Skip to main content

Last Call Review of draft-ietf-storm-ifcpmib-

Request Review of draft-ietf-storm-ifcpmib
Requested revision No specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-10-12
Requested 2010-10-01
Authors Prakash Venkatesen
I-D last updated 2010-10-29
Completed reviews Secdir Last Call review of -?? by Charlie Kaufman
Assignment Reviewer Charlie Kaufman
State Completed
Request Last Call review on draft-ietf-storm-ifcpmib by Security Area Directorate Assigned
Completed 2010-10-29
I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
last call comments.

Writing, interpreting, and reviewing MIB documents is to some degree a
specialized art, and I can't claim to give this a thorough technical review.
The Security Considerations section of most MIB documents is usually pro forma
and not very interesting. This one, however, is exceptional and perhaps should
be taken as a model for the Security Considerations sections of other MIB
documents. It describes how security sensitive the various values that can be
accessed through the MIB are, both with respect to reading them and with
respect to updating them. While what fields are going to be sensitive in what
way is often going to be scenario dependent, indications of which fields might
be sensitive and why (particularly in cases where the explanation is not
obvious) would make a helpful commentary.

This document does not say much about the relative sensitivity of various
fields (I'm assuming because in this case there isn't much to say).

I found no problems with this document.