[trill] Stephen Farrell's No Objection on draft-ietf-trill-oam-mib-07: (with COMMENT)

"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Wed, 19 August 2015 11:28 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: trill@ietfa.amsl.com
Delivered-To: trill@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9898D1B2A61; Wed, 19 Aug 2015 04:28:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N42qY3roIDuq; Wed, 19 Aug 2015 04:28:36 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 571071B2A57; Wed, 19 Aug 2015 04:28:36 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>
To: "The IESG" <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.4.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150819112836.3780.4468.idtracker@ietfa.amsl.com>
Date: Wed, 19 Aug 2015 04:28:36 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/trill/NrgS5k3yfeTHFCYtcQXqkMLBX1Y>
Cc: d3e3e3@gmail.com, trill-chairs@ietf.org, trill@ietf.org
Subject: [trill] Stephen Farrell's No Objection on draft-ietf-trill-oam-mib-07: (with COMMENT)
X-BeenThere: trill@ietf.org
X-Mailman-Version: 2.1.15
List-Id: "Developing a hybrid router/bridge." <trill.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trill>, <mailto:trill-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trill/>
List-Post: <mailto:trill@ietf.org>
List-Help: <mailto:trill-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trill>, <mailto:trill-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Aug 2015 11:28:37 -0000

Stephen Farrell has entered the following ballot position for
draft-ietf-trill-oam-mib-07: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-trill-oam-mib/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------


- Grepping for "MAX-ACCESS *read-create" gives me 28 hits.  The
security considerations section describes 5 of those that I
can see. Are you saying that you did check but all of the
others are read-create are not in fact sensitive? 

- The security considerations here might note two additional
things. First, access to the read-only date exposes the network
topology so might be considered more sensitive than other MIBs.
And second, if one can set an IP address to which reports are
sent say in the event of some kind of packet storm, then that
could maybe be used to DoS that IP address.  I'm not sure
either is worth a mention, but just wanted to check in case
they might be.