MPLS Transport Profile (MPLS-TP) Security Framework
draft-ietf-mpls-tp-security-framework-09

Note: This ballot was opened for revision 08 and is now closed.

(Stewart Bryant) Yes

(Adrian Farrel) Yes

(Ron Bonica) No Objection

(Gonzalo Camarillo) No Objection

(Benoit Claise) No Objection

Comment (2013-02-20 for -08)
Minor editorial comment

OLD
   Security reference model 1(a) An MPLS-TP network with Single Segment
   Pseudowire (SS-PW) from PE1 to PE2.  The trusted zone is PE1 to PE2
   as illustrated in Figure 1.

NEW
   Security reference model 1(a) 

   An MPLS-TP network with Single Segment
   Pseudowire (SS-PW) from PE1 to PE2.  The trusted zone is PE1 to PE2
   as illustrated in Figure 1.

(Ralph Droms) No Objection

(Wesley Eddy) No Objection

(Stephen Farrell) No Objection

Comment (2013-02-18 for -08)
I guess as an abstract framework there's not much to
critique here, so feel free to take or leave the following
comments.

- I think you're right to focus on the NMS. I'm not sure
if there's any way to validate what's going on from two
independent points on the n/w using different vendor's kit,
but that might be something to consider.

- I think there's a missing threat, which is running
insufficiently audited or even malicious vendor supplied
(i.e. genuine) code on devices. Not all operators seem to
be trusting of all vendors these days. 

- The inside==trusted; outside==there-be-dragons model is
probably less useful than was once the case. Many "inside"
systems end up being compromisable via e.g.  laptops that
get connected in the wrong places or USB sticks etc. While
that ought not happen, it does.  That does call into
question the "full control" statements in section 2 here.
Section 3 does however consider this to an extent.

- The use of isolated infrastructure wasn't that effective
in the face of a determined attacker in e.g. the case of
stuxnet. And that was with an air gap reportedly, whereas
use of "non-IP based communication paths" seems more like
just security by obscurity.

(Brian Haberman) No Objection

(Russ Housley) No Objection

(Barry Leiba) No Objection

Comment (2013-02-12 for -08)
Luyuan Fang handled all my comments during last call, so I have nothing left now.  :-)

(Pete Resnick) No Objection

(Robert Sparks) No Objection

(Martin Stiemerling) No Objection

(Sean Turner) No Objection

Comment (2013-02-20 for -08)
1) s4: Contains the following:

   Authentication includes entity authentication for
   identity verification, encryption for confidentiality, management
   system authentication, peer-to-peer authentication, ...

Now my head is full of cough medicine but does authentication really include encryption for confidentiality?  Should that bit be struck from the sentence?

2) s4: r/authentication,the/authentication, the

3) For what it's worth I agree with Stephen's comments.