Skip to main content

Last Call Review of draft-ietf-softwire-yang-14

Request Review of draft-ietf-softwire-yang
Requested revision No specific revision (document currently at 16)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-10-11
Requested 2018-09-27
Authors Ian Farrer , Mohamed Boucadair
I-D last updated 2019-01-07
Completed reviews Secdir Last Call review of -14 by Phillip Hallam-Baker (diff)
Genart Last Call review of -06 by Roni Even (diff)
Yangdoctors Last Call review of -06 by Martin Björklund (diff)
Tsvart Telechat review of -13 by Michael Tüxen (diff)
Genart Telechat review of -13 by Roni Even (diff)
Assignment Reviewer Phillip Hallam-Baker
State Completed
Review review-ietf-softwire-yang-14-secdir-lc-hallam-baker-2019-01-07
Reviewed revision 14 (document currently at 16)
Result Has Nits
Completed 2019-01-07
The document describes a schema and has appropriately identified the read/write
security concerns arising from it.

One issue that I thing could be usefully spelled out is that the use of
automated tools to decode structures of this type is not merely a programming
convenience. Attempts to parse length delimited objects nested in length
delimited structures using handwritten code is error prone and has led to
introduction of numerous buffer overrun vulnerabilities.