Early Review of draft-ietf-rtgwg-atn-bgp-28
review-ietf-rtgwg-atn-bgp-28-secdir-early-housley-2025-09-16-00
review-ietf-rtgwg-atn-bgp-28-secdir-early-housley-2025-09-16-00
I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Security Area Directors. Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments. Document: draft-ietf-rtgwg-atn-bgp-28 Reviewer: Russ Housley Review Date: 2025-09-16 Review Due: 2025-09-22 IETF LC End Date: Unknown IESG Telechat date: Unknown Summary: Has Issues Major Concerns: Section 3 says that ASNs will be allocated and managed by an ATN/IPS assigned numbers authority established by ICAO. Will this authority operate an RPKI? If so, it should be discussed here or in Section 10. Minor Concerns: Section 1 talks about "secured direct point-to-point links and/or secured tunnels". Please say what you mean by secured. Based on the discussion in Section 10, you expecting confidentiality, integrity, and authentication. MACsec is not a point-to-point link, but is seems that it would meet the needs of this architecture. Is MACsec accommodated? Nits: Section 1: s/aviation data link they/aviation data link, they/ Section 1: s/Stable Network Prefixes SNPs/Stable Network Prefixes (SNPs)/ Section 3: s/Since ATN/ATN/ Section 4: s/WiFi/Wi-Fi/ Section 5: s/In the first figure/In Figure 5/ Section 5: s/In the second figure/In Figure 6/