Last Call Review of draft-ietf-pwe3-ms-pw-arch-
review-ietf-pwe3-ms-pw-arch-secdir-lc-yu-2009-06-22-00
| Request | Review of | draft-ietf-pwe3-ms-pw-arch |
|---|---|---|
| Requested revision | No specific revision (document currently at 07) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2009-06-30 | |
| Requested | 2009-06-05 | |
| Authors | Stewart Bryant , Matthew Bocci | |
| I-D last updated | 2009-06-22 | |
| Completed reviews |
Secdir Last Call review of -??
by Taylor Yu
|
|
| Assignment | Reviewer | Taylor Yu |
| State | Completed | |
| Request | Last Call review on draft-ietf-pwe3-ms-pw-arch by Security Area Directorate Assigned | |
| Completed | 2009-06-22 |
review-ietf-pwe3-ms-pw-arch-secdir-lc-yu-2009-06-22-00
Security-related comments: My observations on the security-related content of this document focus on the ambiguity of the text in a few places. I suspect that details resolving those ambiguities are available elsewhere, which would make the ambiguity only a minor problem, but I believe that this document should contain at least a summary of those details or a citation to where the reader can find those details. In the Section 13, "Security Considerations", the sentence "However, S-PEs represent a point in the network where the PW label is exposed to additional processing." needs clear elaboration. The PW label is not mentioned again in that section. What are the risks associated with this additional processing? Is a breach of the integrity or confidentiality of the pseudowire (PW) label a threat? Or is the issue that a PW Switching Provider Edge (S-PE) may misdirect or otherwise tamper with a PW segment due to malice, malfunction, or misconfiguration? As in RFC 5254 (referenced in this document), the word "trust" appears in multiple places in the Security Considerations sections without adequate specification, in my opinion. There may be additional disambiguating context for the uses of the word "trust" in RFC 5254 and this document that I am not familiar with. The most reasonable interpretation that I can attach to words such as "trust" and "eligible" in the Security Considerations of these documents is that they refer to the policy of the operator of some network participating in the pseudowire. Ambiguity remains concerning the specific entity whose policy applies in any given instance of those words, but I expect that I would find it more clear once I had more context. Editorial comments: The references section does not distinguish between normative and informative references. By the context of their citations, I infer that all of the cited references are normative. If this is true, the subsection (or section) heading should reflect this fact. Section 11, "Congestion Considerations", includes an editor's note to reference draft-ietf-pwe3-congestion-frmwk-01.txt, which has expired. Trailing whitespace occurs on many lines of this document. While cosmetic in nature, it did complicate copying and pasting from this document.