Skip to main content

Last Call Review of draft-ietf-6lo-multicast-registration-16
review-ietf-6lo-multicast-registration-16-secdir-lc-kelly-2024-03-30-00

Request Review of draft-ietf-6lo-multicast-registration
Requested revision No specific revision (document currently at 19)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2024-03-05
Requested 2024-02-20
Authors Pascal Thubert
I-D last updated 2024-03-30
Completed reviews Intdir Telechat review of -18 by Dirk Von Hugo (diff)
Secdir Telechat review of -18 by Scott G. Kelly (diff)
Secdir Last Call review of -16 by Scott G. Kelly (diff)
Genart Last Call review of -16 by Dan Romascanu (diff)
Tsvart Last Call review of -16 by Kyle Rose (diff)
Assignment Reviewer Scott G. Kelly
State Completed
Request Last Call review on draft-ietf-6lo-multicast-registration by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/nKRtF4YIesEy-oxZzSBLAzQr0xY
Reviewed revision 16 (document currently at 19)
Result Has nits
Completed 2024-03-30
review-ietf-6lo-multicast-registration-16-secdir-lc-kelly-2024-03-30-00
I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors. Document
editors and WG chairs should treat these comments just like any other last call
comments.

From the introduction, “This specification Extends [RFC8505] and [RFC9010] to
add the capability for the 6LN to subscribe anycast and multicast addresses and
for the 6LR to inject them in RPL when appropriate.”

I want to start by saying that I have little experience with the protocols
described in 8505 and 9010; I’d suggest that the AD have my security-related
comments double-checked with someone who has both security expertise and
expertise in these protocols.

As a general comment, it took me several passes to make sense of the
introduction. It seems to aim toward explaining the gaps motivating this RFC,
along with the building blocks this document uses to fill those gaps. It might
help readers to explain this from the outset, and to explicitly call out which
is which. There are still some paragraphs/sentences there whose purpose I don’t
understand.

For the security considerations, I have 2 suggestions: first, it currently
calls out the “security section” of RFC 8505. Shouldn’t it also call out the
security considerations of RFC 9010? Second (and I’m not sure about this), does
this extension potentially permit any new bad behavior (distinct from 8505 and
9010) that should be called out? I don’t understand the protocol nuances well
enough to say, but I’d have felt more certain if it said so explicitly.