Skip to main content

Security Framework for MPLS and GMPLS Networks
RFC 5920

Revision differences

Document history

Date Rev. By Action
2015-10-14
09 (System) Notify list changed from mpls-chairs@ietf.org, draft-ietf-mpls-mpls-and-gmpls-security-framework@ietf.org, martin.vigoureux@alcatel-lucent.com to martin.vigoureux@alcatel-lucent.com
2010-07-09
09 Cindy Morgan State Changes to RFC Published from RFC Ed Queue by Cindy Morgan
2010-07-09
09 Cindy Morgan [Note]: 'RFC 5920' added by Cindy Morgan
2010-07-09
09 (System) RFC published
2010-06-01
09 (System) IANA Action state changed to No IC from In Progress
2010-06-01
09 (System) IANA Action state changed to In Progress
2010-06-01
09 Cindy Morgan State Changes to RFC Ed Queue from Approved-announcement sent by Cindy Morgan
2010-06-01
09 Amy Vezza IESG state changed to Approved-announcement sent
2010-06-01
09 Amy Vezza IESG has approved the document
2010-06-01
09 Amy Vezza Closed "Approve" ballot
2010-05-26
09 Tim Polk Waiting for email from lyndon ong confirming permission to reuse OIF text in RFC
2010-05-26
09 Tim Polk Status date has been changed to 2010-06-04 from
2010-05-26
09 Tim Polk [Note]: 'Martin Vigoureux (martin.vigoureux@alcatel-lucent.com) is the Document Shepherd.' added by Tim Polk
2010-03-11
09 Cindy Morgan State Changes to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation - Defer by Cindy Morgan
2010-03-11
09 Ralph Droms
[Ballot comment]
Typo and question, end of section 4.1:

  This section is focused outsider attach. The insider attack is
  discussed in section 4.4. …
[Ballot comment]
Typo and question, end of section 4.1:

  This section is focused outsider attach. The insider attack is
  discussed in section 4.4.

Change first sentence to "This section is focused on outsider attacks."
Are all of section 4.1-4.3 focused on outsider attacks or just section 4.1?
---
In section 5.2.4:

Bullet formatting in list after "The following is a non-exhaustive list of PW-specific threats:" is incorrect.

In a bullet list a little farther along:

  -  Since guessing a valid PW label is not difficult
  -  it is relatively easy to introduce seemingly valid foreign
      packets

delete second bullet marker "-" "
---
Several bullet lists in section 5.2.5 are formatted inconsistently (I'll stop commenting on bullet list formats now!)
---
Section 7.1.1: add citation of RFC 2385 to mention of TCP MD5?
2010-03-11
09 Ralph Droms [Ballot Position Update] New position, No Objection, has been recorded by Ralph Droms
2010-03-10
09 Ron Bonica [Ballot Position Update] New position, Yes, has been recorded by Ron Bonica
2010-03-08
09 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley
2010-03-08
09 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-09.txt
2010-03-05
09 (System) Removed from agenda for telechat - 2010-03-04
2010-03-02
09 Ron Bonica State Changes to IESG Evaluation - Defer from IESG Evaluation by Ron Bonica
2010-03-02
09 Tim Polk [Ballot Position Update] New position, Yes, has been recorded by Tim Polk
2010-03-01
09 Ross Callon [Ballot Position Update] New position, Recuse, has been recorded by Ross Callon
2010-03-01
09 Adrian Farrel [Ballot Position Update] Position for Adrian Farrel has been changed to Recuse from Yes by Adrian Farrel
2010-03-01
09 Adrian Farrel Responsible AD has been changed to Tim Polk from Adrian Farrel
2010-03-01
09 Adrian Farrel [Ballot Position Update] New position, Yes, has been recorded for Adrian Farrel
2010-03-01
09 Adrian Farrel Ballot has been issued by Adrian Farrel
2010-03-01
09 Adrian Farrel Created "Approve" ballot
2010-03-01
09 Adrian Farrel Placed on agenda for telechat - 2010-03-04 by Adrian Farrel
2010-03-01
09 Adrian Farrel State Changes to IESG Evaluation from Waiting for AD Go-Ahead::AD Followup by Adrian Farrel
2010-03-01
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2010-03-01
08 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-08.txt
2009-11-25
09 Adrian Farrel State Changes to Waiting for AD Go-Ahead::Revised ID Needed from Waiting for AD Go-Ahead by Adrian Farrel
2009-11-18
09 Amanda Baber IANA comments:

