Last Call Review of draft-freytag-lager-variant-rules-03
review-freytag-lager-variant-rules-03-secdir-lc-lonvick-2017-02-02-00

Team Security Area Directorate (secdir)
Title Last Call Review of draft-freytag-lager-variant-rules-03
Request Last Call - requested 2017-01-17
Reviewer Chris Lonvick
Review result Has Issues
Posted at https://mailarchive.ietf.org/arch/msg/secdir/qdRbIp7p0AQ83uHRWJg1eUVpn5A
Last updated 2017-02-02

Review
review-freytag-lager-variant-rules-03-secdir-lc-lonvick-2017-02-02

Hi,

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the IESG. 
These comments were written primarily for the benefit of the security 
area directors. Document editors and WG chairs should treat these 
comments just like any other last call comments.

I consider this draft to be ready with issues.

The document is well written and thorough but has no content in the 
Security Considerations section. The guidance provided in this 
INFORMATIONAL document appears to be sound but it should still provide a 
statement of how this work attempts to address the security concerns of 
RFC 7948. For perspective, the title of section 12.1 of the Security 
Considerations section is "LGRs Are Only a Partial Remedy for Problem 
Space".

My recommendation is that a Security Considerations section for this 
document incorporate the Security Considerations section of RFC 7948, 
along with statements of how the document addresses the obtainable 
remediations, and what implementers should continue to be concerned about.

Thanks,
Chris