[secdir] Secdir Review of draft-ietf-tram-stun-path-data-03
Watson Ladd <watsonbladd@gmail.com> Thu, 11 February 2016 15:57 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42E231B33CB for <secdir@ietfa.amsl.com>; Thu, 11 Feb 2016 07:57:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ps3B68apWqDm for <secdir@ietfa.amsl.com>; Thu, 11 Feb 2016 07:57:08 -0800 (PST)
Received: from mail-yw0-x236.google.com (mail-yw0-x236.google.com [IPv6:2607:f8b0:4002:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 028961B2B7B for <secdir@ietf.org>; Thu, 11 Feb 2016 07:57:08 -0800 (PST)
Received: by mail-yw0-x236.google.com with SMTP id u200so42341585ywf.0; Thu, 11 Feb 2016 07:57:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=zRG5ieSd0JNe+MXUvFHXX7spE9h7um+EP3rbT258w7Y=; b=xUATdjf6qdkdFaVKbymC+T1VtoumMUFRevJmUSwLOmuI8Aw83uw5dw302EqTPJGtGG 7+gvGSvQwzabbLTRaSbI14ZacQTettBejfht83/3G6GmPqQw74mw5U5oACX+CAZWAI0l TGJs6nOV19flC7pxMkyJYld2qrLTFTgSuapOXoyF4+eT8qjnVa/TWfyIn+1dzNTUEJ3L m0cn5Vn4hIXUOMcsKipBOm9hKrI2vim+lleBCoL1rJAxKLGkRjKngY8ySUyEj0bSK4nS JCgv5CXbntrQM3tvr3Et7I0Ll0DTmc+EKK5PUNKz7TibgpSQkip4zCd+nyjUvdvdI9Hm 4RBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=zRG5ieSd0JNe+MXUvFHXX7spE9h7um+EP3rbT258w7Y=; b=FTOzz/d82ySS2FrVyGTigC0svEfGyL3EzTWeOGczufD5hr/yIEJ5cmUfQF/Qn942Ju iD/v5h53ifiQ29VT2Y+tSQbr0syQg66FamSG1CVQy0i0EdlvWECi8U8abPSE9DedHlWd HMkxUg3xII6Vbi5Akb+qzKiiBy7Q89oIiZfYV17LRixZ8gf+SlOBWqM6wS2E87kjELcM NYFQWXaOBBlKf1MeBLBfDjl6kaEHJ0upeZGw2y6kv0uQkmq+5PUKZr3yxTi5IJwXNhHl 8RZGteubcojJpYhR386IzSwwpZVQI3PBKoVojvqtNF9QzkfsoleJIz2M7mV6yrtSztfm X5ig==
X-Gm-Message-State: AG10YOQXXoWZO9NIEH8QPvlmM2PUOlb556Rfhw3aVSb/B5V7LJL1kMN3pd9WoR6rbz7QAdxefPiUv8tJ1eiqjw==
MIME-Version: 1.0
X-Received: by 10.129.57.135 with SMTP id g129mr23478309ywa.244.1455206227275; Thu, 11 Feb 2016 07:57:07 -0800 (PST)
Received: by 10.13.216.138 with HTTP; Thu, 11 Feb 2016 07:57:07 -0800 (PST)
Date: Thu, 11 Feb 2016 07:57:07 -0800
Message-ID: <CACsn0cnedpW29iSSHut-w++S64L5dsqH=d_9-4ix6gNXO7d16g@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: iseg@ietf.org, secdir@ietf.org, draft-ietf-tram-stun-path-data-03.all@tools.ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/wTgsf8SdOYyPlNaboP5ExdODFNQ>
Subject: [secdir] Secdir Review of draft-ietf-tram-stun-path-data-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Feb 2016 15:57:09 -0000
Dear all, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes an extension to STUN for determining the characteristics of connections, useful in situations where hosts have multiple interfaces. It does this by enabling clients to send multiple requests and receive counts of how many responses were transmitted. This document was Ready with Nits. Some values need to be assigned by IANA. It reuses existing security mechanisms from STUN, which do in fact protect the integrity of messages properly. I am worried about interoperability questions, but these come from those earlier RFCs, and so are outside the scope of this review. Sincerely, Watson