ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [secdir] Secdir review of draft-ietf-isis-trill

2010-12-20 10:30:32
from [Radia Perlman] [Permanent Link] 
No objections.

Radia

On Sun, Dec 19, 2010 at 10:16 AM, Donald Eastlake <d3e3e3(_at_)gmail(_dot_)com> 
wrote:

My apologies for responding slowly, I was traveling.

If it is tolerable to people, I do not mind adding the two sentences
requested by Sam to the isis-trill draft.

Thanks,
Donald

PS: It appears to me that the same considerations apply to
draft-ietf-isis-ieee-aq.

On Fri, Dec 17, 2010 at 10:45 PM, Sam Hartman 
<hartmans-ietf(_at_)mit(_dot_)edu> wrote:

"Erik" == Erik Nordmark <nordmark(_at_)acm(_dot_)org> writes:



   Erik> Adding just this sentence to draft-ietf-isis-trill (the code
   Erik> point document) seems odd. Your comment is really a comment on
   Erik> the security of IS-IS, and not specific to TRILL and unrelated
   Erik> to the code points.

I don't care much where the text goes.  I'm happy if you provide an rfc
editor note for draft-ietf-trill-rbridge-protocol if you like that
approach better.  However, as I read draft-ietf-isis-trill, it defines
the interface between TRILL and IS-IS.  In my mind, that's where the
security consideration appears.  You're re-using a component that isn't
up to our current standards--we know that; we're working on it in
KARP. However in doing that, you need to document the security
considerations for your protocol.  Since you have a document that
specifically is the interface between your protocol and the component
you are re-using,that seems like the best place to do the documentation
work.

however, in decreasing order of priority, I want to call out my concern
that we need to be far more careful about what we expect in terms of
security from future work we charter and that we should document the
specific interactions between IS-IS and TRILL.  While I have expressed
an opinion above on where I think that documentation should go, feel
free to put it where you think is most correct.

_______________________________________________
secdir mailing list
secdir(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/secdir


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Last Call: <draft-ietf-tls-rfc4347-bis-04.txt> (Datagram Transport Layer Security version 1.2) to Proposed Standard, Florian Weimer
Next by Date:  Re: [secdir] Secdir review of draft-ietf-isis-trill, Sam Hartman
Previous by Thread:  Re: [secdir] Secdir review of draft-ietf-isis-trill, Donald Eastlake
Next by Thread:  Re: [secdir] Secdir review of draft-ietf-isis-trill, Sam Hartman
Indexes:  [Date] [Thread] [Top] [All Lists]