Shepherd writeup
draft-ietf-lisp-sec-19

draft-ietf-lisp-sec-12.txt Document Write-up

As required by RFC 4858, this is the current template for the Document Shepherd Write-Up.


(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)? Why is
this the proper type of RFC? Is this type of RFC indicated in the
title page header?

    	This document is targeting publication as an Experimental RFC.
	    It is the proper type of RFC since it introduces a
      security mechanism to provide origin authentication,
      integrity and anti-replay protection in the LISP (Locator/ID Separation
      Protocol (LISP) mapping lookup process, whose RFCs have already
      Experimental status.
	    The RFC type is clearly marked in the title page header.



(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary:

      This document describes a security mechanism aiming at
      providing origin authentication, integrity and anti-replay protection
      to LISP map lookup process. In addition, it provides protection against
      prefix over-claiming attacks, ensuring that the sender of a
      Map-Reply providing the mapping for a certain EID-prefix is
      entitled to do so according to what is registered in the
      associated Map-Server. The whole mechanism is based on
      One-Time-Keys (OTK) used to compute Keyed-Hashing Message
      Authentication (HMAC).


Working Group Summary:

       The document has been around since 2011, and has been discussed
       several times. From the beginning, there was strong support, because
       the WG felt that the having a mechanism to protect the map lookup
       process was really important in order to make possible have public
       deployments that cannot be easily attacked.
       The support of the document has been always present, while the
       document evolved. The discussion in the WG mainly focused
       on clearly identify what the proposed mechanism protect or which level
       of security it provides.
	     The version of the document that was approved during WG Last
       Call is -12.

Document Quality:

Are there existing implementations of the protocol? Have a significant
number of vendors indicated their plan to implement the specification?
Are there any reviewers that merit special mention as having done a
thorough review, e.g., one that resulted in important changes or a
conclusion that the document had no substantive issues? If there was a
MIB Doctor, Media Type or other expert review, what was its course
(briefly)? In the case of a Media Type review, on what date was the
request posted?

	     There is a strong interest in LISP-Sec, especially by potential
       LISP adopters because protecting the map lookup process is key to
       have a robust system where mapping information cannot be tempered.


Personnel:

Who is the Document Shepherd?

       	Luigi Iannone <ggx@gigix.net>


Who is the Responsible Area Director?

       	Deborah Brungard <db3546@att.com>.



(3) Briefly describe the review of this document that was performed by
the Document Shepherd. If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.


       	I reviewed carefully the document. The text is sufficiently
        clear and understandable.
        I have checked the mailinglist and meeting minutes and
        publication WG consensus has been reached appropriately.
	      I checked the ID nits (output provided  on point 11)
	      and everything is clear with the exception of a warning due to
        the fact that the publication date of -12 document is in 2016.


(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

        As the document shepherd I have no concerns.



(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

        I do not think that a additional specific review is needed.



(6) Describe any specific concerns or issues that the Document
Shepherd has with this document that the Responsible Area Director
and/or the IESG should be aware of? For example, perhaps he or she is
uncomfortable with certain parts of the document, or has concerns
whether there really is a need for it. In any event, if the WG has
discussed those issues and has indicated that it still wishes to
advance the document, detail those concerns here.

	       I have no specific concerns or issues to point out.



(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP
78 and BCP 79 have already been filed. If not, explain why?

        All authors have made conforming IPR disclosure.



(8) Has an IPR disclosure been filed that references this document? If
so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

	       No IPR disclosures have been filed.



(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it?

        There has been clear strong consensus behind this document,
	      showing that the WG as a whole understands and agree with it.



(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

	       Nobody did show discontent nor threatened an appeal.



(11) Identify any ID nits the Document Shepherd has found in this
document. (See http://www.ietf.org/tools/idnits/ and the
Internet-Drafts Checklist). Boilerplate checks are not enough; this
check needs to be thorough.
idnits 2.14.01  /var/www/.idnits

tmp/draft-ietf-lisp-sec-12.txt:
   Attempted to download rfc0102 state...
   Failure fetching the file, proceeding without it.
   Attempted to download rfc0103 state...
   Failure fetching the file, proceeding without it.
   Attempted to download rfc0200 state...
   Failure fetching the file, proceeding without it.
   Attempted to download rfc0203 state...
   Failure fetching the file, proceeding without it.

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  http://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to http://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to http://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

     No issues found here.

  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust and authors Copyright Line does not
     match the current year

  -- The document date (November 16, 2016) is 127 days in the past.  Is this
     intentional?


  Checking references for intended status: Experimental
  ----------------------------------------------------------------------------

     No issues found here.

     Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--).



(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

	       No formal review is required.



(13) Have all references within this document been identified as
either normative or informative?

        Only normative references are present. They are clearly
        identified as such.



(14) Are there normative references to documents that are not ready
for advancement or are otherwise in an unclear state? If such
normative references exist, what is the plan for their completion?

	       There are no normative references in unclear state.



(15) Are there downward normative references references (see RFC
3967)? If so, list these downward references to support the Area
Director in the Last Call procedure.

	       There are no downward normative references.



(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are
not listed in the Abstract and Introduction, explain why, and point to
the part of the document where the relationship of this document to
the other RFCs is discussed. If this information is not in the
document, explain why the WG considers it unnecessary.

	       No existing RFC's status will change due to the publication
	       of this document.



(17) Describe the Document Shepherd's review of the IANA
considerations section, especially with regard to its consistency with
the body of the document. Confirm that all protocol extensions that
the document makes are associated with the appropriate reservations in
IANA registries. Confirm that any referenced IANA registries have been
clearly identified. Confirm that newly created IANA registries include
a detailed specification of the initial contents for the registry,
that allocations procedures for future registrations are defined, and
a reasonable name for the new registry has been suggested (see RFC
5226).

	       This document instruct IANA to create five different registries,
         namely:
         - ECM AD Type Registry, with values ranging from 0 to 255.
         - Map-Reply AD Type Registry, with values ranging from 0 to 255.
         - HMAC Functions, with values ranging from 0 to 65535.
         - Key Wrap Functions, with values ranging from 0 to 65535.
         - Key Derivation Functions, with values ranging from 0 to 65535.
         Initial content for all of the above registries is well identified and
         future allocations is requested to be assigned according to the
         "Specification Required" policy defined in RFC5226.



(18) List any new IANA registries that require Expert Review for
future allocations. Provide any public guidance that the IESG would
find useful in selecting the IANA Experts for these new registries.

	       No expert review is required.



(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.

	       The document does not contain anything written in a formal
	       language, hence, no validation and/or check has been
	       performed.
Back