Re: [secdir] Secdir review of draft-ietf-idr-large-community-11

"Susan Hares" <> Mon, 19 December 2016 18:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 273261295C9; Mon, 19 Dec 2016 10:38:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.945
X-Spam-Status: No, score=0.945 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 0fuWEb2h89gw; Mon, 19 Dec 2016 10:38:53 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E6E631295D2; Mon, 19 Dec 2016 10:38:52 -0800 (PST)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=;
From: "Susan Hares" <>
To: "'Vincent Roca'" <>, "'IESG'" <>, <>, <>
References: <>
In-Reply-To: <>
Date: Mon, 19 Dec 2016 13:35:38 -0500
Message-ID: <010c01d25a26$b265aa70$1730ff50$>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQG8NsPEOKwAyn6/aBNvL0cyzBQw6aE738Tg
Content-Language: en-us
Archived-At: <>
Subject: Re: [secdir] Secdir review of draft-ietf-idr-large-community-11
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 19 Dec 2016 18:38:54 -0000

Thank you for the review. 

Sue Hares  
(idr co-chair)

-----Original Message-----
From: Vincent Roca [] 
Sent: Monday, December 19, 2016 1:14 PM
To: IESG;;
Cc: Vincent Roca
Subject: Secdir review of draft-ietf-idr-large-community-11


I have reviewed this document as part of the security directorate’s ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

IMHO, the document is Ready.

This document specifies an extension to BGP Communities.
The initial RFC1997 being a bit old, it does not include any security discussion section.
Therefore it is important that the present document has a detailed discussion on the topic, which is actually the case. The level of details seems appropriate.
Furthermore there is a dedicated "Error handling" section which is also fine.