Last Call Review of draft-ietf-lisp-deployment-08
review-ietf-lisp-deployment-08-secdir-lc-kumari-2013-08-23-00
| Request | Review of | draft-ietf-lisp-deployment |
|---|---|---|
| Requested revision | No specific revision (document currently at 12) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2013-08-27 | |
| Requested | 2013-07-05 | |
| Authors | Lorand Jakab , Albert Cabellos-Aparicio , Florin Coras , Jordi Domingo-Pascual , Darrel Lewis | |
| I-D last updated | 2013-08-23 | |
| Completed reviews |
Genart Last Call review of -08
by Brian E. Carpenter
(diff)
Genart Telechat review of -10 by Brian E. Carpenter (diff) Secdir Last Call review of -08 by Warren "Ace" Kumari (diff) |
|
| Assignment | Reviewer | Warren "Ace" Kumari |
| State | Completed | |
| Request | Last Call review on draft-ietf-lisp-deployment by Security Area Directorate Assigned | |
| Reviewed revision | 08 (document currently at 12) | |
| Result | Has issues | |
| Completed | 2013-08-23 |
review-ietf-lisp-deployment-08-secdir-lc-kumari-2013-08-23-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft describes LISP deployment scenarios. It represents current thinking and is expected to change (I guess be obsoleted / replaced?) as more experience is gained with deployment. Summary: I'm not sure what to do here. The document is very well written, and the authors seem to have taken care to consider the implications of various deployment scenarios. In spite of knowing very little about LISP I found the document to be accessible and easily understood. It clearly lays out the considerations for different deployments, and provides some guidance as to how to select. However, the security considerations section simply says: "Security implications of LISP deployments are to be discussed in separate documents. [I-D.ietf-lisp-threats ] gives an overview of LISP threat models, while securing mapping lookups is discussed in [I-D.ietf-lisp-sec]." This is a deployment document, and so this may be perfectly acceptable; the "separate documents" may completely cover everything. Or not. I am unclear if the authors mean that I-D.ietf-lisp-threats and I-D.ietf-lisp-sec cover all security considerations, or if the implication is that there will be other documents that cover the security implications. http://i.imgur.com/5rTHfRs.jpg Section 2.4. "Inter-Service Provider Traffic Engineering" says: "Failure to follow these recommendations may lead to operational and security issues when deploying this scenario." I think that a (short) explanation of what the security issues are if you don't follow the recommendations would be nice. Nits: Section 4.2: "For more details on P-ETRs see the [RFC6832] draft." -- I think that this could be better worded as "For more details on P-ETRs see [RFC6832]" (think this was written while RFC6832 was still a draft). ID NITs complains about use of RFC2119 language ("It is NOT RECOMMENDED for deployment"), but no RFC2119 reference / boilerplate. I'm scraping the bottom of the barrel here, 'tis well written.. -- It is impossible to sharpen a pencil with a blunt axe. It is equally vain to try to do it with ten blunt axes instead. -- E.W Dijkstra, 1930-2002
