[secdir] Secdir last call review of draft-ietf-ospf-xaf-te-07

Kathleen Moriarty via Datatracker <noreply@ietf.org> Wed, 21 August 2019 11:42 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 26FB912091F; Wed, 21 Aug 2019 04:42:04 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Kathleen Moriarty via Datatracker <noreply@ietf.org>
To: <secdir@ietf.org>
Cc: lsr@ietf.org, ietf@ietf.org, draft-ietf-ospf-xaf-te.all@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.100.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Message-ID: <156638772406.25805.16453148781314116651@ietfa.amsl.com>
Date: Wed, 21 Aug 2019 04:42:04 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/QRs7rf-1AtLy4v6odUoZrdXKIvs>
Subject: [secdir] Secdir last call review of draft-ietf-ospf-xaf-te-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2019 11:42:04 -0000

Reviewer: Kathleen Moriarty
Review result: Has Nits

I apologize for the very late review.  I see you are already working on Roman's
discuss, so perhaps this nit could be addressed still.

In the security considerations section, the following text is included:

   As such, no new
   security threats are introduced beyond the considerations in OSPFv2
   [RFC2328], OSPFv3 [RFC5340], and [RFC5786].

However, new considerations follow and as such, the above statement isn't
entirely accurate.  I do agree that no security is provided in these protocols,
and that is not new, but new information is exposed.  Perhaps saying additional
considerations follow would be better than saying "no new security threats are
introduced".

Thank you,
Kathleen