[secdir] Secdir last call review of draft-ietf-lsr-ip-flexalgo-11

Yoav Nir via Datatracker <noreply@ietf.org> Mon, 15 May 2023 19:36 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Yoav Nir via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-lsr-ip-flexalgo.all@ietf.org, last-call@ietf.org, lsr@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <168417940610.53793.18295304184728744557@ietfa.amsl.com>
Reply-To: Yoav Nir <ynir.ietf@gmail.com>
Date: Mon, 15 May 2023 12:36:46 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/rAcWCEJzo3fyLfzWyoaGL2DwBWk>
Subject: [secdir] Secdir last call review of draft-ietf-lsr-ip-flexalgo-11

Reviewer: Yoav Nir
Review result: Has Nits

Hi.

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

I am no expert on routing in general or IGP flex algorithms in particular. That
said, I found the Abstract and Introduction jarring. The first paragraph of the
Abstract would be better as part of the introduction than the abstract.

The Security Considerations section seems mostly copy-pasted from RFC 9350 with
mild editing.  The substance may be correct - that the only new attack possible
is suppressing reachability for a prefix, but I think only the second paragraph
is necessary for that.

[secdir] Secdir last call review of draft-ietf-ls… Yoav Nir via Datatracker
Re: [secdir] Secdir last call review of draft-iet… Peter Psenak
Re: [secdir] Secdir last call review of draft-iet… Yoav Nir