Telechat Review of draft-ietf-trill-directory-framework-06
review-ietf-trill-directory-framework-06-secdir-telechat-kaufman-2013-08-08-00

Request Review of draft-ietf-trill-directory-framework
Requested rev. no specific revision (document currently at 07)
Type Telechat Review
Team Security Area Directorate (secdir)
Deadline 2013-08-13
Requested 2013-08-02
Other Reviews Secdir Last Call review of -05 by Charlie Kaufman (diff)
Genart Last Call review of -05 by David Black (diff)
Genart Telechat review of -06 by David Black (diff)
Genart Telechat review of -07 by David Black
Review State Completed
Reviewer Charlie Kaufman
Review review-ietf-trill-directory-framework-06-secdir-telechat-kaufman-2013-08-08
Posted at http://www.ietf.org/mail-archive/web/secdir/current/msg04134.html
Reviewed rev. 06 (document currently at 07)
Review result Ready
Draft last updated 2013-08-08
Review completed: 2013-08-08

Review
review-ietf-trill-directory-framework-06-secdir-telechat-kaufman-2013-08-08






I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document
 editors and WG chairs should treat these comments just like any other last call comments.




 




This document describes a framework for adding a central control mechanism to trill to replace or supplement its autoconfiguring mechanism of dynamically learning the locations of all addresses on the LAN. The specific protocols for
 supplying and consuming this configuration information will presumably appear in future specs. This sort of configuration control is useful in a datacenter where all connections are carefully configured rather than being plug and play. It is particularly applicable
 in a "cloud" environment where virtual machines are moved between physical machines by some sort of Virtual Machine Management System that will also assign addresses and place them.




 




This is a re-review. This latest draft incorporates all of my comments on -05, in particular an expanded description of the security advantages of this approach over the standard autoconfiguration in trill. I have no issues with it. I did
 find 2 typos:




 




Page 4 last paragraph: “Both items 3 and 4 above…” There are only three items above. I suspect it should say “Both items 2 and 3 above…”




 




Page 15 section 7 paragraph 3: “Perhaps S want steal” -> “Perhaps S wants to steal”