[Last-Call] Secdir last call review of draft-ietf-avtcore-rfc7983bis-07

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Rich Salz
Review result: Ready

I am the assigned reviewer from the Security Directorate (SECDIR). These
comments are intended mainly to help the Sec AD's; everyone else should treat
them as any other last-call comments.

I guess this document is READY. But I have to admit that seeing description of
the heuristics makes me feel uncomfortable. At some point, a heuristic is just
a high-falutin' way to spell hack. I would imagine that if a commercial
firewall vendor, for example, implemented this on their own, significant
portions of the IETF community would be claiming "ossified."

But, if you want to do this kind of thing (or if you need to do it even though
you would really rather not), this document is well-written and clear, except
for one suggestion.  "If the value does not match any known range, then the
packet MUST be dropped and an alert MAY be logged. This process is summarized
in Figure 3." Figure 3 does not have an "else" clause, or something, that
handles the first sentence quoted.



-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux