[secdir] Secdir last call review of draft-ietf-mboned-driad-amt-discovery-11

Daniel Franke via Datatracker <noreply@ietf.org> Thu, 19 December 2019 01:49 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Daniel Franke via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-mboned-driad-amt-discovery.all@ietf.org, last-call@ietf.org, mboned@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Daniel Franke <dafranke@akamai.com>
Message-ID: <157672018216.4869.15864357654393087401@ietfa.amsl.com>
Date: Wed, 18 Dec 2019 17:49:42 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/z-9H2EKS4lvWDf6mRMn4Ljm7gmA>
Subject: [secdir] Secdir last call review of draft-ietf-mboned-driad-amt-discovery-11

Reviewer: Daniel Franke
Review result: Ready

I have reviewed this document as part of the security directorate's  ongoing
effort to review all IETF documents being processed by the  IESG.  These
comments were written primarily for the benefit of the  security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

Sorry about the last minute review. This document is Ready. Its very intent
gives me a little bit of anxiety: given the inherent DDoS amplification
potential of any kind of UDP multicast, I tend to consider attempts to expand
its usability beyond the most tightly-controlled and thoughtfully-configured
environments to be ill-advised, but that is something the availability of
auto-configuration protocols like this one will tend to encourage. However,
this is something that clearly still has good uses and its security
considerations section is thorough, which is all I can really ask.

[secdir] Secdir last call review of draft-ietf-mb… Daniel Franke via Datatracker
Re: [secdir] [MBONED] Secdir last call review of … Holland, Jake