Hi Paul, Thanks for your comment! The extended flags are stateful PCEP extension which need to observe the RECOMMENDED as per RFC8231. People could find that in Security Considerations section which is "it is RECOMMENDED that these PCEP extensions only be activated on authenticated and encrypted sessions across PCEs and PCCs belonging to the same administrative authority , using Transport Layer Security (TLS) [PCEPS], as per the recommendations and best current practices in [RFC7525]." So I am not sure if we should copy that in this flag draft. Please let me know if you have other comments and suggestions.
Regards, Quan From: PaulWoutersviaDatatracker <[email protected]> To: The IESG <[email protected]>; Cc: [email protected] <[email protected]>;[email protected] <[email protected]>;[email protected] <[email protected]>;[email protected] <[email protected]>;[email protected] <[email protected]>; Date: 2022年10月18日 08:22 Subject: Paul Wouters' No Objection on draft-ietf-pce-lsp-extended-flags-07: (with COMMENT) Paul Wouters has entered the following ballot position for draft-ietf-pce-lsp-extended-flags-07: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-pce-lsp-extended-flags/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- In the security considerations it says: This document provides for future addition of flags in the LSP Object. No additional security issues are raised in this document beyond those that exist in the referenced documents. Note that the [RFC8231] recommends that the stateful PCEP extension are authenticated and encrypted using Transport Layer Security (TLS) [RFC8253], as per the recommendations and best current practices in [RFC7525]. It feels that it is trying to say "these flags are protected by the TLS recommendation", but it could probably say that a bit more clearly. _______________________________________________ Pce mailing list [email protected] https://www.ietf.org/mailman/listinfo/pce
