Skip to main content

Last Call Review of draft-ietf-ippm-alt-mark-13
review-ietf-ippm-alt-mark-13-secdir-lc-yu-2017-10-26-00

Request Review of draft-ietf-ippm-alt-mark
Requested revision No specific revision (document currently at 14)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2017-09-27
Requested 2017-09-13
Requested by Spencer Dawkins
Authors Giuseppe Fioccola , Alessandro Capello , Mauro Cociglio , Luca Castaldelli , Mach Chen , Lianshu Zheng , Greg Mirsky , Tal Mizrahi
I-D last updated 2017-10-26
Completed reviews Secdir Last Call review of -13 by Taylor Yu (diff)
Genart Last Call review of -10 by Linda Dunbar (diff)
Intdir Last Call review of -10 by Brian Haberman (diff)
Opsdir Last Call review of -12 by Éric Vyncke (diff)
Rtgdir Last Call review of -10 by Russ White (diff)
Genart Telechat review of -12 by Linda Dunbar (diff)
Genart Telechat review of -13 by Linda Dunbar (diff)
Opsdir Telechat review of -13 by Éric Vyncke (diff)
Comments
These are the reviews requested by the document shepherd.
Assignment Reviewer Taylor Yu
State Completed
Request Last Call review on draft-ietf-ippm-alt-mark by Security Area Directorate Assigned
Reviewed revision 13 (document currently at 14)
Result Ready
Completed 2017-10-26
review-ietf-ippm-alt-mark-13-secdir-lc-yu-2017-10-26-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

The summary of the review is Ready.

The Security Considerations section seems reasonable.  I mostly agree
that

  "The privacy concerns of network measurement are limited because the
   method only relies on information contained in the IP header without
   any release of user data."

I would add that although information in the IP header is metadata that
can be used to compromise the privacy of users, the limited marking
technique in this document seems unlikely to substantially increase the
existing privacy risks from IP header metadata.  I also think it's
reasonable to consider this detail to be already addressed by the
wording "privacy concerns... are limited".

It might be theoretically possible to modulate the marking to serve as a
covert channel, but I think it would have a very low data rate if it is
to avoid adversely affecting the measurement systems that monitor the
marking.  It's probably not worth mentioning this possibility in the
document.

Best regards,

-Taylor