[Tsvwg] IETF LC comments on draft-ietf-tsvwg-rsvp-ipsec

[Magnus Westerlund <magnus.westerlund@ericsson.com>]

Hi, the IESG received the below comment during the ongoing IETF LC. I 
would appreciate some response to it.

"I think that the "Security Considerations" section of this
document is significantly thin.  There are significant security risks
associated with this sort of aggregation that I don't see discussed
in much detail.  There should also be at least some mention of traffic
analysis issues and the potential DDOS attacks on the network
operator arising from this usage.

Unlike RIPv2 Authentication, RSVP Authentication has never had
any measurably large deployment, as near as I can tell.  A practical
to deploy key management strategy is not apparent to me right now
for RSVP Authentication.  RSVP Auth keys need to be placed in all
of the devices along a dynamic and *changing* flow path, so it is
much harder to pre-position manual keys along the whole path.
By contrast, OSPF and RIP have a well-defined and static set of
legitimate participating routers, so one can pre-position manual keys
in all of those OSPF/RIP routers (and that has been commonly done
in numerous enterprise networks using OSPFv2 Auth or RIPv2 Auth).

If this gets published without addressing the above issues,
I think EXPERIMENTAL would be more appropriate than STANDARDS-TRACK.
That would let the community of interest have a stable spec
to reference, as they sort through the poortly addressed issues
that are outlined above."


Best Regards

Magnus Westerlund

Multimedia Technologies, Ericsson Research EAB/TVA/A
----------------------------------------------------------------------
Ericsson AB                | Phone +46 8 4048287
Torshamsgatan 23           | Fax   +46 8 7575550
S-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com