Last Call Review of draft-ietf-pce-pcep-stateful-pce-gmpls-21
review-ietf-pce-pcep-stateful-pce-gmpls-21-secdir-lc-petrov-2023-05-30-00

Reviewer: Ivaylo Petrov
Review result: Has Nits

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

For context, I don't have prior experience with PCEP. From my reading of
the document, the extensions added to enable the usage of a stateful PCE
capability in GMPLS-controlled networks did not add new attack surfaces
and all relevant security considerations were provided.

Nits:

- Sec 7.3, the first sentence reads confusing to me. Please consider
reformulating it. - Sec 11

   > The secure transport of PCEP specified in [RFC8253]
   > allows the usage of Transport Layer Security (TLS).  The same can
   > also be used by the PCEP extension defined in this document.

  this leaves the feeling that the use of TLS is optional, while I believe the
  intention here is to say that it's recommended and RFC8253 provides more
  details of how to implement that. Please reformulate this.