Skip to main content

Telechat Review of draft-ietf-mpls-ldp-hello-crypto-auth-08
review-ietf-mpls-ldp-hello-crypto-auth-08-opsdir-telechat-dunbar-2014-06-11-00

Request Review of draft-ietf-mpls-ldp-hello-crypto-auth
Requested revision No specific revision (document currently at 10)
Type Telechat Review
Team Ops Directorate (opsdir)
Deadline 2014-06-10
Requested 2014-06-11
Authors Lianshu Zheng , Mach Chen , Manav Bhatia
I-D last updated 2014-06-11
Completed reviews Genart Last Call review of -05 by Vijay K. Gurbani (diff)
Secdir Last Call review of -05 by Yaron Sheffer (diff)
Opsdir Telechat review of -08 by Linda Dunbar (diff)
Assignment Reviewer Linda Dunbar
State Completed
Request Telechat review on draft-ietf-mpls-ldp-hello-crypto-auth by Ops Directorate Assigned
Reviewed revision 08 (document currently at 10)
Result Ready
Completed 2014-06-11
review-ietf-mpls-ldp-hello-crypto-auth-08-opsdir-telechat-dunbar-2014-06-11-00

As OpArea Directorate, I was asked to review the
draft-mpls-ldp-hello-crypto-auth-08.

The authors have made good changes to address the comments that I give to
draft-mpls-ldp-hello-crypto-auth-05.



No further comments anymore.



Linda Dunbar









From:

 Linda Dunbar

Sent:

 Friday, May 23, 2014 10:53 AM

To:

 Operations Directorate; 'draft-mpls-ldp-hello-crypto-auth.all at
 tools.ietf.org'; ops-ads at tools.ietf.org

Subject:

 comments to draft-mpls-ldp-hello-crypto-auth-05



As OpArea Directorate, I was asked to review the
draft-mpls-ldp-hello-crypto-auth-05. Here are my comments:



I think the draft is written very clear. The algorithm described is pretty
straight forward. Just a few comments:



Page 3 states that “filtering using access lists requires LSR resource”.  But I
see the authentication process for the proposed Security TLV may consume more
LSR resource.





I suggest having a paragraph to compare the LSR resource consumed by using
access lists with the LSR resource consumed by the proposed Authentication.

Alternatively, change the wording to simply say that “Filtering using access
lists are NOT effective because it can’t prevent IP-address spoofing”.





Linda