Last Call Review of draft-ietf-bier-php-12
review-ietf-bier-php-12-secdir-lc-emery-2024-10-03-00

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors. Document
editors and WG chairs should treat these comments just like any other last call
comments.

This standards track draft specifies a protocol for removing the Bit Index
Explicit Replication (BIER) header by the 2nd to last router before forwarding
to a BIER incapable router.  The goal of the protocol is to prevent the last
router in the path from unnecessarily processing the BIER header.

The security considerations sections does exist and discloses that the protocol
does not introduce any additional security implications beyond that of "BIER
architecture and OSPF/IS-IS/BGP extensions for BIER signaling".  It would be
helpful to outline the relevant RFCs that each of these building blocks of this
draft is dependent upon on in this section.  I focused this review on RFC8279
and believe that the aforementioned assertion is correct.

General comments:

A well written document, covering intricate conditionals.

Editorial comments:

None.