Last Call Review of draft-ietf-ippm-twamp-value-added-octets-
review-ietf-ippm-twamp-value-added-octets-secdir-lc-barnes-2012-07-05-00

Request Review of draft-ietf-ippm-twamp-value-added-octets
Requested rev. no specific revision (document currently at 09)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2012-07-17
Requested 2012-06-19
Authors Steve Baillargeon, Christofer Flinta, Andreas Johnsson
Draft last updated 2012-07-05
Completed reviews Genart Last Call review of -?? by Peter Yee
Genart Telechat review of -?? by Peter Yee
Secdir Last Call review of -?? by Richard Barnes
Assignment Reviewer Richard Barnes
State Completed
Review review-ietf-ippm-twamp-value-added-octets-secdir-lc-barnes-2012-07-05
Review result Ready
Review completed: 2012-07-05

Review
review-ietf-ippm-twamp-value-added-octets-secdir-lc-barnes-2012-07-05

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

This document defines "value-added" octets that can cause TWAMP peers to enable some additional services, for example, multiplexing multiple TWAMP measurements into a single session.  These value-added octets are inserted into the packet as padding octets, so that an unaware host will simply ignore them.  Thus, the major new risk (relative to TWAMP) is that some of the additional features require more buffering than normal TWAMP, and can thus lead to DOS if not constrained. The Security Considerations section correctly notes this risk; it would be helpful if it included a little more detail on how the DOS conditions could arise.

--Richard