I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
Summary: On the right track with open issues
I was also the Gen-Art reviewer for this draft
My Gen-Art Review can be found here:
<http://mailarchive.ietf.org/arch/msg/gen-art/kxvhQcl3d2fS5aX_4nXUqGRBy0w>
Please skim that review if you have not already seen it for context.
This document defines a new IPv6 Destination Option. It relies on AH to
detect any tampering (particularly removal) with the option.
The document is currently formulated to simply define the option, and
leaves it to other documents to describe when to use the option and how
audit mechanisms in protocols that use the option can protect themselves
from likely attacks. If the document clarifies that the option must not
be used except by a protocol that has defined these things, I believe
sufficient effort has been put into the security considerations. If the
group intends for this option to be usable without such an additional
protocol definition, this document needs to contain more discussion.