Skip to main content

Telechat Review of draft-ietf-pce-pcep-exp-codepoints-04
review-ietf-pce-pcep-exp-codepoints-04-secdir-telechat-yu-2018-01-11-00

Request Review of draft-ietf-pce-pcep-exp-codepoints
Requested revision No specific revision (document currently at 05)
Type Telechat Review
Team Security Area Directorate (secdir)
Deadline 2018-01-09
Requested 2017-12-14
Authors Dhruv Dhody , Daniel King , Adrian Farrel
I-D last updated 2018-01-11
Completed reviews Rtgdir Last Call review of -04 by Ben Niven-Jenkins (diff)
Opsdir Last Call review of -04 by Scott O. Bradner (diff)
Genart Last Call review of -04 by Brian E. Carpenter (diff)
Secdir Telechat review of -04 by Taylor Yu (diff)
Assignment Reviewer Taylor Yu
State Completed
Request Telechat review on draft-ietf-pce-pcep-exp-codepoints by Security Area Directorate Assigned
Reviewed revision 04 (document currently at 05)
Result Ready
Completed 2018-01-11
review-ietf-pce-pcep-exp-codepoints-04-secdir-telechat-yu-2018-01-11-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Summary: ready

The security considerations section seems reasonable.  The warning about
receiving conflicting experimental codepoints from another system seems
a little out of place if this were a protocol exposed to the Internet at
large.  (An implementation should in general handle all unexpected
inputs, accidental or malicious, in a way to avoid harmful
consequences.)  On the other hand, like many routing-related protocols,
PCEP doesn't seem to have very strong integrity or authentication
properties and instead relies on filtering, physical measures, or lower
layers such as TCP-AO.

Best regards,
-Taylor