Skip to main content

Last Call Review of draft-ietf-pce-segment-routing-ipv6-22
review-ietf-pce-segment-routing-ipv6-22-secdir-lc-weis-2024-02-16-00

Request Review of draft-ietf-pce-segment-routing-ipv6
Requested revision No specific revision (document currently at 25)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2024-02-15
Requested 2024-02-01
Authors Cheng Li , Prejeeth Kaladharan , Siva Sivabalan , Mike Koldychev , Yongqing Zhu
I-D last updated 2024-02-16
Completed reviews Secdir Last Call review of -22 by Brian Weis (diff)
Opsdir Last Call review of -22 by Niclas Comstedt (diff)
Intdir Telechat review of -22 by Bob Halley (diff)
Rtgdir Early review of -19 by Yingzhen Qu (diff)
Assignment Reviewer Brian Weis
State Completed
Request Last Call review on draft-ietf-pce-segment-routing-ipv6 by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/F-lq_LWHwNnSlT6vuuPaHB_4Bhc
Reviewed revision 22 (document currently at 25)
Result Ready
Completed 2024-02-16
review-ietf-pce-segment-routing-ipv6-22-secdir-lc-weis-2024-02-16-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

The summary of the review is Ready.

This document defines extensions to the Path Computation Element 
Communication Protocol (PCEP) protocol, which is a protocol operating
over TCP. The extensions allow the distribution of new Segment
Routing (SR) policy allowing IPv6 forwarding in addition to MPLS
forwarding within PCEP. 

As such, the scope of this document is to add protocol definitions
to PCEP. The Security Considerations section points out that Security
Considerations of the PCEP RFC (RFC 5440), as well as several other 
PCEP and general routing security RFCs apply.  It also RECOMMENDS
the use of TLS to secure PCEP, as defined in RFC 8253. This seems
adequate to me.