As described in the IANA Considerations section, we understand this document to have NO IANA Actions.
2009-11-18
09 (System) State has been changed to Waiting for AD Go-Ahead from In Last Call by system
2009-11-02
09 Samuel Weiler Request for Last Call review by SECDIR is assigned to Sandra Murphy
2009-11-02
09 Samuel Weiler Request for Last Call review by SECDIR is assigned to Sandra Murphy
2009-10-27
09 Amy Vezza Last call sent
2009-10-27
09 Amy Vezza State Changes to In Last Call from Last Call Requested by Amy Vezza
2009-10-27
09 Adrian Farrel State Changes to Last Call Requested from AD Evaluation::AD Followup by Adrian Farrel
2009-10-27
09 Adrian Farrel Last Call was requested by Adrian Farrel
2009-10-27
09 (System) Ballot writeup text was added
2009-10-27
09 (System) Last call text was added
2009-10-27
09 (System) Ballot approval text was added
2009-10-27
09 Adrian Farrel [Note]: 'Martin Vigoureux (martin.vigoureux@alcatel-lucent.com) is the Document Shepherd.' added by Adrian Farrel
2009-10-25
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2009-10-25
07 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-07.txt
2009-09-23
09 Adrian Farrel State Changes to AD Evaluation::Revised ID Needed from AD Evaluation::External Party by Adrian Farrel
2009-08-17
09 Adrian Farrel State Changes to AD Evaluation::External Party from AD Evaluation::AD Followup by Adrian Farrel
2009-08-17
09 Adrian Farrel
[Note]: 'Martin Vigoureux (martin.vigoureux@alcatel-lucent.com) is the Document Shepherd.<br>This document is pending review and suggested changes by Sandy Murphy on behalf of SecDir.' added …
[Note]: 'Martin Vigoureux (martin.vigoureux@alcatel-lucent.com) is the Document Shepherd.<br>This document is pending review and suggested changes by Sandy Murphy on behalf of SecDir.' added by Adrian Farrel
2009-07-13
09 (System) Sub state has been changed to AD Follow up from New Id Needed
2009-07-13
06 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-06.txt
2009-05-18
09 Adrian Farrel State Changes to AD Evaluation::Revised ID Needed from AD Evaluation by Adrian Farrel
2009-05-18
09 Adrian Farrel State Change Notice email list have been change to mpls-chairs@tools.ietf.org, draft-ietf-mpls-mpls-and-gmpls-security-framework@tools.ietf.org, martin.vigoureux@alcatel-lucent.com from mpls-chairs@tools.ietf.org, draft-ietf-mpls-mpls-and-gmpls-security-framework@tools.ietf.org
2009-05-18
09 Adrian Farrel [Note]: 'Martin Vigoureux (martin.vigoureux@alcatel-lucent.com) is the Document Shepherd' added by Adrian Farrel
2009-05-11
09 Adrian Farrel State Changes to AD Evaluation from Publication Requested by Adrian Farrel
2009-05-06
09 Cindy Morgan
----------------------------------------------------------------------
Proto Writeup for draft-ietf-mpls-mpls-and-gmpls-security-framework-05
----------------------------------------------------------------------

  (1.a)  Who is the Document Shepherd for this document?  Has the
          Document Shepherd …
----------------------------------------------------------------------
Proto Writeup for draft-ietf-mpls-mpls-and-gmpls-security-framework-05
----------------------------------------------------------------------

  (1.a)  Who is the Document Shepherd for this document?  Has the
          Document Shepherd personally reviewed this version of the
          document and, in particular, does he or she believe this
          version is ready for forwarding to the IESG for publication?

