Last Call Review of draft-ietf-softwire-lw4over6-10
review-ietf-softwire-lw4over6-10-secdir-lc-weiler-2014-10-30-00

Request Review of draft-ietf-softwire-lw4over6
Requested rev. no specific revision (document currently at 13)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2014-10-28
Requested 2014-10-02
Authors Yong Cui, Qiong Sun, Mohamed Boucadair, Tina Tsou, Yiu Lee, Ian Farrer
Draft last updated 2014-10-30
Completed reviews Genart Last Call review of -10 by David Black (diff)
Genart Last Call review of -11 by David Black (diff)
Secdir Last Call review of -10 by Samuel Weiler (diff)
Opsdir Last Call review of -10 by David Black (diff)
Opsdir Telechat review of -11 by David Harrington (diff)
Opsdir Telechat review of -13 by David Black
Assignment Reviewer Samuel Weiler
State Completed
Review review-ietf-softwire-lw4over6-10-secdir-lc-weiler-2014-10-30
Reviewed rev. 10 (document currently at 13)
Review result Has Issues
Review completed: 2014-10-30

Review
review-ietf-softwire-lw4over6-10-secdir-lc-weiler-2014-10-30

I have reviewed this document as part of the security directorate's 


ongoing effort to review all IETF documents being processed by the 


IESG.  These comments were written primarily for the benefit of the 


security area directors.  Document editors and WG chairs should treat 


these comments just like any other last call comments.





Does this mechanism introduce new points for a DoS attack,
e.g. forging the ICMPv6 error message (type 1, code 5) mentioned in
Section 5.1?  I would like to see a list and discussion of these or,
if appropriate, an analysis showing that none exist.



It's probably worth explaining this 2119 RECOMMENDation in more 


detail:




   Unless an lwB4 is being allocated a full IPv4 address, it is
   RECOMMENDED that PSIDs containing the well-known ports (0-1023) are
   not allocated to lwB4s.

I would like to see a discussion of provisioning mechanism security.
Are there security-related factors that should drive the choice of
provisioning mechanism (the doc mentions several options...)?  Are
there configuration choices that should or must be made when using one
of thsoe for this purpose?


Non-security stuff:



I'm not seeing any explicit discussion of whether (and how) a lwB4 can 


request additional port space after the initial assignment.  If that 


feature does not exist, I would like to see it explicitly acknowledged 


as a limitation with a discussion of why it is not being provided.






Again, assuming that there is not such a mechanism: since this is the 


architecture document, I would like to see a few words on expected 


port assignment/utilization ratios.  Assuming a typical case of a 


residential subscriber, it seems that lw4o6 would need to assign 


enough ports to each user to accommodate expected peak usage.  This 


pretty clearly results in fewer users accommodated on a public v4 


address than if they were sharing the port space on demand.  How much 


much v4 space does lw4o6 consume in this environment compared to 


DS-Lite?





Editorial stuff:

The next-to-last paragraph of section 1 doesn't seem to flow well with
the text around it, perhaps for lack of clarity in pronoun
antecedents:

   This document is an extended case, which covers address sharing for
   [RFC7040].  It is also a variant of A+P called Binding Table Mode
   (see Section 4.4 of [RFC6346]).

And I think something is broken in the below sentence:

   The solution specified in this document allows the assignment of
   either a full or a shared IPv4 address requesting CPEs.