Document: draft-ietf-tsvwg-port-randomization-06
Reviewer: Avshalom Houri
Review Date: 2010-03-03
Last Call Date: 2010-03-02
IESG Telechat date: 2010-03-4

Summary: The document is not ready for publication as a BCP.

Major issues:

The document is lacking explanation on the when and how that the techniques 
that are described in the document will be used. There are many ways 
to protect the network and it is not clear when and how the specific 
techniques that are described in the document will be used, how they relate to 
other ways etc.

The introductory part of the document (up to and including section 3.2) 
seems lengthy and repeating while it is lacking some background as described 
in the previous paragraph.

Minor issues:

Lines 624-626
  However, it
   may be affected by the vector involving binding a more specific
   socket.  
-- Not clear

Lines 644-645
   Ephemeral port selection algorithms SHOULD use the largest possible
   port range, since this improves obfuscation.

-- Should be merged with lines 632-634
   As mentioned in Section 2.1, the dynamic ports consist of the range
   49152-65535.  However, ephemeral port selection algorithms should use
   the whole range 1024-49151.

Lines 870-871
   and alternative IP addresses may be included in the association
   negotiation and either of these could be used in the offset function

-- What is meant by "association negotiation"? (repeats also in line 879).

Lines 1040-0144
 The smaller the value of "N", the more linear the more
   similar this algorithm is to the traditional BSD port selection
   algorithm (described in Section 2.2.  The larger the value of "N",
   the more similar this algorithm is to the algorithm described in
   Section 3.3.1 of this document.

-- Need to rephrase

Nits/editorial comments:

Line 512:
   There are a number of factors to consider when designing an algorithm
->    There are number of factors to consider when designing an algorithm

Line 622
   DCCP is not affected is not affected by the exploitation of
->    DCCP is not affected by the exploitation of

Line 799
   will not have different sequences of port numbers; i.e., wil not be
->    will not have different sequences of port numbers; i.e., will not be

Line 869
   availability an the granularity requested.  With SCTP both hostnames
->    availability and the granularity requested.  With SCTP both hostnames