In a galaxy far, far away, some people once wrote:
I suggested in my last review:
“It is important to do more than this: 7182 does only provide
“containers”
for ICVs and timestamps, and does not specify how to use
them to obtain
specific security properties. RFC7182 may be a tool that can
be used, but
*how* that tool is used is what determines the security
properties.
Therefore, saying that “security is dealt with by using
RFC7182” is either an
incomplete statement, or is indicative of insufficient
security considerations.”
The actual sentence in the I-D has been changed, now it explicitly
names the
two TLVs from 7182 that it uses. That is, alas, still not sufficient.
Making the aside that was discussed recently on the list, that (i)
control messages
are not forwarded, and that (ii) they are modified in transit, the
security/trust model
is somewhat different from that of 7181 and consequently for what
7182 was initially
written for. I think that calling out the trust model, and how 7182
actually is used here,
might be what is called for.
Continuing with the aside, this *especially* as the applicability
statement says:
"Providing security for a reactive routing protocol can be
difficult”
Vicky: Anyone like to volunteer some text?
I'm going to have to think about this for a while…
