Last Call Review of draft-ietf-dtn-bpv7-admin-iana-03
review-ietf-dtn-bpv7-admin-iana-03-secdir-lc-orman-2024-08-31-00
Request | Review of | draft-ietf-dtn-bpv7-admin-iana |
---|---|---|
Requested revision | No specific revision (document currently at 04) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2024-09-01 | |
Requested | 2024-08-18 | |
Authors | Brian Sipos | |
I-D last updated | 2024-08-31 | |
Completed reviews |
Artart Last Call review of -03
by Barry Leiba
(diff)
Genart Last Call review of -03 by Gyan Mishra (diff) Opsdir Last Call review of -03 by Gyan Mishra (diff) Secdir Last Call review of -03 by Hilarie Orman (diff) |
|
Assignment | Reviewer | Hilarie Orman |
State | Completed | |
Request | Last Call review on draft-ietf-dtn-bpv7-admin-iana by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/X7JYF1srV4wp1nUK8G8mFPUwKyI | |
Reviewed revision | 03 (document currently at 04) | |
Result | Ready | |
Completed | 2024-08-31 |
review-ietf-dtn-bpv7-admin-iana-03-secdir-lc-orman-2024-08-31-00
Do not be alarmed. I generated this review of this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written with the intent of improving security requirements and considerations in IETF drafts. Comments not addressed in last call may be included in AD reviews during the IESG review. Document editors and WG chairs should treat these comments just like any other last call comments. The document states " The earlier Bundle Protocol (BP) Version 6 (BPv6) defined an IANA sub-registry for Administrative Record type code points under [IANA-BP]. When Bundle Protocol Version 7 (BPv7) was published in [RFC9171] it identified the IANA sub-registry for Administrative Record types but did not update the table to be explicit about which entries applied to which Bundle Protocol version(s). The BPv7 specification also did not discriminate between code point reservations and unassigned ranges for Administrative Record types. This document updates BPv7 to explicitly use the IANA Administrative Record type registry in Section 2. This document makes a reservation of the zero value for consistency with BPv6. This document also makes a reservation of high-valued code points for private or experimental use to avoid collisions with assigned code points." Later, "The code point allocated in Annex D of [CCSDS-BP] was never added to the IANA registry. To avoid a collision, this document adds that allocation to the registry." In Section 2, there this entry: +-----------------+------------+------------------+-----------------+ | 6 | 4 | Aggregate | [CCSDS-BP] | | | | Custody Signal | | +-----------------+------------+------------------+-----------------+ which seems in direct conflict with RFC9171: +-----------------+---------+-------------------------+-----------+ | 6 | 4 | Payload Confidentiality | [RFC6257] | | | | Block | | +-----------------+---------+-------------------------+-----------+ which seems to be a collision. Also, there are so many deletions for BPv6 in this new version of the table that I feel that I do not understand its purpose. Presumably there is some legitimate reason for the apparent collision. Maybe it could be clarified. I don't see security implications of the changes in the record types. Hilarie