Last Call Review of draft-ietf-pce-gmpls-pcep-extensions-12
review-ietf-pce-gmpls-pcep-extensions-12-secdir-lc-roca-2018-11-29-00

Request Review of draft-ietf-pce-gmpls-pcep-extensions
Requested rev. no specific revision (document currently at 14)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-10-29
Requested 2018-10-15
Other Reviews Rtgdir Last Call review of -12 by Dave Sinicrope (diff)
Opsdir Last Call review of -12 by Tianran Zhou (diff)
Secdir Telechat review of -13 by Vincent Roca (diff)
Genart Telechat review of -14 by Elwyn Davies
Review State Completed
Reviewer Vincent Roca
Review review-ietf-pce-gmpls-pcep-extensions-12-secdir-lc-roca-2018-11-29
Posted at https://mailarchive.ietf.org/arch/msg/secdir/fbNn4zEie0A8Q9cdD_F1YBswwaE
Reviewed rev. 12 (document currently at 14)
Review result Has Issues
Draft last updated 2018-11-29
Review completed: 2018-11-29

Review
review-ietf-pce-gmpls-pcep-extensions-12-secdir-lc-roca-2018-11-29

Hello,

I have reviewed this document as part of the security directorate’s ongoing
effort to review all IETF documents being processed by the IESG. These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

Summary: Ready with issues

The Security Considerations section provides a good introduction to the risks.
However my main concern is the lack of discussion around security policies.
After reading this section, we have the feeling that TLS alone is sufficient to
secure the GMPLS PCE WRT the three attacks described.
With scenario 1, a fundamental  part of the solution consists in setting
up security policies: what is acceptable or not in terms of path?
It may be discussed in the two references mentioned in the last paragraph,
but even in that case, the way the current section is written is misleading.


I have two additional  comments:

** Ambiguous text: it is said

        o  Message deciphering: As in the previous case, knowledge of an
              infrastructure can be obtained by sniffing PCEP messages.

Message deciphering suggests the message is encrypted but the attacker
has enough knowledge to decrypt it. I'm not sure it's what the authors mean.
I think there's a confusion in the use of "deciphering" which in security
explicitely refers to encryption (https://en.wikipedia.org/wiki/Cipher).

** Ambiguous text: it is said

        "Authentication can provide origin verification, message integrity and replay protection,..."

Àuthentication of the two peers on the one hand, and integrity/replay
protection on the other hand, are different services.
There's probably a package where these three services are bundled together,
but that's a design choice. I suggest changing a little bit the sentence
to avoid this confusion.


Typo:
** Section 6: "A legitimate PCC could requests"  : s/requests/request/

Cheers,

  Vincent