Skip to main content

Last Call Review of draft-ietf-teas-te-express-path-03
review-ietf-teas-te-express-path-03-secdir-lc-huitema-2015-10-01-00

Request Review of draft-ietf-teas-te-express-path
Requested revision No specific revision (document currently at 05)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2015-09-29
Requested 2015-09-17
Authors Alia Atlas , John Drake , Spencer Giacalone , Stefano Previdi
I-D last updated 2015-10-01
Completed reviews Genart Last Call review of -03 by Robert Sparks (diff)
Genart Telechat review of -03 by Robert Sparks (diff)
Secdir Last Call review of -03 by Christian Huitema (diff)
Opsdir Last Call review of -03 by Susan Hares (diff)
Assignment Reviewer Christian Huitema
State Completed
Request Last Call review on draft-ietf-teas-te-express-path by Security Area Directorate Assigned
Reviewed revision 03 (document currently at 05)
Result Ready
Completed 2015-10-01
review-ietf-teas-te-express-path-03-secdir-lc-huitema-2015-10-01-00
I have reviewed this document as part of the security directorate's

ongoing effort to review all IETF documents being processed by the

IESG.  These comments were written primarily for the benefit of the

security area directors.  Document editors and WG chairs should treat

these comments just like any other last call comments.



This document is ready for publication as an informational RFC.



Draft-ietf-teas-te-express-path provides considerations on the use of
performance criteria such as delay, loss and jitter when performing path
selection when using routing protocols IS-IS or OSPF. The document  warns
developers against using poor criteria and causing oscillation. It provides
guidance on the handling of paths whose measured criteria have changed.



The security section states that “This document is not currently believed to
introduce new security concerns.” Well, I currently believe that the authors
may be correct about that. The only potential attack that I can think of would
involve subtle manipulations of the criteria measurements in order to induce
path oscillations. Such attack scenario does not feel very realistic or very
serious. In any case that would not be a “new” attack due to this specific
draft, but rather an existing attack on IS-IS or OSPF.



-- Christian Huitema