Last Call Review of draft-ietf-l3vpn-2547bis-mcast-bgp-
review-ietf-l3vpn-2547bis-mcast-bgp-secdir-lc-santesson-2009-09-18-00

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

This document describes the BGP encodings and procedures for exchanging the
information elements required by Multicast in MPLS/BGP IP VPNs, as specified
in draft-ietf-l3vpn-2547bis-mcast.

I would like to draw the Security AD's attention to consider whether the
security considerations section of this draft contains adequate information.

The security considerations section of this draft list a number of security
requirements, but very few considerations. That is, the section list
requirements but says very little, if anything at all, about the security
threats that are addressed by these requirements or whether handling of
these security threats falls inside or outside the scope of this document.

It is hard to review these security requirements in absence of a discussion
of the threats they are supposed to address.

/Stefan