IETF Last Call Review of draft-ietf-bmwg-mlrsearch-11
review-ietf-bmwg-mlrsearch-11-secdir-lc-emery-2025-07-19-00

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
last call comments.

This informational track draft specifies a new methodology that allows for
Multiple Loss Ratio searches (MLRsearch), which in turn can be used to
benchmark data plane throughput.

The security considerations section does exist and provides assertions that the
benchmark functions described in the draft are executed in a controlled and
constrained laboratory environment.  As a result, the devices being tested MUST
NOT be connected to devices that could potentially forward test traffic to
production or test management networks.  Lastly, any device tested will have
the same security implication in the test environment as they would in a
production environment.  I agree with these assertions and can't think of any
other security considerations for this type of draft.

General Comments:

None.

Editorial Comments:

The SUT and DUT definitions are repeated in 2.2 and 4.4.1.

The following has a line-jump:
The proliferation of software DUTs, with frequent software updates
   and a

   number ...

Suggest more concise terms for "wander", "way more", etc.

Not needed: ", a draft at the time of writing.".