Early Review of draft-ietf-bmwg-ngfw-performance-00
review-ietf-bmwg-ngfw-performance-00-secdir-early-moriarty-2019-07-08-00
| Request | Review of | draft-ietf-bmwg-ngfw-performance-00 |
|---|---|---|
| Requested revision | 00 (document currently at 15) | |
| Type | Early Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2019-04-08 | |
| Requested | 2019-03-18 | |
| Requested by | Al Morton | |
| Authors | Balamuhunthan Balarajah , Carsten Rossenhoevel , Brian Monkman | |
| I-D last updated | 2019-07-08 | |
| Completed reviews |
Secdir Early review of -00
by Kathleen Moriarty
(diff)
Tsvart Last Call review of -12 by Tommy Pauly (diff) Tsvart Telechat review of -13 by Tommy Pauly (diff) Iotdir Telechat review of -13 by Toerless Eckert (diff) Genart Telechat review of -13 by Matt Joras (diff) Tsvart Telechat review of -13 by Tommy Pauly (diff) |
|
| Comments |
This early review request would be ideally assigned to someone who specializes in Firewall design and/or configuration. This is not a request for a typical Security Considerations review: the scope is Lab testing/Benchmarking in an isolated test environment. Please feel free to suggest SEC area WGs where we could cross-post for comments, in addition to this review request. Thanks! Al bmwg co-chair |
|
| Assignment | Reviewer | Kathleen Moriarty |
| State | Completed | |
| Request | Early review on draft-ietf-bmwg-ngfw-performance by Security Area Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/secdir/QBDNlfOjd9jiu55OifS6mKUfTeM | |
| Reviewed revision | 00 (document currently at 15) | |
| Result | Has nits | |
| Completed | 2019-07-08 |
review-ietf-bmwg-ngfw-performance-00-secdir-early-moriarty-2019-07-08-00
Thank you for your work on draft-ietf-bmwg-ngfw-performance. This is a straightforward review establishing metrics for comparison of SUT/DUT for firewalls establishing measurement requirements as well as acceptance criteria. When crypto is recommended for use in testing, it's current, although it should be noted that this is just for test environments. In terms of security, I think this document is ready with nits. Please add a security considerations section. Feel free to include something like what's above. Section 4.1: Nit Spell out Device under test/system under test on first use. I don't think it comes up that often in the IESG review cycle. I had to look it up and my memory was jogged. Sorry for my late 'early' review!