Hi Greg, As I said in my review: if the authors have verified that the security considerations in the Framework document provide good coverage of the use cases that you describe here then Yes. I am not an MPLS expert and certainly not an MPLS security expert, so I cannot contribute much towards this analysis. Thanks, Yaron From: Greg Mirsky <gregimirsky@xxxxxxxxx>
Date: Friday, 13 September 2024 at 17:24
To: Yaron Sheffer <yaronf.ietf@xxxxxxxxx>
Cc: secdir@xxxxxxxx <secdir@xxxxxxxx>, draft-ietf-mpls-mna-usecases.all@xxxxxxxx <draft-ietf-mpls-mna-usecases.all@xxxxxxxx>, last-call@xxxxxxxx <last-call@xxxxxxxx>, mpls@xxxxxxxx <mpls@xxxxxxxx>
Subject: Re: Secdir last call review of draft-ietf-mpls-mna-usecases-12 Hi Yaron, thank you for your comments and suggestion adding the reference. Would the following address your concern: 6. Security Considerations This document introduces no new security considerations beyond those outlined in Section 7 of [I-D.ietf-mpls-mna-fwk]. On Fri, Sep 13, 2024 at 6:39 AM Yaron Sheffer via Datatracker <noreply@xxxxxxxx> wrote: Reviewer: Yaron Sheffer
Review result: Has Issues
This document reviews multiple use cases for a new extension to MPLS, Network
Action Indicators.
The entirety of the Security Considerations section reads:
This document introduces no new security considerations.
I am not convinced, and I think an explanation is needed on why MNA are more or
less susceptible to attacks than the way these use cases are signaled today.
That *could* lead to discussion of new security controls.
Specifically I would recommend to address the more difficult migration and
coexistence scenarios listed in Sections 3 and 4.
In fact, even a reference to
https://www.ietf.org/archive/id/draft-ietf-mpls-mna-fwk-10.html#name-security-considerations
may do the job, assuming the authors believe the Security Considerations over
in that document cover the use cases listed here.
|
--
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx
