Hi Brian, Thanks for your review.
> -----Original Message----- > From: Pce [mailto:[email protected]] On Behalf Of Brian Carpenter > Sent: 23 December 2017 06:25 > To: [email protected] > Cc: [email protected]; [email protected] > Subject: [Pce] Genart last call review of draft-ietf-pce-pcep-exp- > codepoints-04 > > Reviewer: Brian Carpenter > Review result: Ready > > Reviewer: Brian Carpenter > Review Date: 2017-12-23 > IETF LC End Date: 2017-12-28 > IESG Telechat date: 2018-01-11 > > Summary: Ready > -------- > > Comment: > -------- > > fwiw, I agree with this: > > [RFC3692] asserts that the existence of experimental code points > introduce no new security considerations. However, implementations > accepting experimental codepoints need to take care in how they parse > and process the messages, objects, and TLVs in case they come, > accidentally, from another experiment. > > There are a few words in https://tools.ietf.org/html/rfc6709#section-5 > that might also be relevant. An experimental code point is in effect a > protocol extension with unknown security properties. > [[Dhruv Dhody]] We could add this text as per your suggestion - Further, an implementation accepting experimental code points needs to consider the security aspects of the experimental extensions. [RFC6709] provide various design considerations for protocol extensions (including those designated as experimental). Thanks! Dhruv > _______________________________________________ > Pce mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/pce _______________________________________________ Pce mailing list [email protected] https://www.ietf.org/mailman/listinfo/pce
