Last Call Review of draft-ietf-pwe3-mpls-eth-oam-iwk-

Request Review of draft-ietf-pwe3-mpls-eth-oam-iwk
Requested rev. no specific revision (document currently at 08)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2012-08-20
Requested 2012-08-10
Authors Dinesh Mohan, Nabil Bitar, Ali Sajassi, Simon DeLord, Philippe Niger, Ray Qiu
Draft last updated 2012-08-21
Completed reviews Genart Last Call review of -06 by David Black (diff)
Genart Telechat review of -07 by David Black (diff)
Secdir Last Call review of -?? by Steve Hanna
Assignment Reviewer Steve Hanna
State Completed
Review review-ietf-pwe3-mpls-eth-oam-iwk-secdir-lc-hanna-2012-08-21
Review result Ready
Review completed: 2012-08-21


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document describes how underlying defects in individual circuits
or pseudowires should be mapped in order to provide emulated Ethernet
service. I know very little about this area but I have reviewed the
document and the primary references.

Apparently, pseudowires provide little security themselves although
supplemental security mechanisms may be used. In that context, this
document seems to add no new security concerns. If security measures
are not used, OAM messages can be fabricated, modified, or viewed in
transit but this is arguably no worse than the lack of protection
for all the other traffic flowing over pseudowires.

The Security Considerations section in this document mainly points to
the Security Considerations sections in several more fundamental
documents. Those sections clearly describe the threats inherent in
this design so I see no need for changes to this document.