Last Call Review of draft-ietf-teas-yang-te-topo-15
review-ietf-teas-yang-te-topo-15-secdir-lc-shore-2018-06-07-00
Request | Review of | draft-ietf-teas-yang-te-topo |
---|---|---|
Requested revision | No specific revision (document currently at 22) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2018-05-30 | |
Requested | 2018-05-16 | |
Authors | Xufeng Liu , Igor Bryskin , Vishnu Pavan Beeram , Tarek Saad , Himanshu C. Shah , Oscar Gonzalez de Dios | |
I-D last updated | 2018-06-07 | |
Completed reviews |
Yangdoctors Last Call review of -08
by Mahesh Jethanandani
(diff)
Secdir Last Call review of -15 by Melinda Shore (diff) Genart Last Call review of -15 by Russ Housley (diff) Genart Last Call review of -20 by Russ Housley (diff) Secdir Last Call review of -20 by Melinda Shore (diff) |
|
Assignment | Reviewer | Melinda Shore |
State | Completed | |
Request | Last Call review on draft-ietf-teas-yang-te-topo by Security Area Directorate Assigned | |
Reviewed revision | 15 (document currently at 22) | |
Result | Has issues | |
Completed | 2018-06-07 |
review-ietf-teas-yang-te-topo-15-secdir-lc-shore-2018-06-07-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready with issues This document defines a technology-agnostic YANG data model for representation of traffic engineering topologies, and is intended to serve as a base model for other technology-specific traffic engineering topology models. The document is clearly written and appears comprehensive with respect to its subject matter. I suspect that sections 1-4 would be a useful reference for people wanting to learn about TE topologies in general, and I enjoyed reading it. The security considerations section is scanty and, unfortunately, insufficient. The statement "The data-model by itself does not create any security implications" seems questionable at best, since it contains information about network topology and the treatment of traffic, which may be of value to an attacker. The lack of discussion of the threat environment is particularly problematic given that the model is intended to be used for manipulating TE topologies. The authors may want to look to draft-ietf-i2rs-yang-network-topo as a model (no pun intended) of a good security considerations section for a topology model. I don't see how this document can be published with the security considerations section in its current condition. This is really a trivial nit, but a nit nevertheless - the second paragraph of the terminology section probably belongs in the introduction instead, as it lays out expectations for the reader and contains a pointer to introductory material for readers unfamiliar with the IETF's traffic engineering work. Melinda