Last Call Review of draft-ietf-lsvr-applicability-21
review-ietf-lsvr-applicability-21-secdir-lc-sheffer-2025-01-19-00
Request | Review of | draft-ietf-lsvr-applicability |
---|---|---|
Requested revision | No specific revision (document currently at 22) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2025-01-06 | |
Requested | 2024-12-11 | |
Requested by | Jim Guichard | |
Authors | Keyur Patel , Acee Lindem , Shawn Zandi , Gaurav Dawra , Jie Dong | |
I-D last updated | 2025-01-19 | |
Completed reviews |
Opsdir Early review of -09
by Ron Bonica
(diff)
Rtgdir Early review of -09 by Stig Venaas (diff) Rtgdir Last Call review of -16 by Dhruv Dhody (diff) Genart Last Call review of -15 by Mallory Knodel (diff) Secdir Last Call review of -21 by Yaron Sheffer (diff) |
|
Assignment | Reviewer | Yaron Sheffer |
State | Completed | |
Request | Last Call review on draft-ietf-lsvr-applicability by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/daRGtkmz_BEzJ46Z7Gt8oyd2v4A | |
Reviewed revision | 21 (document currently at 22) | |
Result | Ready | |
Completed | 2025-01-19 |
review-ietf-lsvr-applicability-21-secdir-lc-sheffer-2025-01-19-00
I am far from an expert about the subject matter, but a cursory reading leads me to agree with the Security Considerations: This document introduces no new security considerations above and beyond those already specified in the [RFC4271] and [I-D.ietf-lsvr-bgp-spf]. Having said that, the fact that we refer to the security considerations of a 19-year old RFC which had since been updated by 11 other RFCs - and is being used today very differently from when it was first published - is a strong indicator of a problem. At minimum, it is clear to me that no network engineer can be expected to do the research and compile the set of security best practices for their protocol deployment. I would challenge the BGP community (or is it multiple distinct communities?) to come up with modernized security considerations that are relevant to today's BGP ecosystem.