Last Call Review of draft-ietf-pce-p2mp-app-
review-ietf-pce-p2mp-app-secdir-lc-weis-2009-06-16-00
| Request | Review of | draft-ietf-pce-p2mp-app |
|---|---|---|
| Requested revision | No specific revision (document currently at 02) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2009-06-16 | |
| Requested | 2009-04-16 | |
| Authors | Adrian Farrel , Seisho Yasukawa | |
| I-D last updated | 2009-06-16 | |
| Completed reviews |
Secdir Last Call review of -??
by Brian Weis
|
|
| Assignment | Reviewer | Brian Weis |
| State | Completed | |
| Request | Last Call review on draft-ietf-pce-p2mp-app by Security Area Directorate Assigned | |
| Completed | 2009-06-16 |
review-ietf-pce-p2mp-app-secdir-lc-weis-2009-06-16-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This Informational document describes how the Path Computation Element (PCE)-based architecture defined in RFC 4655 can support point-to- multipoint label switched paths. A PCE is a device that computes the path of Traffic Engineered Label Switched Paths (TE LSPs) within Multiprotocol Label Switching (MPLS) and Generalized MPLS (GMPLS) networks. A PCE-based architecture is generally used to offload path computation processing from Label Switching Routers (LSRs). This document does not substantially change the architecture described in RFC 4655. The Security Considerations section states that this document does not raise any additional security issues beyond those that generally apply to the PCE architecture, and I believe that is generally true. However, I do have one minor suggestion for the authors: The "Note" in the Security Considerations section points out that P2MP computation is CPU-intensive, and posits that an attacker injecting spurious P2MP path computation requests may be more successful than if the attacker injected P2P computation requests. Since you brought up the attack, it would be worth noting that the use of a message integrity mechanism by a PCE protocol should be used to mitigate attacks from devices that are not authorized to send requests to the PCE device. I hesitate to be more specific because the document does not describe a particular PCE protocol. Brian -- Brian Weis Router/Switch Security Group, ARTG, Cisco Systems Telephone: +1 408 526 4796 Email: bew at cisco.com