Last Call Review of draft-ietf-rmcat-coupled-cc-06
review-ietf-rmcat-coupled-cc-06-secdir-lc-lonvick-2017-08-24-00
Request | Review of | draft-ietf-rmcat-coupled-cc |
---|---|---|
Requested revision | No specific revision (document currently at 09) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2017-08-28 | |
Requested | 2017-08-14 | |
Authors | Safiqul Islam , Michael Welzl , Stein Gjessing | |
I-D last updated | 2017-08-24 | |
Completed reviews |
Opsdir Last Call review of -06
by Zitao Wang
(diff)
Secdir Last Call review of -06 by Chris M. Lonvick (diff) Genart Last Call review of -06 by Matthew A. Miller (diff) |
|
Assignment | Reviewer | Chris M. Lonvick |
State | Completed | |
Request | Last Call review on draft-ietf-rmcat-coupled-cc by Security Area Directorate Assigned | |
Reviewed revision | 06 (document currently at 09) | |
Result | Has nits | |
Completed | 2017-08-24 |
review-ietf-rmcat-coupled-cc-06-secdir-lc-lonvick-2017-08-24-00
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is that the ID is ready with nits. This INFORMATIONAL draft discusses an experimental protocol. The Security Considerations section is adequate, but I would suggest including a brief statement that implementers should also be aware of the Security Considerations sections of RFC 3124 (normatively referenced), and RFCs 5348 and 7478 (both informatively referenced). Each of of these RFCs is discussed within the draft. I also agree with Section 5 of the Shepherd Writeup, and nothing need be done to the draft about that. This is a heavily transport related draft, being focussed entirely on details of congestion control. Security considerations are adequate, although they will likely need elaboration for a future standards-track revision of this work in the light of operational experience. The draft says little about operational complexity, and the risks of cheating and poor quality implementations, but this will depend on the experiences with the protocol, and cannot effectively be done without experimentation and controlled deployment experience. Regards, Chris