Last Call Review of draft-ietf-dhc-pd-exclude-
review-ietf-dhc-pd-exclude-secdir-lc-nystrom-2012-02-15-00

Request Review of draft-ietf-dhc-pd-exclude
Requested rev. no specific revision (document currently at 04)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2012-02-14
Requested 2012-01-27
Other Reviews
Review State Completed
Reviewer Magnus Nystrom
Review review-ietf-dhc-pd-exclude-secdir-lc-nystrom-2012-02-15
Posted at http://www.ietf.org/mail-archive/web/secdir/current/msg03093.html
Draft last updated 2012-02-15
Review completed: 2012-02-15

Review
review-ietf-dhc-pd-exclude-secdir-lc-nystrom-2012-02-15

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

This document defines a method for DHCPv6 routers to exclude a prefix
out of a delegated set of prefixes.

I have no comments on the document itself but the Security
Considerations section is very terse. If the method in this draft does
not introduce any new security considerations beyond those already
present in RFC 3315 or RFC 3633 then it should at least say so. It
appears to me however that something could be said about
authenticating the request to exclude a particular prefix?

-- Magnus