Skip to main content

Last Call Review of draft-ietf-mpls-spring-inter-domain-oam-14
review-ietf-mpls-spring-inter-domain-oam-14-secdir-lc-lonvick-2024-05-15-00

Request Review of draft-ietf-mpls-spring-inter-domain-oam
Requested revision No specific revision (document currently at 14)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2024-05-17
Requested 2024-05-03
Requested by Jim Guichard
Authors Shraddha Hegde , Kapil Arora , Mukul Srivastava , Samson Ninan , Nagendra Kumar Nainar
I-D last updated 2024-05-15
Completed reviews Secdir Last Call review of -14 by Chris M. Lonvick
Rtgdir Last Call review of -13 by Stig Venaas (diff)
Opsdir Last Call review of -14 by Qin Wu
Tsvart Last Call review of -14 by Michael Tüxen
Rtgdir Early review of -05 by Michael Richardson (diff)
Assignment Reviewer Chris M. Lonvick
State Completed
Request Last Call review on draft-ietf-mpls-spring-inter-domain-oam by Security Area Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/secdir/sAQUH8G5o8FDfieyTdC837b1vlU
Reviewed revision 14
Result Ready
Completed 2024-05-15
review-ietf-mpls-spring-inter-domain-oam-14-secdir-lc-lonvick-2024-05-15-00
Hi,

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors. Document
editors and WG chairs should treat these comments just like any other last call
comments.

The summary of the review is Ready.

The day job has me going and I wasn't able to spend as much time with this that
I would have preferred. However, I found it to be understandable and well
thought-out.

I would like the Security Considerations section to include a more direct
reference to RFC 8029 rather than just saying an implementation should have
filter policies. Perhaps add the same paragraph that is used in the Security
Considerations of RFC 8287 as a new paragraph. Also, I think that the reference
to MACsec should use a RECOMMENDED rather than a "suggested".

I did see some nits in the document. Unfortunately, I didn't record them. I can
point out the last sentence of the Security Considerations section needs some
work. It currently has, "the network devices MUST have mechanisms to prevent of
Denial-of-service attacks" Either delete the "of" or change it to "for the
prevention of".

Best regards,
Chris