Skip to main content

Early Review of draft-ietf-mpls-mna-requirements-13
review-ietf-mpls-mna-requirements-13-secdir-early-harkins-2024-05-02-00

Request Review of draft-ietf-mpls-mna-requirements
Requested revision No specific revision (document currently at 16)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2024-05-06
Requested 2024-04-22
Requested by Jim Guichard
Authors Matthew Bocci , Stewart Bryant , John Drake
I-D last updated 2024-05-02
Completed reviews Rtgdir Early review of -14 by Andrew Alston (diff)
Secdir Early review of -13 by Dan Harkins (diff)
Genart Last Call review of -13 by Susan Hares (diff)
Rtgdir Early review of -12 by Susan Hares (diff)
Rtgdir Early review of -05 by Sasha Vainshtein (diff)
Assignment Reviewer Dan Harkins
State Completed
Request Early review on draft-ietf-mpls-mna-requirements by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/bNA9hm6TFCSZVql8UO5T498a3Mg
Reviewed revision 13 (document currently at 16)
Result Has issues
Completed 2024-05-02
review-ietf-mpls-mna-requirements-13-secdir-early-harkins-2024-05-02-00
   Hello,

   I have reviewed draft-ietf-mpls-mna-requirements-13 as part of
the security directorate's ongoing effort to review all IETF documents
being processed by the IESG. These comments were written primarily
for the benefit of the security area directors. Document editors and
WG chairs should treat these comments just like any other last call
comments.

   The summary of the review is "Ready with Issues". I wanted to
say Not Ready since my issue seems important to me but others
may not see it that way. ADs, take a look.

   The document specifies requirements solutions to use cases that
specify new operations on MPLS packets. All of the requirements
seem correct (with the possible exception of one which I'll get to)
given my general ignorance of MPLS but my issue is that these
operations are called "Network Actions", which make sense, good
name, but the the actions to be performed are indicated by
"Network Action Indicators (NAIs)". These NAIs are to be encoded
according to RFC 3031, which is the MPLS Architecture document.
RFC 3031 does not specify an encoding of a thing called an NAI.
Unfortunately, RFC 4282 does. It defines a "Network Access
Identifier" which is technically different than a "Network Action
Indicator" but I think the naming in this draft unfortunately needs
to be changed. IESG members who make the decision may disagree
but I find it confusing to see acronyms redefined like this and
unfortunately RFC 4282 was there first.

   The requirement I had a problem with was 38: "NAIs MUST be
allocated through the IANA process specified in the MNA solution
specification." If you're going to define some thing in a draft
(even if you give it a new name) and require IANA to allocate them
then you should have create a registry for these things. Making
the solution documents allocate their own registries for these
things seems wrong, IMHO.

   Also, requirement 28 says, "Pint-to-Point (P2P)"-- cheers!--
should be "Point-to-Point (P2P).

   regards,

   Dan.

-- 
"The object of life is not to be on the side of the majority, but to
escape finding oneself in the ranks of the insane." -- Marcus Aurelius