Skip to main content

Last Call Review of draft-ietf-bess-nsh-bgp-control-plane-13
review-ietf-bess-nsh-bgp-control-plane-13-secdir-lc-kelly-2020-01-09-00

Request Review of draft-ietf-bess-nsh-bgp-control-plane
Requested revision No specific revision (document currently at 18)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2019-12-13
Requested 2019-11-29
Authors Adrian Farrel , John Drake , Eric C. Rosen , Jim Uttaro , Luay Jalil
I-D last updated 2020-01-09
Completed reviews Rtgdir Last Call review of -13 by Ravi Singh (diff)
Tsvart Last Call review of -13 by Olivier Bonaventure (diff)
Opsdir Last Call review of -13 by Sheng Jiang (diff)
Secdir Last Call review of -13 by Scott G. Kelly (diff)
Genart Last Call review of -12 by Brian E. Carpenter (diff)
Assignment Reviewer Scott G. Kelly
State Completed
Request Last Call review on draft-ietf-bess-nsh-bgp-control-plane by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/-WlSCAoIKHZNF3z4WLkB-lrkZKI
Reviewed revision 13 (document currently at 18)
Result Ready
Completed 2020-01-01
review-ietf-bess-nsh-bgp-control-plane-13-secdir-lc-kelly-2020-01-09-00
This review is several weeks late, I hope it is still useful.

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
last call comments.

The summary of the review is Ready.

From the abstract, this document describes the use of BGP as a control plane
for networks that support Service Function Chaining (SFC).

The document is well-written and the security considerations section points to
other RFCs where appropriate, and seems to call out all relevant additional
considerations.

I could leave it at that, but I have little routing expertise/experience, so I
can't state with confidence that nothing was missed. The instructions for
secdir reviews say that the most important item is to give the (security) ADs a
sense of how important it is that they pay attention to the document. Given the
complexity and interactions between BGP, SFC, and the control plane mechanisms
described in this document, I think it *is* important that the security ADs pay
attention to this document.

--Scott