Last Call Review of draft-ietf-ippm-ioam-flags-08
review-ietf-ippm-ioam-flags-08-secdir-lc-eastlake-2022-06-20-00

Request Review of draft-ietf-ippm-ioam-flags
Requested revision No specific revision (document currently at 10)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2022-06-14
Requested 2022-05-31
Authors Tal Mizrahi , Frank Brockners , Shwetha Bhandari , Barak Gafni , Mickey Spiegel
I-D last updated 2022-06-20
Completed reviews Secdir Early review of -06 by Donald E. Eastlake 3rd (diff)
Tsvart Early review of -06 by Dr. Bernard D. Aboba (diff)
Genart Last Call review of -08 by Paul Kyzivat (diff)
Secdir Last Call review of -08 by Donald E. Eastlake 3rd (diff)
Intdir Telechat review of -09 by Pascal Thubert (diff)
Assignment Reviewer Donald E. Eastlake 3rd
State Completed
Request Last Call review on draft-ietf-ippm-ioam-flags by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/pBFMKBGTtUIemV6qknWaqL8zVGQ
Reviewed revision 08 (document currently at 10)
Result Has nits
Completed 2022-06-15
review-ietf-ippm-ioam-flags-08-secdir-lc-eastlake-2022-06-20-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG..  Document editors and WG chairs should treat these comments
just like any other last call comments.

The summary of the review is Ready with nits.

I previously reviewed -06 and almost all of my suggestions then were
adopted. :-)

Security:

I believe that the theme of the Security Considerations section, that
possible use of the IOAM flags specified in this document could be
used in amplification attacks, is correct and that the Security
Considerations section adequately explores this topic.

Minor:

In Section 2.2, Terminology: Suggest adding, for OAM, a reference to RFC
6291 "Guidelines for the Use of the "OAM" Acronym in the IETF".

Section 4.1, 1st paragraph, 2nd sentence: I think "i.e." (which mean "id
est" or "that is") should be "e.g." (which means "exempli gratia" or "for
example") because I think there are reasons for on-demand use of IOAM
Loopback other than failure detection.

Section 4.1, last paragraph, 1st sentence: "with the Loopback flag" ->
"with the Loopback flag set to 1".

Section 4.1.1, last sentence of 3rd paragraph: "If there is no prior
knowledge about the network topology or size, it is recommended to use
N>100." -> "It is RECOMMENDED that N > 10*M or, if there is no knowledge of
network topology or size, N > 100."

Section 5, 2nd paragraph: "must terminate" -> "MUST terminate".

Miscellaneous:

Section 4.1.1, last paragraph: "guaranteed" is impossible to enforce.
Suggest making this a little weaker such as: "if it is not guaranteed that"
-> "unless".

Editorial:

Section 4.2, 2nd paragraph: "The looped back data rate SHOULD NOT exceed
1/N of the interface capacity on any of the IOAM node's interfaces.  It is
recommended to use N>100." -> "The looped back data rate SHOULD NOT exceed
one percent of the interface capacity on any of the IOAM node's interfaces."

Section 4.4, 1st paragraph: "and processed accordingly." -> "and the packet
is processed accordingly."

Section 5, 1st sentence after Figure 2: I don't think the whole draft
focuses on active measurement. Perhaps "This draft focuses ..." -> "This
section focuses ..."

Section 5, 3rd bullet point: Fix up confusing wording. "A selected data
packet that is replicated, and its (possibly truncated) copy is forwarded
with one or more IOAM option," -> "A selected data packet is replicated and
its (possibly truncated) copy is forwarded with one or more IOAM options,".

Section 5, last paragraph: Could make a similar "one percent" change as
suggested above.

Section 6, 1st sentence: Too many "follow"s. Either delete "the following"
or delete "as follows".


That's it.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com