Skip to main content

Early Review of draft-ietf-idr-entropy-label-13
review-ietf-idr-entropy-label-13-secdir-early-hardaker-2023-12-23-00

Request Review of draft-ietf-idr-entropy-label
Requested revision No specific revision (document currently at 14)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2023-11-10
Requested 2023-10-26
Requested by Susan Hares
Authors Bruno Decraene , John Scudder , Wim Henderickx , Kireeti Kompella , SATYA R MOHANTY , Jim Uttaro , Bin Wen
I-D last updated 2023-12-23
Completed reviews Rtgdir Early review of -06 by Gyan Mishra (diff)
Secdir Early review of -06 by Wes Hardaker (diff)
Secdir Early review of -13 by Wes Hardaker (diff)
Rtgdir Early review of -13 by Mach Chen (diff)
Opsdir Early review of -05 by Joel Jaeggli (diff)
Comments
The draft has finished WG LC (except for collecting 2 outstanding IPR statements).  

This early review precedes sending it to the Area Director for review.
Assignment Reviewer Wes Hardaker
State Completed
Request Early review on draft-ietf-idr-entropy-label by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/ikW90t6VjrslV6jeSML31xl7F80
Reviewed revision 13 (document currently at 14)
Result Ready
Completed 2023-12-20
review-ietf-idr-entropy-label-13-secdir-early-hardaker-2023-12-23-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

The summary of the review is: ready

Sorry for the delay in getting this out, I reviewed the full draft
(rather than the diff) since much had changed.  And then I let it sit
there buried on my desk and failed to write it up quickly.

I think the changes since last time (-06) have shown excellent overall
progress and I commend the authors and the WG for the significantly
improved readability.  I have only a few minor comments this time:

1. Why is the acronym NHC when the attribute description is "Next Hop
*D*ependent Capabilities"?

2. It might be helpful to specify this really is intended only for the
public internet, and not for iBGP or similar.  Otherwise you get into
the fact that the NHC is functionally encoding an IP address as an
identifier to check later, but things like internal private address
spaces and similar overlapping addresses can cause problems with this
approach (I think).

3. "despite its similar naming" -- it's less similar now than it used to
be after the recent (wise) renaming...  I'd be tempted to drop this part
of the wording.

4. section 2.3 "...of the NHC *and illustrated in Figrue 1* to the next..."
I'd personally drop the "and illustrated" section, as it sounds too much
like the figure is authoritative and duplicate of the text.  Another
option would be to remove the word "and" and put the "(illustrated in
Figure 1)" in ()s.

5. The first sentence of the last paragraph in 2.3 is very hard to read
as it's very long and complex.  I'd split it into multiple smaller
sentences to ease the reader's job a bit.

6. section 6.1: "unless there is an *identified* need to do so" -- I
think identified here is slightly odd.  I'd actually drop "an
identified" and leave it just with "need".

As you can see, mostly nits.  Nicely done.

-- 
Wes Hardaker
USC/ISI