Thank you for the additional sentence in Security Considerations. While it is quite subtle, I think it is fine. (Zahed's opinions might be different)
Deb On Mon, Jan 13, 2025 at 1:50 PM Jeffrey Haas <[email protected]> wrote: > Éric and the rest of the IESG: > > On Fri, Jan 10, 2025 at 04:39:27PM +0000, Eric Vyncke (evyncke) wrote: > > The IESG telechat of the 9th of January has reviewed [1] > draft-ietf-bfd-large-packets-14 and decided that a revised I-D is required. > The key issue is about the padding, both in the YANG leaf (per Mahesh’s > comment) and in the section 3 about the expected “receiver” behavior (i.e., > check or ignore that the optional padding is full of 0, if no check, then > mention a potential covert channel in the security section). > > > > This should be an easy update for a revised I-D :-) > > Version -15, just uploaded, has addressed the majority of the critical > points in the DISCUSSes. > > Two points from Mahesh linger pending his response: > 1. I don't think we should discuss padding contents in the YANG module, and > await his justification for why he thinks it belongs in there. > > 2. While the YANG security considerations boilerplate update request seems > otherwise reasonable, the desired format creates a MISREF. This is a more > general issue than just this specific document and is unlikely to be an > intended side effect. We await his advice on how to reconcile that issue. > > -- Jeff >
