Last Call Review of draft-ietf-idr-bgp-ls-segment-routing-msd-16
review-ietf-idr-bgp-ls-segment-routing-msd-16-secdir-lc-perlman-2020-04-15-00

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.


Summary: I have found no issues with the document.



This I-D defines two new code points for encoding information in BGP-LS
messages. The code points are for maximum segment depth of nodes and links.
BGP-LS can deliver this information to a centralized controller that needs
it to compute a segment routing path. Without this information, the
centralized controller may compute routes that won't work.



As noted in Security Considerations, supplying incorrect information using
this protocol could cause a centralized controller to compute non-optimal
or non-working routes, but so could errors in many other fields of this
information. These new fields don't introduce any new security challenges
beyond those already present in BGP-LS.


Radia