Reviewer: Yaron Sheffer Review result: Has Issues The document defines limited parameter negotiation for RPC-RDMAv1, using a private message sent over the underlying transport protocol (e.g., InfiniBand). The document is clear enough, until it comes to the Security Considerations. As a newcomer to this domain, there are several points that I fail to understand: - The CM Private Data described here is not one of the messages of the RPC-RDMA protocol. So how can it "inherit the security considerations of the protocols it extends," - where this refers to RPC-RDMA? - The next paragraph explains that the integrity is ensured by use of RC QP (whatever that is). But there's no mention of this entity in RFC 8166, which is supposed to define the security for this protocol. (Or in RFC 5042, for that matter). - I am usually suspicious of pre-2010 RFCs that recommend IPsec as a per-protocol solution (RFC 5042, Sec. 5.4.3). Is IPsec deployed in real life to protect these protocols, and if so, does it also protect the new CM Private Data? - And then after saying that integrity protection is ensured, we say that even if integrity was compromised and the parameters were modified anyway, no problem, this would only result in "self imposed denial of service". Even if true for the currently negotiated parameters, this cannot be true for every conceivable parameter that may be added in the future. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
