[Last-Call] Re: [Pce] Intdir telechat review of draft-ietf-pce-stateful-pce-vendor-09

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks Samul for the quick reaction.

The update looks good to me as well. Let’s update it when the windows is reopen.

 

BR,

Cheng

 

 

From: Samuel Sidor (ssidor) <ssidor@xxxxxxxxx>
Sent: Thursday, October 24, 2024 10:09 AM
To: Wassim Haddad <wassim.haddad@xxxxxxxxxxxx>; Dhruv Dhody <dhruv.ietf@xxxxxxxxx>
Cc: int-dir@xxxxxxxx; draft-ietf-pce-stateful-pce-vendor.all@xxxxxxxx; last-call@xxxxxxxx; pce@xxxxxxxx
Subject: RE: [Pce] Intdir telechat review of draft-ietf-pce-stateful-pce-vendor-09

 

Hi Wassim, Dhruv,

 

Thanks a lot for review and for suggested text from Dhruv. Attached updated version of the draft.

I’ll submit it when uploading new draft versions will be unblocked.

 

Regards,

Samuel

 

From: Wassim Haddad <wassim.haddad@xxxxxxxxxxxx>
Sent: Wednesday, October 23, 2024 11:46 PM
To: Dhruv Dhody <dhruv.ietf@xxxxxxxxx>
Cc: int-dir@xxxxxxxx; draft-ietf-pce-stateful-pce-vendor.all@xxxxxxxx; last-call@xxxxxxxx; pce@xxxxxxxx; Wassim Haddad <wassim.haddad@xxxxxxxxxxxx>
Subject: Re: [Pce] Intdir telechat review of draft-ietf-pce-stateful-pce-vendor-09

 

OK thanks, Dhruv!

 

 

Wassim H.

 

 

On 10/23/24, 12:23AM, "Dhruv Dhody" <dhruv.ietf@xxxxxxxxx> wrote:

 

Hi Wassim, 

 

On Wed, Oct 23, 2024 at 10:32AM Wassim Haddad via Datatracker <noreply@xxxxxxxx> wrote:

Reviewer: Wassim Haddad
Review result: Ready

Summary: IMHO, this draft is in good shape. It is clear and easy to read.

Major issues: None

Minor issues: None

Proposal:
It would be helpful for the reader if more explanation can be added to the
following text in the “Security Considerations” section:

“While there is limited protection against this, an operator monitoring the
PCEP sessions can detect the use of vendor-specific information, be aware of
the decoding mechanism for this information, and stay vigilant for potential
misuse.”

=> Agree always good to stay vigilant. But on what basis the operator can
detect the potential misuse to prevent potential harm?

 

Dhruv: The idea is that while decoding this information, the checks should be performed in accordance with the format of the vendor-specific data, just as with any other standard PCEP Object. What we wanted to emphasize is that the object shouldn’t be treated as opaque and left uninspected, as this could be misused. Please note, this isn’t a new object; it already exists.

How is this as a possible update -

While there is limited protection against this, an operator monitoring the
PCEP sessions can detect the use of vendor-specific information, be aware of
the decoding mechanism for this data, and inspect it accordingly. It’s crucial for
the operator to remain vigilant and monitor for any potential misuse of this object.

 

Thanks! 

Dhruv (Document shepherd)

 



_______________________________________________
Pce mailing list -- pce@xxxxxxxx
To unsubscribe send an email to pce-leave@xxxxxxxx

-- 
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux