IESG Benjamin Kaduk: Security. this this this

[stoffi92]

provide service (unfiltered address space hijack). Since validation of the Flow Specification is tied to the announcement of the best unicast route, this may also cause this validation to fail and consequently prevent Flow Specifications from being accepted by a peer. Possible mitigations are [RFC6811] and [RFC8205].

nit: there's a lot of pronouns ("this") in here; it might be worth disambiguating a couple.

[suehares]

A rewrite for this sentence would be helpful. Here's one: New:/Since validation of the Flow Specification is tied to the announcement of the best unicast route, the failure in the validation of best path route may prevent the Flow Specificaiton from being accepted by a peer./

Please ask Robert to review this suggestion.

[stoffi92]

@raszuk can you please comment on that.

[raszuk]

To be precise we will still accept it, but just not used for best path.

s/ from being accepted by a peer/ from being used by a local router/

On Thu, Apr 23, 2020 at 9:17 PM suehares notifications@github.com wrote:

A rewrite for this sentence would be helpful. Here's one: New:/Since validation of the Flow Specification is tied to the announcement of the best unicast route, the failure in the validation of best path route may prevent the Flow Specificaiton from being accepted by a peer./

Please ask Robert to review this suggestion.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/stoffi92/rfc5575bis/issues/212#issuecomment-618606151, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAIH6EBUCBVGI2DIAESHDCTROCH45ANCNFSM4MO2BCWA .