Martin Vigoureux (martin.vigoureux@alcatel-lucent.com), MPLS WG Secretary,
is the Document Shepherd for draft-ietf-mpls-mpls-and-gmpls-security-framework.
The Document Shepherd personally reviewed the Document and believes
this version (05) is ready for forwarding to the IESG for publication.


  (1.b)  Has the document had adequate review both from key WG members
          and from key non-WG members?  Does the Document Shepherd have
          any concerns about the depth or breadth of the reviews that
          have been performed?

The Document is the result of a design team including key actors of
MPLS and GMPLS technologies. The Document was presented to both MPLS
and CCAMP Working Groups over the past few IETF meetings. The Document
early review and Last Call was notified on MPLS, CCAMP and PWE3
Working Groups mailing lists.
As such, the Document Shepherd believes that the Document has had
adepquate review and does not have any concern with the depth
or breadth of the reviews.


  (1.c)  Does the Document Shepherd have concerns that the document
          needs more review from a particular or broader perspective,
          e.g., security, operational complexity, someone familiar with
          AAA, internationalization, or XML?

The Document was not reviewed by the Security Directorate but authors
of the Document have security background.
The Document was Gen-ART reviewed.


  (1.d)  Does the Document Shepherd have any specific concerns or
          issues with this document that the Responsible Area Director
          and/or the IESG should be aware of?  For example, perhaps he
          or she is uncomfortable with certain parts of the document, or
          has concerns whether there really is a need for it.  In any
          event, if the WG has discussed those issues and has indicated
          that it still wishes to advance the document, detail those
          concerns here.  Has an IPR disclosure related to this document
          been filed?  If so, please include a reference to the
          disclosure and summarize the WG discussion and conclusion on
          this issue.

The Document Shepherd does not have any issue nor concern with the Document.
No IPR disclosure related to the Document has been filed.


  (1.e)  How solid is the WG consensus behind this document?  Does it
          represent the strong concurrence of a few individuals, with
          others being silent, or does the WG as a whole understand and
          agree with it?

The consensus is quite solid. Strong support was openly expressed for
the adoption of the Document as an MPLS WG document, for example.


  (1.f)  Has anyone threatened an appeal or otherwise indicated extreme
          discontent?  If so, please summarize the areas of conflict in
          separate email messages to the Responsible Area Director.  (It
          should be in a separate email because this questionnaire is
          entered into the ID Tracker.)

No strong or extreme position was raised against the Document.


  (1.g)  Has the Document Shepherd personally verified that the
          document satisfies all ID nits?  (See
          http://www.ietf.org/ID-Checklist.html and
          http://tools.ietf.org/tools/idnits/.)  Boilerplate checks are
          not enough; this check needs to be thorough.  Has the document
          met all formal review criteria it needs to, such as the MIB
          Doctor, media type, and URI type reviews?  If the document
          does not already indicate its intended status at the top of
          the first page, please indicate the intended status here.

Some nits exist (4 warnings) for the Document.
  == The document doesn't use any RFC 2119 keywords, yet seems to have RFC
    2119
boilerplate text.
Section can be removed

  == The document seems to lack a disclaimer for pre-RFC5378 work, but was
    first submitted before 10 November 2008.  Should you add the disclaimer?
    (See the Legal Provisions document at
    http://trustee.ietf.org/license-info for more information.) -- however,
    there's a paragraph with a matching beginning. Boilerplate error?
The document contains the correct pre-RFC5378 work disclaimer that can be
be found at http://trustee.ietf.org/docs/IETF-Trust-License-Policy.pdf

  == Unused Reference: 'RFC4103' is defined on line 2611, but no explicit
    reference was found in the text
Reference should be removed

  == Outdated reference: A later version (-04) exists of
    draft-ietf-tsvwg-rsvp-security-groupkeying-03
Reference should be updated

The Document does not contain content that would need specific review,
beyond what has already been done up to now.


  (1.h)  Has the document split its references into normative and
          informative?  Are there normative references to documents that
          are not ready for advancement or are otherwise in an unclear
          state?  If such normative references exist, what is the
          strategy for their completion?  Are there normative references
          that are downward references, as described in [RFC3967]?  If
          so, list these downward references to support the Area
          Director in the Last Call procedure for them [RFC3967].

