Telechat Review of draft-ietf-lisp-alt-
review-ietf-lisp-alt-secdir-telechat-meadows-2011-12-04-00
| Request | Review of | draft-ietf-lisp-alt |
|---|---|---|
| Requested revision | No specific revision (document currently at 10) | |
| Type | Telechat Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2011-11-29 | |
| Requested | 2011-11-15 | |
| Authors | Vince Fuller , Dino Farinacci , David Meyer , Darrel Lewis | |
| Draft last updated | 2011-12-04 | |
| Completed reviews |
Genart Telechat review of -??
by
Suresh Krishnan
Secdir Telechat review of -?? by Catherine Meadows |
|
| Assignment | Reviewer | Catherine Meadows |
| State | Completed | |
| Review |
review-ietf-lisp-alt-secdir-telechat-meadows-2011-12-04
|
|
| Completed | 2011-12-04 |
review-ietf-lisp-alt-secdir-telechat-meadows-2011-12-04-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes a distributed index system to be used by the Locator/ID Separation Protocol (LISP) Ingress Tunnel Router (ITR) or Map Resolver (MR) to find the Egress Tunnel Router (ETR) which holds the mapping information for a particular Endpoint Identifier (EID). The ITR or MR can then query the ETR to get the information it needs. This index, or Alternate Logical Topology, is built as an overlay network on the Internet using the Border Gateway Protocol (BGP) and the Generic Routing Encapsulation (GRE). Since LISP+ALT relies on BGP, the authors correctly point out that that it shares many of the security characteristics of BGP. They should be commended, however, for not merely pointing to the BGP document, but also addressing any new vulnerabilities that could arise from using LISP+ALT. These are mainly potential denial-of-service attacks, for which suggested countermeasures are included. Another is the possibility that EID-prefixes would be more vulnerable to leakage since they will be more widely propagated out to the global network. The authors point out that addressing this problem requires more strict prefix filtering and authentication on the global routing system. The authors also discuss, in a final paragraph (10.3), the potential use of emerging BGP security mechanisms that would provide this authentication. All in all, I think this is a very thorough and well-though-out discussion of the security considerations. My only suggestion would be to include a forward reference to paragraph 10.3 in the discussion of prefix leakage. Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows at nrl.navy.mil