Telechat Review of draft-ietf-anima-prefix-management-06
review-ietf-anima-prefix-management-06-secdir-telechat-meadows-2017-12-09-00

Request Review of draft-ietf-anima-prefix-management
Requested rev. no specific revision (document currently at 07)
Type Telechat Review
Team Security Area Directorate (secdir)
Deadline 2017-12-12
Requested 2017-11-12
Authors Sheng Jiang, Zongpeng Du, Brian Carpenter, Qiong Sun
Draft last updated 2017-12-09
Completed reviews Genart Last Call review of -05 by Dan Romascanu (diff)
Rtgdir Last Call review of -05 by Geoff Huston (diff)
Opsdir Last Call review of -06 by Fred Baker (diff)
Secdir Last Call review of -05 by Russ Housley (diff)
Secdir Telechat review of -06 by Catherine Meadows (diff)
Genart Telechat review of -06 by Dan Romascanu (diff)
Assignment Reviewer Catherine Meadows
State Completed
Review review-ietf-anima-prefix-management-06-secdir-telechat-meadows-2017-12-09
Reviewed rev. 06 (document currently at 07)
Review result Ready
Review completed: 2017-12-09

Review
review-ietf-anima-prefix-management-06-secdir-telechat-meadows-2017-12-09

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments

This informational  draft describes two autonomic technical objectives for  IPV6  prefix management  in large-scale networks,
with an extension to support IPV4 prefixes.  The focus is mainly on edge nodes, since it is assumed that the network’s main infrastructure
elements already have addresses and prefixes.  The main purpose of the document is to be used for the validation of the 
(GeneRic Autonomic Signaling Protocol) GRASP in  draft-ietf-anima-grasp-15 and other components of the autonomic networking infrastructure
described in  draft-ietf-anima-reference-model-04.  
The technical objectives have to do with efficient and correct distribution of prefixes with minimum amount of human involvement. 
GRASP itself is  a generic protocol that enables autonomic
nodes to dynamically discover peers, to synchronize state with each other,and to negotiate parameter settings with each other.  The application described
in draft-ietf-anima-prefix-management-06 clearly falls within the intended application of GRASP.



The Security Considerations Section secdir review of draft-ietf-anima-prefix-management-06 reads as follows:

 Relevant security issues are discussed in [I-D.ietf-anima-grasp].The preferred security model is that devices are trusted following the secure bootstrap procedure
[I-D.ietf-anima-bootstrapping-keyinfra] and that a secure AutonomicControl Plane (ACP) [I-D.ietf-anima-autonomic-control-plane] is in place.  

I’ve taken a look at draft-ietf-anima-grasp-15 and it provides an extensive security considerations section that covers the security issues
involved in using it.  I do not see that draft-ietf-anima-prefix-management-06 introduces any new issues. 

Draft-ietf-anima-prefix-management-06 is somewhat unusual in that the documents that it references in the Security Considerations Section are themselves drafts, not RFCs.
So it is possible (although I do not think very likely) that changes in the referenced drafts could have an effect on the security considerations of
draft-ietf-anima-prefix-management-06.  Leaving that concern aside, I consider this document Ready.







Catherine Meadows
Naval Research Laboratory
Code 5543
4555 Overlook Ave., S.W.
Washington DC, 20375
phone: 202-767-3490
fax: 202-404-7942
email: catherine.meadows@nrl.navy.mil <mailto:catherine.meadows@nrl.navy.mil>