this draft, and I think that TCPM would be fine with 
> mentioning this more explicitly.
> 
> Ok, how about:
> 	This document clarifies how to determine what 
> 	value should be used for the MSS option, and does
> 	not introduce any new security concerns.

For what it is worth, I think that this is indeed better than an empty section. 

Michael