Last Call Review of draft-ietf-babel-dtls-06
review-ietf-babel-dtls-06-rtgdir-lc-rogge-2019-07-05-00
Request | Review of | draft-ietf-babel-dtls |
---|---|---|
Requested revision | No specific revision (document currently at 10) | |
Type | Last Call Review | |
Team | Routing Area Directorate (rtgdir) | |
Deadline | 2019-07-05 | |
Requested | 2019-06-20 | |
Requested by | Martin Vigoureux | |
Authors | Antonin Décimo , David Schinazi , Juliusz Chroboczek | |
I-D last updated | 2019-07-05 | |
Completed reviews |
Rtgdir Early review of -00
by Tony Przygienda
(diff)
Secdir Early review of -03 by Sean Turner (diff) Rtgdir Last Call review of -06 by Henning Rogge (diff) Genart Last Call review of -05 by Dan Romascanu (diff) Secdir Last Call review of -07 by Sean Turner (diff) |
|
Assignment | Reviewer | Henning Rogge |
State | Completed | |
Request | Last Call review on draft-ietf-babel-dtls by Routing Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/rtg-dir/fuvl_TQmvfqxbtq5Qv12qB_ok4M | |
Reviewed revision | 06 (document currently at 10) | |
Result | Has issues | |
Completed | 2019-07-05 |
review-ietf-babel-dtls-06-rtgdir-lc-rogge-2019-07-05-00
//resend to RTG DIR list Hi, I was asked by the Routing Directorate to do a last call review of draft-ietf-babel-dtls-06. I like that the draft is quite short, which is a good thing for a security draft. I have found a few question you can consider to address in the final document. Chapter 2.3: I wonder if using DTLS protected unicast Hellos should be mandatory... using unprotected multicast to determine bidirectional reachability looks like a good way to do a cheap denial of service attack. Chapter 2.5: What happens when a node starts a new DTLS connection and there is already one in the neighbor table? This could both be an attempt to attack Babel, a reboot of a node or just a matter of misconfiguration of two nodes. Chapter 3: Different pairs of nodes could select different ciphers, resulting in different MTUs. I assume this is no problem for Babel (could be mentioned in the chapter). Some of the design decisions of regarding the three questions could be mentioned in chapter 5 (Security Implications). Henning Rogge