Skip to main content

Last Call Review of draft-ietf-forces-packet-parallelization-02
review-ietf-forces-packet-parallelization-02-secdir-lc-nystrom-2014-10-02-00

Request Review of draft-ietf-forces-packet-parallelization
Requested revision No specific revision (document currently at 03)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2014-09-29
Requested 2014-09-18
Authors Evangelos Haleplidis , Joel M. Halpern
Draft last updated 2014-10-02
Completed reviews Genart Last Call review of -02 by Francis Dupont (diff)
Secdir Last Call review of -02 by Magnus Nystrom (diff)
Assignment Reviewer Magnus Nystrom
State Completed
Review review-ietf-forces-packet-parallelization-02-secdir-lc-nystrom-2014-10-02
Reviewed revision 02 (document currently at 03)
Result Has Issues
Completed 2014-10-02
review-ietf-forces-packet-parallelization-02-secdir-lc-nystrom-2014-10-02-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the

IESG

.
 These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.



This document describes how ForCES can model a network device's
   parallelization datapath to support parallel packet processing in the ForCES
   model. The document is intended to be published as an Experimental RFC.

Since the document does not change the ForCES model or the ForCES protocol, I
agree with the Security Consideration section's statement that there's no
impact on the security considerations for them. However, the document then goes
on to state "However as parallezation
   [sic] tasks have security issues, a designer or an implementer must take
   into account any security considerations that regards packet
   parallelization." I don't know specifically what such security issues are in
   the context of parallel ForCES packet processing, and it seems that it would
   be good to include at least some example of them and how implementers should
   take them into account.

-- Magnus