Kathleen Moriarty has entered the following ballot position for draft-ietf-bess-mvpn-extranet-04: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-bess-mvpn-extranet/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I just have one question/request to improve the security consideration section. The only security mentioned in this draft is what's called a "security violation", where traffic may go to the incorrect "VPN" endpoint. If you are worried about traffic winding up in the wrong place, why is there no consideration for observing this traffic on the wire? Since there is no encryption, wouldn't this also be a security consideration to call out specifically? Mention of the possibility of active attacks that could alter or tamper with the traffic or passive attacks that could observe the traffic as a risk due to lack of encryption (confidentiality protection) would help or a reason why this doesn't matter. Thanks! _______________________________________________ BESS mailing list [email protected] https://www.ietf.org/mailman/listinfo/bess
