Telechat Review of draft-ietf-anima-prefix-management-06
review-ietf-anima-prefix-management-06-secdir-telechat-meadows-2017-12-09-00
| Request | Review of | draft-ietf-anima-prefix-management |
|---|---|---|
| Requested revision | No specific revision (document currently at 07) | |
| Type | Telechat Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2017-12-12 | |
| Requested | 2017-11-12 | |
| Authors | Sheng Jiang , Zongpeng Du , Brian E. Carpenter , Qiong Sun | |
| I-D last updated | 2017-12-09 | |
| Completed reviews |
Genart Last Call review of -05
by Dan Romascanu
(diff)
Rtgdir Last Call review of -05 by Geoff Huston (diff) Opsdir Last Call review of -06 by Fred Baker (diff) Secdir Last Call review of -05 by Russ Housley (diff) Secdir Telechat review of -06 by Catherine Meadows (diff) Genart Telechat review of -06 by Dan Romascanu (diff) |
|
| Assignment | Reviewer | Catherine Meadows |
| State | Completed | |
| Request | Telechat review on draft-ietf-anima-prefix-management by Security Area Directorate Assigned | |
| Reviewed revision | 06 (document currently at 07) | |
| Result | Ready | |
| Completed | 2017-12-09 |
review-ietf-anima-prefix-management-06-secdir-telechat-meadows-2017-12-09-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments This informational draft describes two autonomic technical objectives for IPV6 prefix management in large-scale networks, with an extension to support IPV4 prefixes. The focus is mainly on edge nodes, since it is assumed that the network’s main infrastructure elements already have addresses and prefixes. The main purpose of the document is to be used for the validation of the (GeneRic Autonomic Signaling Protocol) GRASP in draft-ietf-anima-grasp-15 and other components of the autonomic networking infrastructure described in draft-ietf-anima-reference-model-04. The technical objectives have to do with efficient and correct distribution of prefixes with minimum amount of human involvement. GRASP itself is a generic protocol that enables autonomic nodes to dynamically discover peers, to synchronize state with each other,and to negotiate parameter settings with each other. The application described in draft-ietf-anima-prefix-management-06 clearly falls within the intended application of GRASP. The Security Considerations Section secdir review of draft-ietf-anima-prefix-management-06 reads as follows: Relevant security issues are discussed in [I-D.ietf-anima-grasp].The preferred security model is that devices are trusted following the secure bootstrap procedure [I-D.ietf-anima-bootstrapping-keyinfra] and that a secure AutonomicControl Plane (ACP) [I-D.ietf-anima-autonomic-control-plane] is in place. I’ve taken a look at draft-ietf-anima-grasp-15 and it provides an extensive security considerations section that covers the security issues involved in using it. I do not see that draft-ietf-anima-prefix-management-06 introduces any new issues. Draft-ietf-anima-prefix-management-06 is somewhat unusual in that the documents that it references in the Security Considerations Section are themselves drafts, not RFCs. So it is possible (although I do not think very likely) that changes in the referenced drafts could have an effect on the security considerations of draft-ietf-anima-prefix-management-06. Leaving that concern aside, I consider this document Ready. Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows@nrl.navy.mil <mailto:catherine.meadows@nrl.navy.mil>