[secdir] SecDir review of draft-ietf-isis-rfc4971bis-01
Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 05 August 2016 10:01 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 434A112D12B; Fri, 5 Aug 2016 03:01:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1LUkr2TqS0l8; Fri, 5 Aug 2016 03:01:16 -0700 (PDT)
Received: from mail-pa0-x231.google.com (mail-pa0-x231.google.com [IPv6:2607:f8b0:400e:c03::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DB9012D098; Fri, 5 Aug 2016 03:01:14 -0700 (PDT)
Received: by mail-pa0-x231.google.com with SMTP id ti13so13398803pac.0; Fri, 05 Aug 2016 03:01:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:references:from:to:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=PQ1M/sgSqKb0MGtp+6dh7EZMDigDnDcx1FCFMy3U5do=; b=zEj+RMs8VdlR1X9THYmRU1LcX/LKObGl5A7pC3qTgLE3tE8CN6jTCcVkm11OQh+xPE DAGB7YzknGFTycyjDkCg7LVOg4YnS8BMXQyVe4Mq/PXStIhOE0SNmV8RqfDKRJDUjc8x tNJ9AYTNVil4HJyHAMZN6ikGuciznokSzTwBnmhddMMz+utPWwup+Gu6ZQrFdQ3CuJLz lU0FxAOZwtREHyrLWIC99+aA0xXg+QKYfXbkahpG0K2iUANNHfzKLXZua+HJUsYq4VrU Uzb1tEh/g8pAjBReBkquCnMYwDkvKNMc8dGzOiw7jLENkN+6hymer+zhtPjimZBtr0HU ABpA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:references:from:to:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=PQ1M/sgSqKb0MGtp+6dh7EZMDigDnDcx1FCFMy3U5do=; b=VtTGuIOS8+3TjCNeJtLsMf8fcPekTooEYmkTbwAw1kSsafoXlvYU2cvDQGcVSmKvAe plenGOyGO3uKjknzpFkVuQhpLkZCMS/WqTocXlbS2dD/YdhkKLhhXkvGROPftBEFTwDZ ThiSlbrAWqBvVE40ngdWpHw5UrV+bk6h4e5TJ7aBSv94v+H7Rj+fWiLq6zukg7Mdf1PJ 3oJsbotJTcUSbpy5s1u33K6hRbCeelRpnBaKHZ9X79WUrT9e3W6zBQgpbe224ecYODQl +i4mhBX8TzDu4RbiK1NmRtmqYZ/gDx6x2F2yrUETBbgDqRsJic3EtVNjmkRHyvd/XUPH xexQ==
X-Gm-Message-State: AEkoout9yaxSqHhawhDn1fOv5BjrLfQckjY6iC4at0iVLF6MSxKDaQZ5m1mKszZcDA4lQA==
X-Received: by 10.66.43.7 with SMTP id s7mr135577626pal.27.1470391272771; Fri, 05 Aug 2016 03:01:12 -0700 (PDT)
Received: from [172.17.202.168] (mtcharleston.intuit.com. [199.16.140.24]) by smtp.gmail.com with ESMTPSA id u72sm26615747pfa.31.2016.08.05.03.01.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 05 Aug 2016 03:01:11 -0700 (PDT)
References: <5751B895.1070400@gmail.com>
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: IETF Security Directorate <secdir@ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-isis-rfc4971bis.all@tools.ietf.org
X-Forwarded-Message-Id: <5751B895.1070400@gmail.com>
Message-ID: <6c9c5a95-61a9-23e3-6df4-8103480fa684@gmail.com>
Date: Fri, 05 Aug 2016 13:01:06 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <5751B895.1070400@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/yIH-6OckYf3zc9g2eMdpDQySFSQ>
Subject: [secdir] SecDir review of draft-ietf-isis-rfc4971bis-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2016 10:01:19 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document is a minor update to RFC4971, in order to correctly support IPv6-only routers. Summary The document is ready for publication. Details The Security Considerations are unchanged from the original RFC and cover the router capability feature reasonably. They still seem to describe this quaint world where each router can rely on all its peers to always send correct information. But at least we recommend to use protocol-level integrity mechanisms in "high risk" situations. Thanks, Yaron
- Re: [secdir] SecDir review of draft-ietf-dhc-topo… Bernie Volz (volz)
- Re: [secdir] SecDir review of draft-ietf-dhc-topo… Tomek Mrugalski
- Re: [secdir] SecDir review of draft-ietf-dhc-topo… Suresh Krishnan
- Re: [secdir] SecDir review of draft-ietf-dhc-topo… Tomek Mrugalski
- Re: [secdir] SecDir review of draft-ietf-isis-rfc… Les Ginsberg (ginsberg)
- [secdir] SecDir review of draft-ietf-isis-rfc4971… Yaron Sheffer
- Re: [secdir] SecDir review of draft-ietf-dhc-topo… Suresh Krishnan
- [secdir] SecDir review of draft-ietf-dhc-topo-con… Yaron Sheffer
- Re: [secdir] SecDir review of draft-ietf-dhc-topo… Ted Lemon
- Re: [secdir] SecDir review of draft-ietf-dhc-topo… Tomek Mrugalski
- Re: [secdir] SecDir review of draft-ietf-dhc-topo… Yaron Sheffer