Last Call Review of draft-ietf-bess-mvpn-mib-10
review-ietf-bess-mvpn-mib-10-secdir-lc-smyslov-2018-08-28-00

Request Review of draft-ietf-bess-mvpn-mib
Requested rev. no specific revision (document currently at 12)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-09-03
Requested 2018-08-20
Draft last updated 2018-08-28
Completed reviews Opsdir Last Call review of -10 by Joel Jaeggli (diff)
Secdir Last Call review of -10 by Valery Smyslov (diff)
Genart Last Call review of -10 by David Schinazi (diff)
Assignment Reviewer Valery Smyslov
State Completed
Review review-ietf-bess-mvpn-mib-10-secdir-lc-smyslov-2018-08-28
Reviewed rev. 10 (document currently at 12)
Review result Has Issues
Review completed: 2018-08-28

Review
review-ietf-bess-mvpn-mib-10-secdir-lc-smyslov-2018-08-28

Reviewer: Valery Smyslov	
Review result: Almost Ready

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

The document provides a MIB module for Level 3 Multicast VPNs.
The MIB Module passed a thorough MIB doctor review.

The Security Considerations text follows the "Security Guidelines for IETF 
MIB Modules" (https://trac.ietf.org/trac/ops/wiki/mib-security).
In particular, all the objects with read-write access from this MIB module 
are listed and the possible impact of manipulating their values is described.
In addition, readable address-related objects from this MIB module 
that may reveal the locations of the peers are listed too.
My only concern with the Security Considerations is that the latter list lacks 
mvpnMrouteRtAddr object, which in my opinion should be there, 
since it's also readable and contains address-related information.
I think that once this issue is resolved the document will be ready for publication.