Alvaro Retana has entered the following ballot position for draft-ietf-pce-lsp-control-request-09: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-pce-lsp-control-request/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I have a substantive comment and then some nits/editorial notes. (1) It seems to me that any PCE can request control of an LSP. Even if the sessions are authenticated and encrypted, how does the PCC determine if it's ok for the requesting PCE to ask for control? §8.1 says that an "implementation SHOULD allow the operator to configure the policy based on which it honors the request to control the LSPs". If the implementation doesn't allow the configuration of policy, then it is possible for a rogue PCE to ask for control of an LSP, and for the PCC to grant it. Why is the ability to configure this policy not REQUIRED? I believe this case should be explicitly called out as a vulnerability. (2) Abstract: s/A Path Computation Client (PCC) has set up LSPs/A Path Computation Client (PCC) that has set up LSPs (3) §1: s/which PCE to delegate the orphaned LSP/which PCE to delegate the orphaned LSP to (4) §1: s/a simple extension, by using this a PCE can/a simple extension, by using it a PCE can (5) In §3 the new C Flag is called the "LSP-Control Request Flag", but §7.1 only uses "LSP-Control". Please be consistent; the more descriptive name is probably better. _______________________________________________ Pce mailing list Pce@ietf.org https://www.ietf.org/mailman/listinfo/pce