Last Call Review of draft-ietf-pce-wson-routing-wavelength-14

Request Review of draft-ietf-pce-wson-routing-wavelength
Requested rev. no specific revision (document currently at 15)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2014-10-27
Requested 2014-10-16
Authors Young Lee, Greg Bernstein, Jonas Martensson, Tomonori Takeda, Takehiro Tsuritani, Oscar de Dios
Draft last updated 2014-10-30
Completed reviews Genart Last Call review of -14 by Robert Sparks (diff)
Genart Telechat review of -14 by Robert Sparks (diff)
Genart Telechat review of -15 by Robert Sparks
Secdir Last Call review of -14 by Dan Harkins (diff)
Assignment Reviewer Dan Harkins
State Completed
Review review-ietf-pce-wson-routing-wavelength-14-secdir-lc-harkins-2014-10-30
Reviewed rev. 14 (document currently at 15)
Review result Has Nits
Review completed: 2014-10-30



  I have reviewed draft-ietf-pce-wson-routing-wavelength as part of
the security directorate's ongoing effort to review all IETF documents
being processed by the IESG.  These comments were written primarily
for the benefit of the security area directors. Document editors and
WG chairs should treat  these comments just like any other last call

  This is a requirements document for additions to the PCEP protocol
to support path computation in a wavelength-switched optical
network. It describes what needs to be added to requests/responses
to support routing and wavelength assignment to a path computation
element (that supports both functions) for a path computation client.

  The security considerations are basically a punt. There's information
that an operator may not want to disclose and "[c]onsideration should
be given to securing this information." That seems a little thin. At the
very least some explanation of how this should be done. Do only the
TLVs that represent these required additions require confidentiality?
Is KARP a potential solution to this problem? If so it might be nice to
explain that; if not, then why and what else would be required?

  It is a well-organized and well-written document. I would say it
is "ready with nits", my nits being the thinness of the Security
Consideration section.