Last Call Review of draft-ietf-lsr-isis-rfc7810bis-03
review-ietf-lsr-isis-rfc7810bis-03-secdir-lc-danyliw-2018-12-10-00

Document: draft-ietf-lsr-isis-rfc7810bis-03
Reviewer: Roman Danyliw
Review result: Has Nits

I reviewed this document as part of the Security Directorate's ongoing effort
to review all IETF documents being processed by the IESG.  These comments were
written primarily for the benefit of the Security Area Directors.  Document
authors, document editors, and WG chairs should treat these comments just like
any other IETF Last Call comments.

As the shepherd write-up [1]  and Appendix A of this draft indicate, the text
in this document is nearly identical to RFC7801 beyond changes made to Section
4.  Nothing new was added to this bis draft beyond addressing errata.

The minor editorial nits from this review are:

(1) This draft doesn't register anything new.   Section 2 opens with "[t]his
document registers new IS-IS TE sub-TLVs ...".  Technically, the RFC7801
already registered them.  Perhaps "This document describes IS-IS TE sub-TLVs
that can be ..."

(2) Per Section 11, consider s/man-in-the-middle/on-path-attacker/ per [2]

Not being deemed a nit that should be addressed here, but this draft does base
some of its security properties on RFC5304/HMAC-MD5.

[1]
https://datatracker.ietf.org/doc/draft-ietf-lsr-isis-rfc7810bis/shepherdwriteup/
[2] https://www.ietf.org/mail-archive/web/ietf/current/msg109350.html