Last Call Review of draft-ietf-pals-status-reduction-04
review-ietf-pals-status-reduction-04-secdir-lc-sheffer-2017-03-30-00

Request Review of draft-ietf-pals-status-reduction
Requested rev. no specific revision (document currently at 05)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2017-03-31
Requested 2017-03-17
Other Reviews Rtgdir Early review of -01 by Adrian Farrel (diff)
Opsdir Last Call review of -04 by Jürgen Schönwälder (diff)
Genart Last Call review of -04 by Dan Romascanu (diff)
Review State Completed
Reviewer Yaron Sheffer
Review review-ietf-pals-status-reduction-04-secdir-lc-sheffer-2017-03-30
Posted at https://mailarchive.ietf.org/arch/msg/secdir/63ZRsZnPVkhEEWxKo2Pzk4UN-xw
Reviewed rev. 04 (document currently at 05)
Review result Ready
Draft last updated 2017-03-30
Review completed: 2017-03-30

Review
review-ietf-pals-status-reduction-04-secdir-lc-sheffer-2017-03-30

This document proposes a way to aggregate status messages of multiple pseudowires carried on the same MPLS-network LSP.

The Security Considerations simply refer to an earlier RFC, and this makes sense in this case.

However from a broader perspective, I think the community should consider another look at its security assumptions. After what we've seen in recent years, maybe it's not a good idea to refer back to a 2006 document that contains this sentence: "To prevent unwanted packet insertion, it is also important to prevent unauthorized physical access to the PSN," We have all learned the hard way that this advice is not practical - bad actors WILL get physical access to your network.