Last Call Review of draft-ietf-rtgwg-net2cloud-problem-statement-36
review-ietf-rtgwg-net2cloud-problem-statement-36-secdir-lc-cooley-2024-03-01-02

Request Review of draft-ietf-rtgwg-net2cloud-problem-statement-35
Requested revision 35 (document currently at 39)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2024-03-11
Requested 2024-02-26
Requested by Yingzhen Qu
Authors Linda Dunbar , Andrew G. Malis , Christian Jacquenet , Mehmet Toy , Kausik Majumdar
I-D last updated 2024-04-15
Completed reviews Secdir Last Call review of -36 by Deb Cooley (diff)
Tsvart Last Call review of -32 by Magnus Westerlund (diff)
Intdir Early review of -26 by Benson Muite (diff)
Secdir Early review of -22 by Deb Cooley (diff)
Genart Early review of -21 by Paul Kyzivat (diff)
Opsdir Early review of -22 by Susan Hares (diff)
Rtgdir Early review of -22 by Ines Robles (diff)
Tsvart Early review of -22 by David L. Black (diff)
Dnsdir Early review of -22 by Florian Obser (diff)
Comments 
Please assign this review to Deb Cooley as a follow up review to make sure all the security concerns have been addressed.

Thanks,
Jeff and Yingzhen (RTGWG Chairs)
Assignment Reviewer Deb Cooley
State Completed
Request Last Call review on draft-ietf-rtgwg-net2cloud-problem-statement by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/CR1c3pg93satiS72I2rOV9zhKv8
Reviewed revision 36 (document currently at 39)
Result Ready
Completed 2024-04-15
review-ietf-rtgwg-net2cloud-problem-statement-36-secdir-lc-cooley-2024-03-01-02
These changes has been made.

Deb

On Fri, Apr 12, 2024 at 10:09 AM Linda Dunbar <linda.dunbar@futurewei.com>
wrote:

> Deb,
>
>
>
> Thank you for catching the typo.
>
>
>
> Would the following sentence of Section 7 address your comment?
>
>
>
> *“A full security evaluation will be needed before [MULTI-SEG-SDWAN] and
> [SDWAN-EDGE-DISCOVERY] can be recommended as a solution to some problems
> described in this document.”*
>
>
>
> We are in the process of revising the SDWAN-EDGE-DISCOVERY draft based on
> the IETF119 discussion. Will update later this month.
>
> Linda
>
>
>
> *From:* Deb Cooley <debcooley1@gmail.com>
> *Sent:* Thursday, April 11, 2024 5:45 PM
> *To:* Linda Dunbar <linda.dunbar@futurewei.com>
> *Cc:* secdir@ietf.org;
> draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org; rtgwg@ietf.org
> *Subject:* Re: Secdir last call review of
> draft-ietf-rtgwg-net2cloud-problem-statement-36
>
>
>
> Remaining comment and one nit:
>
>
>
> Section 5.1, paragraph 3:  The draft referenced here is expired and the
> security of the methods would have to be reviewed.  (that is listed in
> Section 7)
>
>
> The expired draft has been replaced with another draft.  The security of
> the methods would have to be reviewed.  Please list that in Section 7.
>
>
>
> Section 7, second to last bullet:  typo:  There is a single quotation mark
> at the end of the paragraph.
>
>
>
> Deb
>
>
>
>
>
> On Thu, Apr 11, 2024 at 6:08 PM Linda Dunbar <linda.dunbar@futurewei.com>
> wrote:
>
> Deb,
>
>
>
> Thank you. The -38 has been uploaded.
>
>
> https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem-statement/
>
>
>
> Linda
>
>
>
> *From:* Deb Cooley <debcooley1@gmail.com>
> *Sent:* Thursday, April 11, 2024 5:53 AM
> *To:* Linda Dunbar <linda.dunbar@futurewei.com>
> *Cc:* secdir@ietf.org;
> draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org; rtgwg@ietf.org
> *Subject:* Re: Secdir last call review of
> draft-ietf-rtgwg-net2cloud-problem-statement-36
>
>
>
> perfect,  I'll take a look at -38 when it gets published.
>
>
>
> Deb
>
>
>
> On Wed, Apr 10, 2024 at 10:58 AM Linda Dunbar <linda.dunbar@futurewei.com>
> wrote:
>
> Deb,
>
>
>
> Thank you very much for the additional comments and the suggested wording.
>
> They are reflected in the revision -38.
>
>
>
> Linda
>
>
>
> -----Original Message-----
> From: Deb Cooley <debcooley1@gmail.com>
> Sent: Monday, March 18, 2024 8:24 AM
> To: Linda Dunbar <linda.dunbar@futurewei.com>
> Cc: secdir@ietf.org;
> draft-ietf-rtgwg-net2cloud-problem-statement.all@ietf.org; rtgwg@ietf.org
> Subject: Re: Secdir last call review of
> draft-ietf-rtgwg-net2cloud-problem-statement-36
>
>
>
> Here is my review update for
>
> draft-ietf-rtgwg-net2cloud-problem-statement-37:
>
>
>
> I will update my review in the datatracker.
>
>
>
> original comments (in black), updates (in blue)
>
>
>
> 1.  Section 5.1, paragraph 2:  Certainly the principles and assumptions of
> RFC 4535* would apply to any group key management situation (note the word
> change from 'group encryption' to 'group key management').  The specific
> protocol addressed by that RFC isn't being used here (even though they
> mention ISAKMP). How about something like this:
>
>
>
> "The group key management protocol documented in [RFC4535] outlines the
> relevant security risks for any group key management system in Section 3
> (Security Considerations).  While this particular protocol isn't being
> suggested, the drawbacks and risks of group key management are still
> relevant."
>
>
>
> done.
>
> [Linda] Thank you for the suggestion. They are changed in -38.
>
>
>
> 2.  Section 5.1, paragraph 3:  The draft referenced here is expired and
> the security of the methods would have to be reviewed.  (that is listed in
> Section 7)
>
>
>
> The expired draft has been replaced with another draft.  The security of
> the methods would have to be reviewed.  Please list that in Section 7.
>
> [Linda] The referenced draft has been uploaded.
>
>
>
> 3.  Section 5.2:  The draft referenced in this section is (currently) an
> individual draft, and again the security of the methods would have to be
> reviewed. (I see that WG adoption has been requested, and the draft is
> listed in Section 7).
>
>
>
> This is just a note to the WG - no action required as long as the WG
> agrees.
>
> [Linda] the WG chair said they will start the WG adoption soon.
>
>
>
>