Telechat Review of draft-ietf-mpls-ldp-hello-crypto-auth-08
review-ietf-mpls-ldp-hello-crypto-auth-08-opsdir-telechat-dunbar-2014-06-11-00

As OpArea Directorate, I was asked to review the
draft-mpls-ldp-hello-crypto-auth-08.

The authors have made good changes to address the comments that I give to
draft-mpls-ldp-hello-crypto-auth-05.



No further comments anymore.



Linda Dunbar









From:

 Linda Dunbar

Sent:

 Friday, May 23, 2014 10:53 AM

To:

 Operations Directorate; 'draft-mpls-ldp-hello-crypto-auth.all at
 tools.ietf.org'; ops-ads at tools.ietf.org

Subject:

 comments to draft-mpls-ldp-hello-crypto-auth-05



As OpArea Directorate, I was asked to review the
draft-mpls-ldp-hello-crypto-auth-05. Here are my comments:



I think the draft is written very clear. The algorithm described is pretty
straight forward. Just a few comments:



Page 3 states that “filtering using access lists requires LSR resource”.  But I
see the authentication process for the proposed Security TLV may consume more
LSR resource.





I suggest having a paragraph to compare the LSR resource consumed by using
access lists with the LSR resource consumed by the proposed Authentication.

Alternatively, change the wording to simply say that “Filtering using access
lists are NOT effective because it can’t prevent IP-address spoofing”.





Linda