Last Call Review of draft-ietf-ledbat-congestion-
review-ietf-ledbat-congestion-secdir-lc-moriarty-2012-05-04-00
| Request | Review of | draft-ietf-ledbat-congestion |
|---|---|---|
| Requested revision | No specific revision (document currently at 10) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2012-05-07 | |
| Requested | 2012-04-26 | |
| Authors | Stanislav Shalunov , Greg Hazel , Jana Iyengar , Mirja Kühlewind | |
| I-D last updated | 2012-05-04 | |
| Completed reviews |
Secdir Last Call review of -??
by Kathleen Moriarty
|
|
| Assignment | Reviewer | Kathleen Moriarty |
| State | Completed | |
| Request | Last Call review on draft-ietf-ledbat-congestion by Security Area Directorate Assigned | |
| Result | Ready | |
| Completed | 2012-05-04 |
review-ietf-ledbat-congestion-secdir-lc-moriarty-2012-05-04-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Security risks should be minimized since it is designed to back off to standard TCP behavior in congestion situations. It can be used in transport or in applications by design. The Security considerations section says it relies on 'authenticating' time stamps, so the security relies upon the application or protocol at the higher level to have a method to do this. The draft is written more like a whitepaper than a typical RFC, so it made it tough to follow the flow of the algorithm. NITS: Section 2, 3rd line in second paragraph: typo Change from: avoidoing To: avoiding Section 2.1: the section ends with a ',' at the end of #3 Thanks, Kathleen