Last Call Review of draft-ietf-mpls-mna-usecases-12
review-ietf-mpls-mna-usecases-12-secdir-lc-sheffer-2024-09-13-00

Request Review of draft-ietf-mpls-mna-usecases
Requested revision No specific revision (document currently at 15)
Type IETF Last Call Review
Team Security Area Directorate (secdir)
Deadline 2024-10-08
Requested 2024-08-28
Requested by Jim Guichard
Authors Tarek Saad , Kiran Makhijani , Haoyu Song , Greg Mirsky
I-D last updated 2025-07-10 (Latest revision 2024-09-23)
Completed reviews Rtgdir Early review of -04 by Dhruv Dhody (diff)
Genart IETF Last Call review of -11 by Vijay K. Gurbani (diff)
Opsdir IETF Last Call review of -15 by Linda Dunbar
Rtgdir IETF Last Call review of -11 by Bruno Decraene (diff)
Secdir IETF Last Call review of -12 by Yaron Sheffer (diff)
Secdir Telechat review of -14 by Yaron Sheffer (diff)
Assignment Reviewer Yaron Sheffer
State Completed
Request IETF Last Call review on draft-ietf-mpls-mna-usecases by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/ydrmzvjCI9HWc1UT-ieTiF3FGd4
Reviewed revision 12 (document currently at 15)
Result Has issues
Completed 2024-09-13
review-ietf-mpls-mna-usecases-12-secdir-lc-sheffer-2024-09-13-00
This document reviews multiple use cases for a new extension to MPLS, Network
Action Indicators.

The entirety of the Security Considerations section reads:

This document introduces no new security considerations.

I am not convinced, and I think an explanation is needed on why MNA are more or
less susceptible to attacks than the way these use cases are signaled today.
That *could* lead to discussion of new security controls.

Specifically I would recommend to address the more difficult migration and
coexistence scenarios listed in Sections 3 and 4.

In fact, even a reference to
https://www.ietf.org/archive/id/draft-ietf-mpls-mna-fwk-10.html#name-security-considerations
may do the job, assuming the authors believe the Security Considerations over
in that document cover the use cases listed here.