Last Call Review of draft-ietf-dime-agent-overload-08
review-ietf-dime-agent-overload-08-secdir-lc-ladd-2017-01-19-00
| Request | Review of | draft-ietf-dime-agent-overload |
|---|---|---|
| Requested revision | No specific revision (document currently at 11) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2017-01-23 | |
| Requested | 2017-01-09 | |
| Authors | Steve Donovan | |
| I-D last updated | 2017-01-19 | |
| Completed reviews |
Opsdir Last Call review of -08
by Will (Shucheng) LIU
(diff)
Secdir Last Call review of -08 by Watson Ladd (diff) Secdir Last Call review of -09 by Ólafur Guðmundsson (diff) Genart Telechat review of -10 by Fernando Gont (diff) |
|
| Assignment | Reviewer | Watson Ladd |
| State | Completed | |
| Request | Last Call review on draft-ietf-dime-agent-overload by Security Area Directorate Assigned | |
| Reviewed revision | 08 (document currently at 11) | |
| Result | Has nits | |
| Completed | 2017-01-19 |
review-ietf-dime-agent-overload-08-secdir-lc-ladd-2017-01-19-00
I have reviewed this as part of the SECDIR effort to review all documents. I believe it is ready with nits. I am concerned that this document doesn't adequately address the consequences of malicious insertion of overload reports. While I am not an expert on Diameter (and in particular what kinds of authentication are used), merely noting that a malicious report can have negative consequences is not enough. Mechanisms should be defined to prevent this, such as authenticating all connections and ensuring that reports only apply to the nodes that send them. The fact that Diameter connections are authenticated may or may not be enough. Sincerely, Watson Ladd