Last Call Review of draft-ietf-pwe3-p2mp-pw-requirements-07
review-ietf-pwe3-p2mp-pw-requirements-07-secdir-lc-gondrom-2014-05-30-00

I have reviewed this document as part of the
      security directorate's ongoing effort to review all IETF documents
      being processed by the IESG.  These comments were written
      primarily for the benefit of the security area directors. 
      Document editors and WG chairs should treat these comments just
      like any other last call comments.





      The draft is informational and about requirements and a framework
      for Point-to-Multipoint Pseudowire (PW) over MPLS Packet Switched
      Networks.







Th

e
          document appears ready for publication. 





          A couple of comments: 


          1. Even though this document is only about requirements, it
          uses in a couple of places 2119 language. 


          In principle that could even been seen as improving
          "readability", however, I am not sure whether that is
          appropriate usage for a requirement document, as 2119 is
          intended to signal conformance with a specification (which
          this ID is not). 







2. The security consideration
            section is basically empty, only referring to RFC3916 and
            P2P PW. Considering that this is only a requirements
            document, this can be sufficient. 


            (Note: it could have been nice to think about whether or how
            a move from P2P to P2MP PW might change or require
            additional security requirements for the specification.
            However, as this is only the requirements document and not
            the specification, this question can also be answered in the
            following spec.) 





            3. Nits: 


            section 5 security considerations: 


            should have a reference for "initial P2P PW definition"







 Thank you and best regards. 





        Tobias