Re: Secdir review of draft-ietf-isis-trill

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>>>>> "Erik" == Erik Nordmark <nordmark@xxxxxxx> writes:


    Erik> Adding just this sentence to draft-ietf-isis-trill (the code
    Erik> point document) seems odd. Your comment is really a comment on
    Erik> the security of IS-IS, and not specific to TRILL and unrelated
    Erik> to the code points.


I don't care much where the text goes.  I'm happy if you provide an rfc
editor note for draft-ietf-trill-rbridge-protocol if you like that
approach better.  However, as I read draft-ietf-isis-trill, it defines
the interface between TRILL and IS-IS.  In my mind, that's where the
security consideration appears.  You're re-using a component that isn't
up to our current standards--we know that; we're working on it in
KARP. However in doing that, you need to document the security
considerations for your protocol.  Since you have a document that
specifically is the interface between your protocol and the component
you are re-using,that seems like the best place to do the documentation
work.

however, in decreasing order of priority, I want to call out my concern
that we need to be far more careful about what we expect in terms of
security from future work we charter and that we should document the
specific interactions between IS-IS and TRILL.  While I have expressed
an opinion above on where I think that documentation should go, feel
free to put it where you think is most correct.
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]