Last Call Review of draft-ietf-opsawg-coman-probstate-reqs-03
review-ietf-opsawg-coman-probstate-reqs-03-secdir-lc-melnikov-2015-03-02-00
| Request | Review of | draft-ietf-opsawg-coman-probstate-reqs |
|---|---|---|
| Requested revision | No specific revision (document currently at 05) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2015-02-17 | |
| Requested | 2015-01-02 | |
| Authors | Mehmet Ersue , Dan Romascanu , Jürgen Schönwälder , Ulrich Herberg | |
| I-D last updated | 2015-03-02 | |
| Completed reviews |
Genart Last Call review of -03
by Joel M. Halpern
(diff)
Secdir Last Call review of -03 by Alexey Melnikov (diff) Opsdir Last Call review of -03 by Kiran K. Chittimaneni (diff) |
|
| Assignment | Reviewer | Alexey Melnikov |
| State | Completed | |
| Request | Last Call review on draft-ietf-opsawg-coman-probstate-reqs by Security Area Directorate Assigned | |
| Reviewed revision | 03 (document currently at 05) | |
| Completed | 2015-03-02 |
review-ietf-opsawg-coman-probstate-reqs-03-secdir-lc-melnikov-2015-03-02-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: not sure, see below I am agreeing with RAI ADs that it is not exactly clear what is the value in publishing this document. I am also very curious to see some design that can satisfy all of these requirements (which are frequently contradictive). Having said that, I liked the introduction (problem statement) part of the document. Security considerations seem to be covered, but as per above, I have hard time figuring out if a system that satisfy them is actually feasible. In particular I am interested in knowing how devices can satisfy the following requirements: Support suitable security bootstrapping mechanisms Self-configuration capability Self-management - Self-healing Recovery in presence of hostile agents on a network of constraint devices.