The Generalized TTL Security Mechanism (GTSM) for the Label Distribution Protocol (LDP)

Note: This ballot was opened for revision 07 and is now closed.

(Stewart Bryant) Yes

(Adrian Farrel) Yes

(Ron Bonica) No Objection

(Gonzalo Camarillo) No Objection

Benoit Claise No Objection

(Ralph Droms) No Objection

(Wesley Eddy) No Objection

Stephen Farrell No Objection

Comment (2012-06-05 for -08)
(1) 5082 has a MUST for authentication if negotiating GSTM.
I don't get why this "built-in" negotiation, which seems to
me to be added post-facto, gets around this need for strong
authentication. I'm not going to insist that you define such
authentication, (be nice if someone did though), but I do
think you need to say you're not adhering to the MUST from

(2) When receiving an LDP Link Hello with G=1, what checks
are to be made on the TTL for that packet? If you don't
enforce GSTM on that, then presumably attacks could be
mounted with a Link Hello that has G=0, defeating the
negotiation (hence point (1) above I guess;-). Why is
this ok? If you're really taking a "leap of faith" here,
then that's probably fine, but should be stated IMO. In
any case I think you need to be clear about whether the
TTL on this packet needs checking or not.


- typo in section 3? "(i.e.,g G=1)" - s/g//?

- typo in section 5: s/may cause LDP peering session/may
cause an LDP peering session/

Brian Haberman No Objection

(Russ Housley) No Objection

Barry Leiba No Objection

Comment (2012-06-05 for -08)
Substantive comments; these are non-blocking, but please consider them
seriously, and feel free to chat with me about them:

-- 2.1 --
   The G flag is meaningful only if the T flag is set to 0 (which must
   be the case for Basic Discovery), otherwise, the value of G flag
   SHOULD be ignored on receipt.

What happens if it isn't?  SHOULD means, basically, MUST unless you fully understand the consequences... so what are the consequences, so that an implementor might have a chance to understand them?

Other comments; no need to respond to these. Take them or modify them
as you please:

-- 1 --
   Therefore, GTSM can fully benefit LDP protocol peering session
   established using Basic Discovery.

I don't understand this sentence; maybe there's a word missing.  But it also seems awkward.  Does it mean this?:

   Therefore, GTSM can provide full benefit to an LDP protocol
   peering session that was established using Basic Discovery.

   That is, the desire to use GTSM (i.e., its
   negotiation mechanics) is enabled by default without any

But you just said that RFC 5082 said not to do that.  I understand what you're getting at, so maybe this will make it clear?:

   That is, the desire to use GTSM (i.e., its
   negotiation mechanics) is enabled by default without any
   configuration, while retaining the spirit of the advice in
   RFC 5082.

(Pete Resnick) No Objection

(Robert Sparks) No Objection

Martin Stiemerling No Objection

(spt) (was Discuss) No Objection