Last Call Review of draft-ietf-mpls-sfc-encapsulation-02
review-ietf-mpls-sfc-encapsulation-02-secdir-lc-wouters-2019-02-17-00
| Request | Review of | draft-ietf-mpls-sfc-encapsulation |
|---|---|---|
| Requested revision | No specific revision (document currently at 04) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2019-02-26 | |
| Requested | 2019-02-12 | |
| Authors | Andrew G. Malis , Stewart Bryant , Joel M. Halpern , Wim Henderickx | |
| Draft last updated | 2019-02-17 | |
| Completed reviews |
Rtgdir Last Call review of -02
by
Christian Hopps
(diff)
Opsdir Last Call review of -02 by Carlos Pignataro (diff) Secdir Last Call review of -02 by Paul Wouters (diff) Genart Last Call review of -02 by Meral Shirazipour (diff) |
|
| Assignment | Reviewer | Paul Wouters |
| State | Completed | |
| Review |
review-ietf-mpls-sfc-encapsulation-02-secdir-lc-wouters-2019-02-17
|
|
| Reviewed revision | 02 (document currently at 04) | |
| Result | Ready | |
| Completed | 2019-02-17 |
review-ietf-mpls-sfc-encapsulation-02-secdir-lc-wouters-2019-02-17-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready While I'm not familiar with the Service Function Chaining (SFC) architecture and the Network Service Header (NSH), the Security Considerations in this document seem to be correct in pointing out that: This document simply defines one additional transport encapsulation. The NSH was specially constructed to be agnostic to its transport encapsulation. As as result, in general this additional encapsulation is no more or less secure than carrying the NSH in any other encapsulation.