[secdir] SECDIR review of draft-ietf-manet-olsrv2-metrics-rationale-02
Stephen Kent <kent@bbn.com> Wed, 06 March 2013 15:40 UTC
Return-Path: <kent@bbn.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E04D521F86FF for <secdir@ietfa.amsl.com>; Wed, 6 Mar 2013 07:40:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.598
X-Spam-Level:
X-Spam-Status: No, score=-106.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ovcRyvXLgaP6 for <secdir@ietfa.amsl.com>; Wed, 6 Mar 2013 07:40:10 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id 634E721F89BF for <secdir@ietf.org>; Wed, 6 Mar 2013 07:40:10 -0800 (PST)
Received: from dhcp89-089-230.bbn.com ([128.89.89.230]:51357) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1UDGRm-000K43-NJ; Wed, 06 Mar 2013 10:40:02 -0500
Message-ID: <51376352.5050802@bbn.com>
Date: Wed, 06 Mar 2013 10:40:02 -0500
From: Stephen Kent <kent@bbn.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130216 Thunderbird/17.0.3
MIME-Version: 1.0
To: secdir <secdir@ietf.org>, chris.dearlove@baesystems.com, T.Clausen@computer.org, philippe.jacquet@alcatel-lucent.com, macker@itd.nrl.navy.mil, sratliff@cisco.com, Stewart Bryant <stbryant@cisco.com>, Adrian Farrel <adrian@olddog.co.uk>
Content-Type: multipart/alternative; boundary="------------000303060604020406000009"
Subject: [secdir] SECDIR review of draft-ietf-manet-olsrv2-metrics-rationale-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2013 15:40:12 -0000
SECDIR review of draft-ietf-manet-olsrv2-metrics-rationale-02 I reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.These comments were written primarily for the benefit of the security area directors.Document editors and WG chairs should treat these comments just like any other last call comments. This document is targeted as an Informational RFC. It describes itself as "... an historic record of the rationale for, and design considerations behind, how link metrics were included in OLSRv2." The Security Considerations section says simply "This document does not specify any security considerations." It's been a very long time (many years) since I've encountered that phrase in a candidate RFC. A rationale document itself probably does not entail security considerations, but the omission of any security discussion suggests that security did not play a role in the deign of this routing protocol. Is that true? If so, who thinks this is a good thing? I looked at the I-D that defines OLSRv2. It contains a two-page Security Considerations section. From my perspective, this document ought to provide background info (rationale) for the security suggestions contained that document.
- [secdir] SECDIR review of draft-ietf-manet-olsrv2… Stephen Kent
- Re: [secdir] SECDIR review of draft-ietf-manet-ol… Stephen Kent
- Re: [secdir] SECDIR review of draft-ietf-manet-ol… Dearlove, Christopher (UK)
- Re: [secdir] SECDIR review of draft-ietf-manet-ol… Stan Ratliff (sratliff)
- Re: [secdir] SECDIR review of draft-ietf-manet-ol… Adrian Farrel