Last Call Review of draft-ietf-karp-ospf-analysis-05
review-ietf-karp-ospf-analysis-05-secdir-lc-emery-2012-11-18-00

Request Review of draft-ietf-karp-ospf-analysis
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2012-11-13
Requested 2012-10-04
Draft last updated 2012-11-18
Completed reviews Genart Last Call review of -05 by Elwyn Davies (diff)
Genart Telechat review of -?? by Elwyn Davies
Secdir Last Call review of -05 by Shawn Emery (diff)
Assignment Reviewer Shawn Emery
State Completed
Review review-ietf-karp-ospf-analysis-05-secdir-lc-emery-2012-11-18
Reviewed rev. 05 (document currently at 06)
Review result Ready
Review completed: 2012-11-18

Review
review-ietf-karp-ospf-analysis-05-secdir-lc-emery-2012-11-18

I have reviewed this document as part of the security directorate's 


ongoing effort to review all IETF documents being processed by the IESG. 


These comments were written primarily for the benefit of the security 


area directors. Document editors and WG chairs should treat these 


comments just like any other last call comments.






This informational draft describes security issues associated with 


manual keying in OSPF.  The draft then provides guidance to counter 


these security threats.






The security considerations section does exist and reiterates what is 


discussed in the main document, given that this is essentially a 


security draft.  The security points discussed deal with replay, 


protecting routing data, and DoS attacks.  For the former two the draft 


suggests the use of digital signatures as described in RFC2154.  In 


regards to the latter, the draft proposes a solution utilizing RFC5082 


.  I believe the guidance given does not yield any security concerns and 


would be an improvement over the existing OSPF protocol.




General comments:

None.

Editorial comments:

s/RFC 2154 [RFC2154] provides/[RFC 2154] provides/

Shawn.
--