Last Call Review of draft-ietf-forces-lfb-lib-10
review-ietf-forces-lfb-lib-10-secdir-lc-atkins-2013-02-07-00

Request Review of draft-ietf-forces-lfb-lib
Requested rev. no specific revision (document currently at 12)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2013-02-11
Requested 2013-01-31
Draft last updated 2013-02-07
Completed reviews Genart Last Call review of -10 by Meral Shirazipour (diff)
Genart Telechat review of -11 by Meral Shirazipour (diff)
Secdir Last Call review of -10 by Derek Atkins (diff)
Assignment Reviewer Derek Atkins
State Completed
Review review-ietf-forces-lfb-lib-10-secdir-lc-atkins-2013-02-07
Reviewed rev. 10 (document currently at 12)
Review result Ready
Review completed: 2013-02-07

Review
review-ietf-forces-lfb-lib-10-secdir-lc-atkins-2013-02-07

Hi,

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

   This document defines basic classes of Logical Function Blocks (LFBs)
   used in the Forwarding and Control Element Separation (ForCES).  The
   basic LFB classes are defined according to ForCES FE model and ForCES
   protocol specifications, and are scoped to meet requirements of
   typical router functions and considered as the basic LFB library for
   ForCES.  The library includes the descriptions of the LFBs and the
   XML definitions.

The Security Considerations section offloads itself to RFC3746.

It is unclear to me if any of the new functions defined in the LFB
need any additional authentication or authorization, and if so I do
not see how that would be added.

-derek

-- 
       Derek Atkins                 617-623-3745
       derek at ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant