Re: [Gen-art] IETF LC reviews: rddp security and applicability

Fri, 21 Apr 2006 18:11:39 -0700 

I was selected as General Area Review Team reviewer for this specification
(for background on Gen-ART, please see
http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
(These reviews treat DDP and RDMAP as given, and do not comment directly on those protocols.) 

RDDP/ RDMAP Security
Given the nature of RDDP, this document is a very good idea. I am glad to see it. This review does not check the completeness of the security coverage. However, as a lay reader I am quite impressed.
The document is ready for publication as an Informational RFC, and probably ready as a Proposed Standard. Personally, I would put the one IPSec requirement into the main document, and consider the rest of the material to be in the category of good advice. This is driven by the fact that the actual advice is somewhere between difficult and impossible to observe on the wire. 

   minor point:  The last sentence of the introduction reads:

   If all recommended mitigations are in place the implemented usage
   models, the RDMAP/DDP protocol can be shown to not expose any new
   security vulnerabilities.
Aside from the linguistic oddity of this sentence, it is unclear what state is being compared. I.e., compared with what condition is there an absence of new security vulnerabilities. (Presumably some state other than "not communicating".) There are scattered other odd English usages. minor: In section 2.3.2, in describing three mechanisms, the text refers to one mechanism (X) and one mechanism (Y and Z). It should refer to two mechanisms (Y and Z). 

    IDNits reports some references missing and some unused.


RDMA/DDP Applicability:
Other than needing a good English language editor, this document appears ready for publication as an Informational RFC. An example of this is that the references ought to actually be referenced in the body of the document. 



At 03:46 PM 4/13/2006, Mary Barnes wrote:

Reviewer: Joel Halpern

- 'DDP/RDMAP Security '
   <draft-ietf-rddp-security-08.txt> as a Proposed Standard
- 'Applicability of Remote Direct Memory Access Protocol (RDMA) and
Direct Data
   Placement (DDP) '
   <draft-ietf-rddp-applicability-05.txt> as an Informational RFC

IETF LC ends on 2006-04-19.

The file can be obtained via
http://www.ietf.org/internet-drafts/draft-ietf-rddp-security-08.txt
http://www.ietf.org/internet-drafts/draft-ietf-rddp-applicability-05.txt



_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art

Reply via email to