Last Call Review of draft-ietf-p2psip-self-tuning-11

Request Review of draft-ietf-p2psip-self-tuning
Requested rev. no specific revision (document currently at 15)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2014-06-11
Requested 2014-05-30
Authors Jouni Maenpaa, Gonzalo Camarillo
Draft last updated 2014-06-05
Completed reviews Genart Last Call review of -11 by Alexey Melnikov (diff)
Genart Telechat review of -14 by Alexey Melnikov (diff)
Secdir Last Call review of -11 by Tobias Gondrom (diff)
Assignment Reviewer Tobias Gondrom
State Completed
Review review-ietf-p2psip-self-tuning-11-secdir-lc-gondrom-2014-06-05
Reviewed rev. 11 (document currently at 15)
Review result Ready
Review completed: 2014-06-05


    I have reviewed this document as part of the security directorate's
    ongoing effort to review all IETF documents being processed by the
    IESG.  These comments were written primarily for the benefit of the
    security area directors.  Document editors and WG chairs should
    treat these comments just like any other last call comments.

    The draft is standards track and describes how the default topology
    plugin of RELOAD can be extended to support self-tuning, that is, to
    adapt to changing operating conditions such as churn and network
    size. It extends the mandatory-to-implement chord-reload algorithm
    by making it self-tuning.

    The document appears ready for publication.

    With one note for the IESG: This security review did only consider
    this specification, but did not verify the scientific data and
    research that lead to this algorithm.

    The Security Consideration Section 8 seems appropriate for the
    draft. It also refers to the security considerations of RFC6940
    (RELOAD Base).  

    One personal question to the authors: 

    In section 8 and 6.5, you introduce the concept of "the statistical
    mechanisms applied in Section 6.5 (i.e., the use of 75th
    percentiles) to process the shared estimates a peer obtains help
    ensuring that estimates that are clearly different from..."

    How did you determine the value of 75th percentile? Is this based on
    research or experience or derived from some other estimates? Is this
    choice influenced by number of peers or churn in certain

Thank you and best regards.