The threats document:
<http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-threats-03>
was updated September 14, 2012, the idea being it captured the
comments made on -02, a primary author of comments was Danny (copied),
had the commentors gotten time to review whether or not the comments
met their expectations?
I do note today's rambling discussion brought up something I'd have re-worded:
In section 5:
o "Route leaks" are viewed as a routing security problem by many
operators, even though there is no IETF-codified definition of a
route leak. BGP itself does not include semantics that preclude
what many perceive as route leaks. Moreover, route leaks are
outside the scope of PATHSEC, at this time, based on the SIDR
charter. Thus route leaks are not addressed in this threat model.
o I would have added a linkage to a document or draft which talks
about operators
and their views on route-leaks. (yes, someone should get that
document done,
the -no-help could be that possibly)
o is the intent of 'ietf-codified' to mean:
"Informational/Standards-Track RFC" ?
is that the right height of bar? it seems higher than I would
have expected.
o it's possible that the meaning of the first sentence is 'people
THINK this is a
security problem, it is NOT. the downstream effects of leaks
could, however,
be security problems.' - is that the intent? Oh, there's
interesting text about this
section 5 text in 4.2: "... and might be the result of a local policy that
is not publicly disclosed. As a result, they are not considered attacks"
o it might due everyone a favor to say something in the next-to-last sentence
about WHY route leaks are not included in the current charter, and that
revising the document is expected (is it?) if later conditions change and
route leaks are included in the charter. perhaps:
"Moreover, route leaks are outside the scope of PATHSEC, because there
is not a firm definition nor information in an update which could
inform the
local policy system about the existence of a route leak. Additionally, the
current SIDR charter does not discuss route leaks. If at a later
time, infrormation
is included in the update and the charter is amended this
document should be
revised."
In section 2, since you later (in 5) talk about there not being a
codified definition, you
may want to point the route-leak terminology at the same ID/reference.
thanks!
-chris
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
