Last Call Review of draft-ietf-karp-ospf-analysis-05

Request Review of draft-ietf-karp-ospf-analysis
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2012-11-13
Requested 2012-10-04
Authors Sam Hartman, Dacheng Zhang
Draft last updated 2012-11-18
Completed reviews Genart Last Call review of -05 by Elwyn Davies (diff)
Genart Telechat review of -?? by Elwyn Davies
Secdir Last Call review of -05 by Shawn Emery (diff)
Assignment Reviewer Shawn Emery 
State Completed
Review review-ietf-karp-ospf-analysis-05-secdir-lc-emery-2012-11-18
Reviewed rev. 05 (document currently at 06)
Review result Ready
Review completed: 2012-11-18


I have reviewed this document as part of the security directorate's 

ongoing effort to review all IETF documents being processed by the IESG. 

These comments were written primarily for the benefit of the security 

area directors. Document editors and WG chairs should treat these 

comments just like any other last call comments.

This informational draft describes security issues associated with 

manual keying in OSPF.  The draft then provides guidance to counter 

these security threats.

The security considerations section does exist and reiterates what is 

discussed in the main document, given that this is essentially a 

security draft.  The security points discussed deal with replay, 

protecting routing data, and DoS attacks.  For the former two the draft 

suggests the use of digital signatures as described in RFC2154.  In 

regards to the latter, the draft proposes a solution utilizing RFC5082 

.  I believe the guidance given does not yield any security concerns and 

would be an improvement over the existing OSPF protocol.

General comments:


Editorial comments:

s/RFC 2154 [RFC2154] provides/[RFC 2154] provides/