Last Call Review of draft-ietf-opsec-bgp-security-05
review-ietf-opsec-bgp-security-05-rtgdir-lc-huston-2014-10-10-00

Request Review of draft-ietf-opsec-bgp-security
Requested rev. no specific revision (document currently at 07)
Type Last Call Review
Team Routing Area Directorate (rtgdir)
Deadline 2014-09-22
Requested 2014-09-15
Draft last updated 2014-10-10
Completed reviews Genart Last Call review of -05 by Christer Holmberg (diff)
Genart Telechat review of -06 by Christer Holmberg (diff)
Secdir Last Call review of -05 by Alexey Melnikov (diff)
Opsdir Last Call review of -05 by Lionel Morand (diff)
Rtgdir Last Call review of -05 by Geoff Huston (diff)
Assignment Reviewer Geoff Huston
State Completed
Review review-ietf-opsec-bgp-security-05-rtgdir-lc-huston-2014-10-10
Reviewed rev. 05 (document currently at 07)
Review result Not Ready
Review completed: 2014-10-10

Review
review-ietf-opsec-bgp-security-05-rtgdir-lc-huston-2014-10-10

Hello,

I have been selected as the Routing Directorate reviewer for this draft. The Routing Directorate seeks to review all routing or routing-related drafts as they pass through IETF last call and IESG review, and sometimes on special request. The purpose of the review is to provide assistance to the Routing ADs. For more information about the Routing Directorate, please see ​

http://trac.tools.ietf.org/area/rtg/trac/wiki/RtgDir



Although these comments are primarily for the use of the Routing ADs, it would be helpful if you could consider them along with any other IETF Last Call comments that you receive, and strive to resolve them through discussion or by updating the draft.

Document: draft-name-version.txt 
Reviewer: Geoff Huston
Review Date: 9 October
IETF LC End Date: date-if-known 
Intended Status: BCP

Summary: 
	I have significant concerns about this document and recommend that the Routing ADs discuss these issues further with the authors.

Comments:
	The document asserts that this document is entirely about BGP operational security. The problem is that this is not the case. The document is unsure whether its about “operational security” or whether it's the "Miss Manners Guide to Proper BGP Etiquette and Style", and the result is a poor pastiche that fails to fulfil either objective. The detail is poorly handled and the selection of topics appears to be somewhat haphazard.
 
	The larger overall issue here is that BGP is used in many contexts and what is appropriate in some contexts is disastrous in others. The document has the highly ambitious objective of attempting to address all security topics related to BGP in all contexts, and it appears that this is just too broad a scope to be able to be addressed is a high quality manner that is focussed on security, that informs the reader of risks and consequences. 

Major Issues:
	There are many issues which this document and the best way to convey them is to use a markup style that clearly associates the comments with the original text. I trust that this pdf attachment conveys these review comments adequately.





Attachment:


draft-ietf-opsec-bgp-security-05.pdf




Description:

 Adobe PDF document