Early Review of draft-ietf-ippm-ioam-direct-export-07
review-ietf-ippm-ioam-direct-export-07-secdir-early-farrell-2022-05-19-00
Request | Review of | draft-ietf-ippm-ioam-direct-export |
---|---|---|
Requested revision | No specific revision (document currently at 11) | |
Type | Early Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2021-09-15 | |
Requested | 2021-08-30 | |
Requested by | Tommy Pauly | |
Authors | Haoyu Song , Barak Gafni , Frank Brockners , Shwetha Bhandari , Tal Mizrahi | |
I-D last updated | 2022-05-19 | |
Completed reviews |
Secdir Early review of -07
by Stephen Farrell
(diff)
Tsvart Early review of -06 by Colin Perkins (diff) Opsdir Last Call review of -08 by Linda Dunbar (diff) Genart Last Call review of -08 by Meral Shirazipour (diff) Intdir Telechat review of -09 by Bernie Volz (diff) Opsdir Telechat review of -09 by Linda Dunbar (diff) |
|
Comments |
Please review this document, specifically for security considerations around amplification attacks or similar concerns. |
|
Assignment | Reviewer | Stephen Farrell |
State | Completed | |
Request | Early review on draft-ietf-ippm-ioam-direct-export by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/2Ye7aR3CiVUZTZXFLxE25cHISfU | |
Reviewed revision | 07 (document currently at 11) | |
Result | Has issues | |
Completed | 2022-05-19 |
review-ietf-ippm-ioam-direct-export-07-secdir-early-farrell-2022-05-19-00
First, apologies for the dramatically late review. I hope this is still useful. I think there are two issues worth considering: 1. The DEX scheme seems to create a potential for DoS based on storage whereas I think prevously only DoS vectors related to traffic were documented in the IAOM drafts. That's based on a quick scan though so I may have missed it being considered. 2. I see no mention at all of privacy in this draft nor in draft-ietf-ippm-ioam-data - I don't understand why that's ok given that privacy leaks from the kind of metadata collected here can be subtle? Or maybe that's in some other draft?