Roman Danyliw has entered the following ballot position for draft-ietf-spring-sr-yang-29: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-spring-sr-yang/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Section 9. The primary impact of the manipulating writable nodes appears to be characterized as DoS. Don’t the possible consequences also include the ability to leak traffic outside the trusted domain or to route traffic through arbitrary paths of the attackers choosing potentially enable on-path inspection or manipulation of traffic; or avoidance of security controls? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- ** Section 9. Thanks for using the templated YANG Security Considerations. A nit on the references s/[RFC6536]/[RFC8341]/ ** Section 9. The following caution around readable nodes didn’t parse for me. Was the intent as follows: OLD The exposure of both local bindings and SID database will exposure segment routing paths that may be attacked. NEW The exposure of either the local bindings or SID database would provide an attacker the segment routing paths and related topology information. ** Section 9. Typo. s/a a/a/ ** Section 9. Typo. s/rediection/redirection/ _______________________________________________ spring mailing list spring@ietf.org https://www.ietf.org/mailman/listinfo/spring
