Last Call Review of draft-ietf-mpls-smp-requirements-06
review-ietf-mpls-smp-requirements-06-secdir-lc-inacio-2014-06-26-00

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Firstly, this document is a requirements document, and therefore doesn’t
necessarily have a large need for security considerations, the resulting
protocols can bear the burden.  Although I wouldn’t complain if the authors had
put more into the security considerations in the requirements – like
acknowledging the exhaustion of resources related to preemption, especially by
a malicious actor.  Or a malicious actor attempting to cause a alternate path
to force traffic by a sensor/device.

The security considerations section references the security considerations to 2
other RFCs, which in turn references multiple other RFCs which reference
multiple standards.  My depth limit of reviewing the security considerations
sections stopped at 1-level of reference.  It is assumed that the related RFCs
have also gone through security review previous and that review is sufficient
in this case.

Editorial NITS:

Section 4.1, last paragraph:

the commitment of the shared
   resources are be coordinated between the different working paths in
   the SMP network.

should be:

shared resources are to be coordinated

Section 5.5:

Referring the “former" and “later”, each with a complex combination of events
and times is a bit difficult to read, even though the sentences are completely
correctly structured.  It might be worth being a little more verbose to
simplify the reading. I say this as a native english speaker.  I wouldn’t want
to read that if English was my second language.

regards,
--
Chris Inacio
inacio at cert.org