[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Evaluation: draft-ietf-ccamp-gmpls-sonet-sdh - Generalized Mu ltiprotocol Label Switching Extensions for SONET and SDH Control to Prop o sed Standard
>
> I thought Allison worried about the security, but I don't think
> she had specific issues and was hoping/asking you for a serious
> check. So if you do not see issues, then I would assume all
> will be OK with this doc.
Steve,
The questions were:
1. how weak were the antecedents, since it only points to them rather
than having any security considerations itself?
2. might this document deserve a stronger consideration than the base
technology, because the payload is particularly sensitive, the way we
consider that ISUP is, and we treat SIGTRAN and SIP-T documents with
more stringent security considerations?
1. I checked GMPLS-RSVP-TE, which I think is the most important antecedent, and
it is not weak. The text says it was worked on a lot by SMB, in fact...anyway,
I'm no longer worried on the antecedent score...
It does have a great typo :)
Messages MUST NOT be accepted except from nodes that are not
known to the recipient to be authorized to make such requests.
2. Judgement call. I raise my question because I only made it spoken and maybe
it wasn't a good question or clear?
Allison
>
> > -----Original Message-----
> > From: Steven M. Bellovin [mailto:smb@research.att.com]
> > Sent: woensdag 26 maart 2003 5:56
> > To: Wijnen, Bert (Bert)
> > Cc: iesg@ietf.org
> > Subject: Re: Evaluation: draft-ietf-ccamp-gmpls-sonet-sdh -
> > Generalized
> > Mu ltiprotocol Label Switching Extensions for SONET and SDH Control to
> > Prop o sed Standard
> >
> >
> > In message
> > <7D5D48D2CAA3D84C813F5B154F43B1550115755E@nl0006exch001u.nl.lucent.c
> > om>, "Wijnen, Bert (Bert)" writes:
> > >Steve, you are holding a DISCUSS that you still have to
> > >either write-up or give up. Below the pointers I gave you.
> > >
> > >The abllot:
> > >http://www.ietf.org/IESG/EVALUATIONS/draft-ietf-ccamp-gmpls-s
> > onet-sdh.bal
> > >
> > >Do you think you can find the time to at least get me a writeup
> > >so that I can get the authors some feedback as to why their
> > >document was not approved. They have asked me a few times
> > >already.
> >
> > I just reread the spec. From the little I understood, I see no
> > security issue in it. There may be a problem with the base
> > GMPLS specs,
> > but I didn't go back to those; in any event, it seems inappropriate to
> > block this relatively-innocuous document because of concerns about the
> > base spec. I wasn't the one who raised the initial concern about this
> > document, so I don't remember what the base issue may have been; does
> > anyone else have anything specific to point to? If not, I'm going to
> > clear my DISCUSS. (My apologies if I sound a bit grumpy.
> > I'm not only
> > seriously short on sleep, I'm on a train that has been
> > stalled (with no
> > progress in sight) for the last 100 (U.S.) minutes because of
> > "a fatality
> > on the tracks". The lights are off, the ventilation is off,
> > laptop power
> > is off, and I don't have a wireless modem that will let me
> > get to the ballot web site.)
> >