Last Call Review of draft-ietf-dime-4over6-provisioning-03
review-ietf-dime-4over6-provisioning-03-genart-lc-housley-2015-07-12-00
| Request | Review of | draft-ietf-dime-4over6-provisioning |
|---|---|---|
| Requested rev. | no specific revision (document currently at 06) | |
| Type | Last Call Review | |
| Team | General Area Review Team (Gen-ART) (genart) | |
| Deadline | 2015-07-20 | |
| Requested | 2015-07-09 | |
| Authors | Cathy Zhou, Tom Taylor, Qiong Sun, Mohamed Boucadair | |
| Draft last updated | 2015-07-12 | |
| Completed reviews |
Genart Last Call review of -03 by Russ Housley
(diff)
Opsdir Last Call review of -03 by Tim Chown (diff) |
|
| Assignment | Reviewer | Russ Housley |
| State | Completed | |
| Review | review-ietf-dime-4over6-provisioning-03-genart-lc-housley-2015-07-12 | |
| Reviewed rev. | 03 (document currently at 06) | |
| Review result | Almost Ready | |
| Review completed: | 2015-07-12 |
Review
review-ietf-dime-4over6-provisioning-03-genart-lc-housley-2015-07-12
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at < http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. This review is in response to a request for early Gen-ART review. Document: draft-ietf-dime-4over6-provisioning-03 Reviewer: Russ Housley Review Date: 2015-07-12 IETF LC End Date: 2015-07-20 IESG Telechat date: unknown Summary: Almost Ready Major Concerns: None Minor Concerns: In section 2.4, please replace "the MAP-E document" with a reference to [I-D.ietf-softwire-map]. The Security Considerations section talks about two concerns: (1) man-in-the-middle modification of the AVP contents leading to misconfiguration, and (2) disclosure of subscriber addresses allowing the attacker to track subscriber activity. If I have understood these properly, the second one is more of a privacy consideration. Please consider moving this to a separate section on privacy considerations. Returning to the first part of the security considerations, please say more about the possible consequences of a man-in-the-middle making modifications to the AVP contents. Is there anything that the implementer can do to make the attack more difficult to accomplish or raise the likelihood of detection? Other Comments: Section 2.6 begins this way: "It appears that two items are common to the different transition methods and the corresponding AVPs to carry them can be reused...". By the time this document achieves consensus and it is ready to be published as an RFC, there is no longer a need for such a soft touch. I suggest: "There are two items that are common to the different transition methods, and the corresponding AVPs to carry them can be reused..." Section 3.3 says: 64-Multicast-Attributes AVP MUST include at least the ASM-mPrefix64 AVP or the SSM-mPrefix64 AVP. Both the ASM-mPrefix64 AVP and the SSM-mPrefix64 AVP MAY be present. Would it be more clear to say it this way? 64-Multicast-Attributes AVP MUST include the ASM-mPrefix64 AVP or the SSM-mPrefix64 AVP, and it MAY include both. Please provide labels for Figures 5, 6, and 7. Based on the other figures, they should probably be: - Figure 5: LW4over6-Binding AVP - Figure 6: MAP-E-Attributes AVP - Figure 7: MAP-Mapping-Rule AVP