The Document has two References Sections (Normative and Informative).
The Normative Section only includes documents which are either in
RFC or STD status. There are no normative downward references.


  (1.i)  Has the Document Shepherd verified that the document's IANA
          Considerations section exists and is consistent with the body
          of the document?  If the document specifies protocol
          extensions, are reservations requested in appropriate IANA
          registries?  Are the IANA registries clearly identified?  If
          the document creates a new registry, does it define the
          proposed initial contents of the registry and an allocation
          procedure for future registrations?  Does it suggest a
          reasonable name for the new registry?  See [RFC2434].  If the
          document describes an Expert Review process, has the Document
          Shepherd conferred with the Responsible Area Director so that
          the IESG can appoint the needed Expert during IESG Evaluation?

The Document has an appropriate IANA Secion. The Document does not
specify protocol extensions. The Document is Informational track.


  (1.j)  Has the Document Shepherd verified that sections of the
          document that are written in a formal language, such as XML
          code, BNF rules, MIB definitions, etc., validate correctly in
          an automated checker?

No section of the Document is written -and would need to be written- in
a given formal language.


  (1.k)  The IESG approval announcement includes a Document
          Announcement Write-Up.  Please provide such a Document
          Announcement Write-Up.  Recent examples can be found in the
          "Action" announcements for approved documents.  The approval
          announcement contains the following sections:

          Technical Summary
            Relevant content can frequently be found in the abstract
            and/or introduction of the document.  If not, this may be
            an indication that there are deficiencies in the abstract
            or introduction.

This document provides a security framework for Multiprotocol Label
Switching (MPLS) and Generalized Multiprotocol Label Switching
(GMPLS) Networks. This document addresses the security aspects
that are relevant in the context of MPLS and GMPLS. It describes
the security threats, the related defensive techniques, and the
mechanisms for detection and reporting. This document emphasizes
RSVP-TE and LDP security considerations, as well as Inter-AS and
Inter-provider security considerations for building and maintaining
MPLS and GMPLS networks across different domains or different
Service Providers.


          Working Group Summary
            Was there anything in the WG process that is worth noting?
            For example, was there controversy about particular points
            or were there decisions where the consensus was
            particularly rough?

Nothing worth noting. Good consensus.
The Document needs to be progressed as others now reference it.


          Document Quality
            Are there existing implementations of the protocol?  Have a
            significant number of vendors indicated their plan to
            implement the specification?  Are there any reviewers that
            merit special mention as having done a thorough review,
            e.g., one that resulted in important changes or a
            conclusion that the document had no substantive issues?  If
            there was a MIB Doctor, Media Type, or other Expert Review,
            what was its course (briefly)?  In the case of a Media Type
            Review, on what date was the request posted?

No implementation as this is not a protocol specification.
The document quality is good as well as the review.
The document was gen-Art reviewed.


          Personnel
            Who is the Document Shepherd for this document?  Who is the
            Responsible Area Director?  If the document requires IANA
            experts(s), insert 'The IANA Expert(s) for the registries
            in this document are <TO BE ADDED BY THE AD>.'

Martin Vigoureux is the Document Shepherd
Adrian Farrel is the responsible Area Director
2009-05-06
09 Cindy Morgan Draft Added by Cindy Morgan in state Publication Requested
2009-03-09
05 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-05.txt
2009-02-06
09 Samuel Weiler Request for Early review by SECDIR Completed. Reviewer: Sandra Murphy.
2008-11-03
04 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-04.txt
2008-07-14
03 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-03.txt
2008-06-06
09 Samuel Weiler Request for Early review by SECDIR is assigned to Sandra Murphy
2008-06-06
09 Samuel Weiler Request for Early review by SECDIR is assigned to Sandra Murphy
2008-02-25
02 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-02.txt
2007-11-20
01 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-01.txt
2007-09-12
00 (System) New version available: draft-ietf-mpls-mpls-and-gmpls-security-framework-00.txt