Hello, Thank you for a well written document! I know I am late to be offering comments, but with a quick read, I think calling out the ability to tamper with or alter packets should be made in the second sentence of the security considerations section. You do have the relevant text on integrity protections later in the section, but this should be considered an important enough problem to be in the sentence on possible problems due to no security mechanisms.
OLD: As a result, an attacker with access to the underlay network transporting the IP packets has the ability to snoop or inject packets. NEW: As a result, an attacker with access to the underlay network transporting the IP packets has the ability to snoop, alter, or inject packets. And in the section on Data Integrity, it should be noted that the measures in this sentence would have no bearing on the integrity of GENEVE: OLD: A data center operator may choose to deploy any other data integrity mechanisms as applicable and supported in their underlay networks. NEW: A data center operator may choose to deploy any other data integrity mechanisms as applicable and supported in their underlay networks, although this will not protect the GENEVE portion of the packet from tampering. Thank you! The document is well written and I was glad to see these considerations already in the document. I do think this will help anyone deploying multi-tenant environments to think about the importance of integrity protection and not learn the hard way. -- Best regards, Kathleen
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
