Re: [Last-Call] Secdir last call review of draft-ietf-detnet-bounded-latency-08

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dear Watson,

Thank you very much for your comments. We have modified the “Security Consideration” section; specifically, we added potential attack scenarios on the model presented in the draft. You can find the new version of the draft in:

as well as the difference between the new version and the previous version in:



Best,
Ehsan



--
Ehsan Mohammadpour
PhD candidate at Swiss Federal Institute of Technology (EPFL)
IC IINFCOM, LCA2, INF 011, Station 14, 1015 Lausanne, Switzerland
https://people.epfl.ch/ehsan.mohammadpour

On 31 Jan 2022, at 02:29, Watson Ladd via Datatracker <noreply@xxxxxxxx> wrote:

Reviewer: Watson Ladd
Review result: Has Issues

Dear fellow IETFers,

Alas I'm forced to put down draft-ietf-detnet-bounded-latency as having issues.
The vast majority of the draft is a detailed and readable description of how to
compute the resources required for a particular QoS. But unfortunately the
security concerns section has a paragraph about securing the reservations which
doesn't really seem relevant: it would seem to be relevant to the control plane
that does the reserving. At the same time a discussion of how an attacker might
be able to abuse the models presented in the document is lacking.

This is particularly important given that there can be very unintuitive global
effects from changes made to capacity on one node or link in a network.
Sincerely, Watson



-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux