[DMM] Secdir telechat review of draft-ietf-dmm-pmipv6-dlif-05

Vincent Roca via Datatracker <noreply@ietf.org> Thu, 27 February 2020 14:57 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Vincent Roca via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: dmm@ietf.org, last-call@ietf.org, draft-ietf-dmm-pmipv6-dlif.all@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <158281546210.2262.1845082722013562869@ietfa.amsl.com>
Reply-To: Vincent Roca <vincent.roca@inria.fr>
Date: Thu, 27 Feb 2020 06:57:42 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmm/aMG55HGyur8vcg3pSCX4nWIBMxQ>
Subject: [DMM] Secdir telechat review of draft-ietf-dmm-pmipv6-dlif-05

Reviewer: Vincent Roca
Review result: Has Nits

Hello,

I have reviewed this document as part of the security directorate’s ongoing
effort to review all IETF documents being processed by the IESG. These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

Summary: Has Nits

Thank you for the clarification of the Security Considerations section.
I just have a minor comment and a typo.

- It is said (section 6):
  "The CMD SHOULD use a pacing approach to limit
   this amplification risk."
I agree, but where do you intend to apply pacing? In the incoming queue (i.e.,
by delaying some PBU/PBA messages) or in the outgoing queue (i.e., to limit
output traffic), or both? It's a bit unclear.

- Typo: remove one "exist" in sentence: "there may exist multiple previous
(e.g., k) MAARs exist."

Regards,    Vincent

[DMM] Secdir telechat review of draft-ietf-dmm-pm… Vincent Roca via Datatracker
Re: [DMM] Secdir telechat review of draft-ietf-dm… CARLOS JESUS BERNARDOS CANO