Last Call Review of draft-ietf-karp-ospf-analysis-05
review-ietf-karp-ospf-analysis-05-secdir-lc-emery-2012-11-18-00

I have reviewed this document as part of the security directorate's 


ongoing effort to review all IETF documents being processed by the IESG. 


These comments were written primarily for the benefit of the security 


area directors. Document editors and WG chairs should treat these 


comments just like any other last call comments.






This informational draft describes security issues associated with 


manual keying in OSPF.  The draft then provides guidance to counter 


these security threats.






The security considerations section does exist and reiterates what is 


discussed in the main document, given that this is essentially a 


security draft.  The security points discussed deal with replay, 


protecting routing data, and DoS attacks.  For the former two the draft 


suggests the use of digital signatures as described in RFC2154.  In 


regards to the latter, the draft proposes a solution utilizing RFC5082 


.  I believe the guidance given does not yield any security concerns and 


would be an improvement over the existing OSPF protocol.




General comments:

None.

Editorial comments:

s/RFC 2154 [RFC2154] provides/[RFC 2154] provides/

Shawn.
--