Early Review of draft-ietf-anima-autonomic-control-plane-13
review-ietf-anima-autonomic-control-plane-13-secdir-early-xia-2018-02-23-00

Request Review of draft-ietf-anima-autonomic-control-plane-13
Requested rev. 13 (document currently at 16)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2018-02-25
Requested 2018-02-11
Requested by Terry Manderson
Other Reviews Rtgdir Telechat review of -13 by Joel Halpern (diff)
Genart Last Call review of -13 by Elwyn Davies (diff)
Review State Completed
Reviewer Liang Xia
Review review-ietf-anima-autonomic-control-plane-13-secdir-early-xia-2018-02-23
Posted at https://mailarchive.ietf.org/arch/msg/secdir/4pcdI-DkVzdNfT8IqDGZmOQWnow
Reviewed rev. 13 (document currently at 16)
Review result Has Issues
Draft last updated 2018-02-23
Review completed: 2018-02-23

Review
review-ietf-anima-autonomic-control-plane-13-secdir-early-xia-2018-02-23

In general, this document is well-written and considers security issues carefully throughout the whole architecture.

nits:
Abstract: /or not misconfigured/or misconfigured/

the fifth paragraph of section 6.1: the last ")" is redundant, therefore can be deleted

some section titles don't comply the rule of starting from a capital letter

section 6.5
/("IP security", see [RFC4301] and "Internet Key Exchange protocol version 2", see [RFC7296]/("IP security", see [RFC4301] and "Internet Key Exchange protocol version 2", see [RFC7296])/

suggestion: 
all the Figures (e.g., Figure 1,2...) should have a title for explanation

section 2, please update the last paragraph to reference RFC8174 to indicate that lowercase versions of the keywords are not normative

Section 11 (Security Considerations) Since section 9.2 has described the self-protection properties of ACP well, it may be useful in this section to mention them as a whole.