Last Call Review of draft-ietf-l2tpext-keyed-ipv6-tunnel-07
review-ietf-l2tpext-keyed-ipv6-tunnel-07-secdir-lc-waltermire-2016-11-03-00

Request Review of draft-ietf-l2tpext-keyed-ipv6-tunnel
Requested rev. no specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2016-10-28
Requested 2016-10-14
Authors Maciek Konstantynowicz, Giles Heron, Rainer Schatzmayr, Wim Henderickx
Draft last updated 2016-11-03
Completed reviews Genart Last Call review of -07 by Paul Kyzivat
Genart Last Call review of -07 by Paul Kyzivat
Secdir Last Call review of -07 by David Waltermire
Rtgdir Early review of -05 by Sasha Vainshtein (diff)
Assignment Reviewer David Waltermire 
State Completed
Review review-ietf-l2tpext-keyed-ipv6-tunnel-07-secdir-lc-waltermire-2016-11-03
Reviewed rev. 07
Review result Ready
Review completed: 2016-11-03

Review
review-ietf-l2tpext-keyed-ipv6-tunnel-07-secdir-lc-waltermire-2016-11-03

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

Summary: Ready

This standards track draft describes a mechanism for establishing an Ethernet tunnel over IPv6 using L2TPv3 encapsulation. IPv6 is ideal since unique IP addresses can be used to when establishing a L2TPv3 session. This can allow for an optimization, over current multiplexing approaches, where consulting the L2TPv3 session ID is not needed if each tunnel is assigned a unique IPv6 address. 

I found that the draft clearly articulates the problem that is solved. The security considerations seem to be appropriate for the draft. This draft appears to be ready for publication.

Regards,
Dave Waltermire