> On Dec 27, 2017, at 5:46 AM, Dhruv Dhody <[email protected]> wrote: > > Hi Brian, > > Thanks for your review. > >> -----Original Message----- >> From: Pce [mailto:[email protected]] On Behalf Of Brian Carpenter >> Sent: 23 December 2017 06:25 >> To: [email protected] >> Cc: [email protected]; [email protected] >> Subject: [Pce] Genart last call review of draft-ietf-pce-pcep-exp- >> codepoints-04 >> >> Reviewer: Brian Carpenter >> Review result: Ready >> >> Reviewer: Brian Carpenter >> Review Date: 2017-12-23 >> IETF LC End Date: 2017-12-28 >> IESG Telechat date: 2018-01-11 >> >> Summary: Ready >> -------- >> >> Comment: >> -------- >> >> fwiw, I agree with this: >> >> [RFC3692] asserts that the existence of experimental code points >> introduce no new security considerations. However, implementations >> accepting experimental codepoints need to take care in how they parse >> and process the messages, objects, and TLVs in case they come, >> accidentally, from another experiment. >> >> There are a few words in https://tools.ietf.org/html/rfc6709#section-5 >> that might also be relevant. An experimental code point is in effect a >> protocol extension with unknown security properties. >> > [[Dhruv Dhody]] We could add this text as per your suggestion - > > Further, an implementation > accepting experimental code points needs to consider the security > aspects of the experimental extensions. [RFC6709] provide various > design considerations for protocol extensions (including those > designated as experimental).
This seems reasonable to me. Brian, thanks for your review. I entered a No Objection ballot. Alissa > > Thanks! > Dhruv > >> _______________________________________________ >> Pce mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/pce > > _______________________________________________ > Gen-art mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/gen-art _______________________________________________ Pce mailing list [email protected] https://www.ietf.org/mailman/listinfo/pce
