Last Call Review of draft-ietf-bess-evpn-pref-df-11
review-ietf-bess-evpn-pref-df-11-secdir-lc-yee-2023-07-13-00

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors. Document
editors and WG chairs should treat these comments just like any other last call
comments.

The summary of the review is that the document is ready with nits.

The document specifies two new Designated Forwarder algorithms and the
procedures for using them in selecting a Designated Forwarder in an EVPN
network. The only concern that I have is that a malicious actor able to change
the configuration of a PE can unilaterally cause that PE to become the
Designated Forwarder in many situations. This concern is already highlighted
satisfactorily in the Security Considerations.

The two new algorithms share their preference information in the same way the
existing algorithms (in RFC 7432 and RFC 8584) do, so what security protections
there are (such as use of TCP-AO) remain the same. However, this should be
reflected in the security considerations, either by a pointer to a peer
document such as RFC 7432 or inclusion of similar or updated language akin to
that found in a peer document.

Specific items:

Page 1, Abstract, 1st paragraph, 1st sentence: spell out PE on first use with a
parenthetical (PE) after it. That abbreviation is not one of the RFC Editor’s
well-known abbreviations that doesn’t require expansion.

Page 1, Abstract, 1st paragraph, 1st sentence: change “Broadcast, Unknown
unicast and Broadcast traffic” to ““Broadcast, Unknown unicast and Multicast
traffic”. Otherwise, you’re going to have to change the abbreviation to BUB.

Page 3, section 1.1, 1st paragraph, 1st sentence: change “Broadcast, Multicast
and Unknown   unicast traffic” to “Broadcast, Unknown unicast, and Multicast
traffic”. Or you can change the abbreviation to BMU if you want, but you ought
to be consistent with the Abstract.

Page 3, section 1.1, 1st paragraph, 1st sentence: change “in case of” to “in
the case of”.

Page 4, section 2: I think you can safely delete the BUM entry having used both
the spelled out and acronym versions prior to this.

Page 5, Ethernet Tag definition, last sentence: change “MUST be different from”
to “MUST NOT be”.

Page 5, section 3, 3rd sentence: insert “the” before ‘”Don’t Preempt”’. Change
“DF Algorithms Highest-Preference or Lowest-Preference” to “the
Highest-Preference and Lowest-Preference DF Algorithms”.

Page 6, Bit 0 definition: make the same change as the previous one above.

Page 8, Figure 3: find somewhere to list the expansions of ENNI and CE. I
realize that neither is defined in this document, but the latter could be
ambiguous to some readers.

Page 9, item ‘a’, 5th sentence: change “Preferance” to “Preference”.

Page 9, item ‘b’: assuming that “Section 3” is a reference pack to section 3 of
this document, put it in parentheses or so something else to make it clear that
this is supposed to be a pointer, not the concept that there is some section 3
of the Designated Forward Election Extended Community for holding these
parameters.

Page 10, item ‘e’, 2nd sentence: change “that” to “than”. Change the second
occurrence of “PE” to “PE(s)” to indicate that multiple PEs can be returned by
this selection.

Page 10, item ‘e’, 4th sentence: insert “the” before “Originating”.

Page 10, 1st bullet item, 2nd sentence: change “Same” to “The same”.

Page 10, 2nd bullet item, 2nd sentence: change “addres” to “address”.

Page 10, 2nd bullet item, 3rd sentence: change “Same” to “The same”.

Page 11, item ‘f’, 1st indented paragraph: change “a 50%” to “by 50%”. Append a
comma after “e.g.”. Spell out LAC.

Page 11, item ‘f’, 2nd non-indented paragraph, 2nd sentence: insert “a” before
“candidate”.

Page 11, item ‘f’, 3rd non-indented paragraph, last sentence: change “provide”
to “provides”.

Page 11, item ‘f’, 4th non-indented paragraph: insert “[RFC 7432] based” to “an
[RFC7432]-based”. Change “including” to “also”.

Page 12, section 4.2, 1st paragraph, last sentence: change “achive” to
“achieve”. Change “decribed” to “described”.

Page 12, section 4.2, 2nd paragraph, last sentence: change “local” to “locally”.

Page 12, section 4.2, 2nd bullet item: change “E.g.” to “e.g.”.

Page 12, section 4.3, 2nd paragraph, 1st sentence: delete the comma in  “that,
when”.

Page 13, item 1, 3rd sentence: delete “Me” in “Don’t Preempt Me”.

Page 13, item 1, 4th sentence: add a comma after “however”.

Page 16, 1st partial paragraph, 2nd full sentence: delete “up” after “pick”.