Last Call Review of draft-ietf-ipfix-psamp-mib-
I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These
comments were written primarily for the benefit of the security area
directors. Document editors and WG chairs should treat these comments just
like any other last call comments.
This document describes an extension to the IPFIX MIB module to support PSAMP (sampled) implementations.
The Security Considerations section is present and well written. There are no R/W objects and so the primary concern is disclosure of device / configuration information. The draft provides good suggestions to limit this (e.g. IPSec, SNMPv3) -- these same concerns (and mitigations) exist for other MIBs. While the information in this MIB *could* be valuable to an attacker (to allow him try avoid having *his* packets sampled) I think that other MIBs would be a much larger target.
I did not check the MIB itself for syntax, lint, etc.