While working on the PubSub slides for the WG session, I realized that the WG list was not in CC on the SECDIR review of PubSub.
Forwarding the review now in case some of you might have missed it. Alberto On 10/1/20, 5:35 AM, "Chris Lonvick" <[email protected]> wrote: Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This is an "Early Review Request" so I'm going to mark the draft as READY WITH NITS. It appears that there's a raft of drafts of LISP documents progressing together through the WG that cross-reference each other in that they all provide foundation and support for their collective features. (I'll admit that I haven't been keeping up.) So if my nits have been addressed in another document, that just means that I didn't dig far or deep enough so please consider giving a pointer in the Security Considerations of this document so others won't similarly be left adrift. In this document, and the associated others that I peered into, the term "nonce" seems to be used more as a "token" than, well, what I consider to be a nonce. In one case it may be a random value, but in several others the value is stored, compared, and reused. This is inconsistent with the IETF's Security Glossary RFC 4949. Also, there is a reference to increasing the nonce for a particular use. However, I saw no discussion of what to do when the value exceeds the field space. Other than that, the document appears to be well written and well thought out. Best regards, Chris _______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
