Last Call Review of draft-ietf-isis-sbfd-discriminator-02
review-ietf-isis-sbfd-discriminator-02-secdir-lc-yu-2015-11-19-00

Request Review of draft-ietf-isis-sbfd-discriminator
Requested rev. no specific revision
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2015-11-16
Requested 2015-11-05
Other Reviews Opsdir Last Call review of -02 by Menachem Dodge
Opsdir Last Call review of -02 by Nevil Brownlee
Review State Completed
Reviewer Taylor Yu
Review review-ietf-isis-sbfd-discriminator-02-secdir-lc-yu-2015-11-19
Posted at https://www.ietf.org/mail-archive/web/secdir/current/msg06189.html
Reviewed rev. 02
Review result Has Nits
Draft last updated 2015-11-19
Review completed: 2015-11-19

Review
review-ietf-isis-sbfd-discriminator-02-secdir-lc-yu-2015-11-19

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

Summary: ready with nits

I agree with the first paragraph of the Security Considerations, in that
I think it's unlikely that this document introduces security risks for
IS-IS, which as I understand it, effectively transports the proposed
S-BFD discriminators as an uninterpreted opaque payload.

The second paragraph

   Advertisement of the S-BFD discriminators does make it possible for
   attackers to initiate S-BFD sessions using the advertised
   information.  The vulnerabilities this poses and how to mitigate them
   are discussed in the Security Considerations section of [S-BFD].

refers to the Security Considerations of the [S-BFD] base document.  The
[S-BFD] Security Considerations describe some strengthening practices,
but doesn't seem to describe the vulnerabilities in significant detail.
[S-BFD] Security Considerations seems to describe an attack where
someone impersonates the responder, but not one where someone
impersonates an initiator.

Other sections of [S-BFD] might imply the existence of this sort of
vulnerability, but the Security considerations seems not to mention it
explicitly.  I'm not sure whether it's best to leave things alone,
revise this document, or revise [S-BFD].

-Tom