Early Review of draft-ietf-rtgwg-atn-bgp-12
review-ietf-rtgwg-atn-bgp-12-secdir-early-housley-2022-01-18-00
| Request | Review of | draft-ietf-rtgwg-atn-bgp-12 |
|---|---|---|
| Requested revision | 12 (document currently at 28) | |
| Type | Early Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2022-02-11 | |
| Requested | 2022-01-13 | |
| Requested by | Yingzhen Qu | |
| Authors | Fred Templin , Greg Saccone , Gaurav Dawra , Acee Lindem , Victor Moreno | |
| I-D last updated | 2025-03-17 (Latest revision 2025-03-17) | |
| Completed reviews |
Secdir Early review of -12
by Russ Housley
(diff)
Intdir Early review of -12 by Dave Thaler (diff) Opsdir Early review of -12 by Gyan Mishra (diff) Rtgdir Early review of -12 by Mach Chen (diff) Tsvart Early review of -13 by Michael Tüxen (diff) |
|
| Comments |
The document is ready for WG last call in RTGWG. The chairs would really appreciate broader review of the document. Thanks! |
|
| Assignment | Reviewer | Russ Housley |
| State | Completed | |
| Request | Early review on draft-ietf-rtgwg-atn-bgp by Security Area Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/secdir/B_QQZDRO5jiAKImzuT3Kf5sVA4I | |
| Reviewed revision | 12 (document currently at 28) | |
| Result | Has issues | |
| Completed | 2022-01-18 |
review-ietf-rtgwg-atn-bgp-12-secdir-early-housley-2022-01-18-00
I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Security Area Directors. Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments. Document: draft-ietf-rtgwg-atn-bgp-12 Reviewer: Russ Housley Review Date: 2022-01-18 Early Review Due: 2022-02-11 IETF LC End Date: Unknown IESG Telechat date: Unknown Summary: Has Issues Major Concerns: Section 3 says: The only requirement is that ASNs must not be duplicated within the ATN/IPS routing system itself. What party will administer these ASNs? I understand why it does not need to be IANA, but there does need to be a single authority, even if a hierarchy is used to delegate assignments. ASN collisions are extremely harmful. Section 10 says: BGP protocol message exchanges and control message exchanges used for route optimization must be secured to ensure the integrity of the system-wide routing information base. I assume that "secured" means integrity protected. BGP runs over TCP. TCP-AO was defined primarily to provide integrity protection for BGP. Is the intent to use TCP-AO or something else. Please specify. Minor Concerns: Section 1 talks about IPsec and Wireguard as "secured encapsulations". Please say what you mean by security here. Are you expecting confidentiality, integrity, or both? Since this is an example, please drop "Wireguard" or provide a reference for it. Section 1 goes on to say: In particular, tunneling must be used when neighboring ASBRs are separated by multiple INET hops. This seems to mean that tunnels are not used in some if there is a single INET hop. Can you add a sentence about that? Section 5 says: "...tunnels packets directly between Proxys ...". Are these IPsec tunnels? I am trying to fully understand when the tunnels require IPsec (or some other security protocol) and when they do not. Section 10 lists IPsec, TLS, WireGuard, etc. This is the first reference to TLS. When do you see TLS being used?