[Last-Call] Secdir last call review of draft-ietf-bess-bgp-sdwan-usage-19

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Stephen Farrell
Review result: Has Issues

I looked at the diff from -15 to -19.

I think the main security issue of depending on BGP over TLS remains - that
seems almost fictional (is it?), whereas the shepherd write-up says: "...this
draft is simply describing the usage of existing technologies standardised
within bess to SD-WAN." I see Roman's existing discuss already covers this.

I note that https://datatracker.ietf.org/doc/draft-wirtgen-bgp-tls/ was posted
since I did the review of -15 of this draft, but that seems to be a fairly
brief -00 individual submission. Presumably that work would have to have
progressed significantly before this draft could reflect reality.

As this draft is aiming to become an informational RFC, I guess one could
rewrite the sections mentioning TLS to say that BGP/TLS is needed for this to
be secure, is not available today, but is something that is being developed
(e.g. referring to draft-wirtgen-bgp-tls). However, doing that before adoption
of a work item for BGP/TLS by some routing WG might well be considered
premature and overly optimistic?



-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux