Skip to main content

Last Call Review of draft-ietf-grow-filtering-threats-06
review-ietf-grow-filtering-threats-06-secdir-lc-yu-2015-07-08-00

Request Review of draft-ietf-grow-filtering-threats
Requested revision No specific revision (document currently at 08)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2015-07-02
Requested 2015-06-25
Authors Camilo Cardona , Pierre Francois , Paolo Lucente
I-D last updated 2015-07-08
Completed reviews Genart Last Call review of -06 by Robert Sparks (diff)
Genart Telechat review of -07 by Robert Sparks (diff)
Secdir Last Call review of -06 by Taylor Yu (diff)
Opsdir Last Call review of -06 by Carlos Pignataro (diff)
Assignment Reviewer Taylor Yu
State Completed
Request Last Call review on draft-ietf-grow-filtering-threats by Security Area Directorate Assigned
Reviewed revision 06 (document currently at 08)
Result Has nits
Completed 2015-07-08
review-ietf-grow-filtering-threats-06-secdir-lc-yu-2015-07-08-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors.  Document editors and WG chairs should treat these
comments just like any other last call comments.

Summary: Ready with nits

Consider adding text to the Introduction mentioning malicious activity
as a possible cause of these unexpected traffic flows, rather than
leaving it toward the end of the document in the Security
Considerations.

The Security Considerations (Section 6) text describes possible
malicious activity by an AS to deliberately cause unexpected traffic
flow through another AS.  Although the first paragraph of the Security
Considerations says "The objective of this document is to inform on this
potential routing security issue", there appears to be no prior mention
in this document of possibility of maliciously induced unexpected
traffic flow.  The current Introduction characterizes the unexpected
traffic flows primarily as side effects of filtering or other
configuration, but appears not to include the possibility of a malicious
cause.

Editorial:

In the second paragraph of Section 1: "While BGP" should be "Although
BGP", to avoid implying dependency or temporal coincidence.

In the first two paragraphs of Section 3.1, "his" should be "its".
Please avoid the unnecessary use of gendered pronouns.

In the first paragraph of Section 3.2, delete "data" from "as much data
information as possible".

For the title of Section 4, consider dropping one instance of the word
"traffic".

In the last paragraph of Section 4.1, in the sentence "...neighboring
AS... opposes the peering agreement", consider replacing "opposes" with
"contravenes", "infringes", or another synonym.