Skip to main content

Last Call Review of draft-ietf-6man-pio-pflag-09
review-ietf-6man-pio-pflag-09-secdir-lc-schwartz-2024-09-09-00

Request Review of draft-ietf-6man-pio-pflag
Requested revision No specific revision (document currently at 10)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2024-09-09
Requested 2024-08-26
Authors Lorenzo Colitti , Jen Linkova , Xiao Ma , David Lamparter
I-D last updated 2024-09-09
Completed reviews Secdir Last Call review of -09 by Benjamin M. Schwartz (diff)
Genart Last Call review of -09 by Susan Hares (diff)
Iotdir Telechat review of -10 by Erik Nordmark
Intdir Telechat review of -09 by Dirk Von Hugo (diff)
Assignment Reviewer Benjamin M. Schwartz
State Completed
Request Last Call review on draft-ietf-6man-pio-pflag by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/UGgXoKDoj5N5O2lYI_wcOuvgpOI
Reviewed revision 09 (document currently at 10)
Result Ready
Completed 2024-09-09
review-ietf-6man-pio-pflag-09-secdir-lc-schwartz-2024-09-09-00
Security Issues:

The security section is, if anything, too detailed, as it describes attacks
that are not meaningful to the security of the system.  I would shorten this
section.

The privacy considerations are important and are described appropriately.  It
might be worth adding a note that privacy-conscious clients should consider not
implementing this specification.

Other topics:

I was not able to see why prefix requests "MUST" be short enough for SLAAC. 
Why would a host perform SLAAC within its own exclusively allocated prefix?  If
the host is acting as a router for a network containing SLAAC clients, it can
request a larger prefix, but why is this mandatory for all hosts?