Hi Ben

Thanks for the comments - please see [Jon] below.

Best regards
Jon

-----Original Message-----
From: Pce [mailto:pce-boun...@ietf.org] On Behalf Of Ben Campbell
Sent: 03 April 2018 21:00
To: The IESG <i...@ietf.org>
Cc: pce@ietf.org; pce-cha...@ietf.org; draft-ietf-pce-lsp-setup-t...@ietf.org
Subject: [Pce] Ben Campbell's No Objection on draft-ietf-pce-lsp-setup-type-09: 
(with COMMENT)

<snip>

Substantive Comments:

§1.1: There are at least a few instances of lower case versions of 2119 
keywords. Please consider using the boilerplate from RFC 8174.

[Jon] OK - done




§7:
Doesn't this need to say something about the possible security considerations 
when adding new path setup types ?

[Jon] I added the following in response to a similar comment from Benjamin 
Kaduk.  Do you think this covers it?

NEW
  Note that, if the security mechanisms of [RFC5440] and [RFC8281] are not 
used, then the protocol described by this draft could be attacked in the 
following new way.  An attacker, using a TCP man-in-the-middle attack, could 
inject error messages into the PCEP session when a particular PST is (or is 
not) used.  By doing so, the attacker could potentially force the use of a 
specific PST, which may allow them to subsequently attack a weakness in that 
PST.
END




Editorial Comments and Nits:

§5: "... it MUST consider that the peer suports only ...: I think perhaps 
"consider" should have been "assume"? Also, s/suports/supports.

[Jon] Thanks - fixed.


_______________________________________________
Pce mailing list
Pce@ietf.org
https://www.ietf.org/mailman/listinfo/pce
_______________________________________________
Pce mailing list
Pce@ietf.org
https://www.ietf.org/mailman/listinfo/pce

Reply via email to