Early Review of draft-ietf-savi-mix-11
review-ietf-savi-mix-11-intdir-early-lamparter-2016-12-07-00
Request | Review of | draft-ietf-savi-mix |
---|---|---|
Requested revision | No specific revision (document currently at 15) | |
Type | Early Review | |
Team | Internet Area Directorate (intdir) | |
Deadline | 2016-09-30 | |
Requested | 2016-09-16 | |
Authors | Jun Bi , Guang Yao , Joel M. Halpern , Eric Levy-Abegnoli | |
I-D last updated | 2016-12-07 | |
Completed reviews |
Secdir Last Call review of -12
by Scott G. Kelly
(diff)
Intdir Early review of -11 by David Lamparter (diff) Intdir Early review of -11 by Ralph Droms (diff) |
|
Assignment | Reviewer | David Lamparter |
State | Completed | |
Request | Early review on draft-ietf-savi-mix by Internet Area Directorate Assigned | |
Reviewed revision | 11 (document currently at 15) | |
Result | Ready w/issues | |
Completed | 2016-12-07 |
review-ietf-savi-mix-11-intdir-early-lamparter-2016-12-07-00
Hi everyone, [apologies for the delay, got some interference from a release cycle...] Apart from some typos (which I think the RFC editors will fix?), my review is the following: - the draft has no privacy consideration section. It should have one, pointing out the following: "When implementing multiple SAVI methods, privacy considerations of all methods apply cumulatively. In addition, there is a minor additional loss of privacy in that the SAVI device can correlate information from different SAVI methods." (optionally: "This additional loss of privacy is considered miniscule.", though that's just my personal opinion.) - in section 6.1.2.2., on "responding to the DAD message", it would be useful to state that the DAD message should be discarded and not forwarded. (Forwarding it may cause other SAVI devices to send additional defense NAs.) I believe this is the intent, but it's not quite obvious. Maybe I'm also misunderstanding something there? - also in section 6.1.2.2., a suggestion to ratelimit (or, in general, apply precautions) defense NAs in order to reduce security threats is probably a good idea. The problem I see there is that it's newly specified behaviour that just needs to be pointed out as requiring the same approach as the individual SAVI methods. - lastly, it could be pointed out that applying SAVI-MIX in an inconsistent way can well break one's network. Obvious case of user stupidity, but well... All in all I believe the draft is in good shape and should proceed with minor edits. Hope this is useful, -David On Fri, Sep 16, 2016 at 12:49:58PM +0200, Carlos Jesús Bernardos Cano wrote: > You are next up on the Int Area Directorate review assignment queue > and the Int ADs have requested a review of draft-ietf-savi-mix-11 (see > https://tools.ietf.org/html/draft-ietf-savi-mix-11). [...]