I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.
The security considerations section does a reasonable job of describing
threats against the protocol. It seems also that RFC 4609 might also be
relevant, if it is it should be referenced. In several cases the
security considerations section suggests using source authentication to
mitigate problems. The document does list IPSec AH as a way to achieve
this, however this is not a mandatory to implement mechanism. In
addition this document points to RFC 4601 for direction on how to use
IPSec. RFC 4601 just specifies manual keying without any specific
parameters. This leaves the pim-bidr draft (and RFC 4601) without an
specified mandatory to implement interoperable security mechanism.
This issue was discussed previously during the last call of RFC 4601. I
would like to understand better why IPSec AH does not have a stronger
requirement and why no automated key management is specified.
Thanks,
Joe
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf