Early Review of draft-ietf-bmwg-ngfw-performance-00

Request Review of draft-ietf-bmwg-ngfw-performance-00
Requested rev. 00 (document currently at 03)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2019-04-08
Requested 2019-03-18
Requested by Al Morton
Authors Balamuhunthan Balarajah, Carsten Rossenhoevel, Brian Monkman
Draft last updated 2019-07-08
Completed reviews Secdir Early review of -00 by Kathleen Moriarty (diff)
This early review request would be ideally assigned to someone who specializes in Firewall design and/or configuration. This is not a request for a typical Security Considerations review: the scope is Lab testing/Benchmarking in an isolated test environment.
Please feel free to suggest SEC area WGs where we could cross-post for comments, in addition to this review request.
bmwg co-chair
Assignment Reviewer Kathleen Moriarty
State Completed
Review review-ietf-bmwg-ngfw-performance-00-secdir-early-moriarty-2019-07-08
Posted at https://mailarchive.ietf.org/arch/msg/secdir/QBDNlfOjd9jiu55OifS6mKUfTeM
Reviewed rev. 00 (document currently at 03)
Review result Has Nits
Review completed: 2019-07-08


Thank you for your work on draft-ietf-bmwg-ngfw-performance.  This is a straightforward review establishing metrics for comparison of SUT/DUT for firewalls establishing measurement requirements as well as acceptance criteria.  When crypto is recommended for use in testing, it's current, although it should be noted that this is just for test environments.  In terms of security, I think this document is ready with nits.

Please add a security considerations section.  Feel free to include something like what's above.

Section 4.1: Nit

Spell out Device under test/system under test on first use.  I don't think it comes up that often in the IESG review cycle.  I had to look it up and my memory was jogged.

Sorry for my late 'early' review!