Last Call Review of draft-ietf-rtgwg-ipfrr-notvia-addresses-10

Request Review of draft-ietf-rtgwg-ipfrr-notvia-addresses
Requested rev. no specific revision (document currently at 11)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2013-02-05
Requested 2013-01-25
Authors Stewart Bryant, Stefano Previdi, Mike Shand
Draft last updated 2013-02-07
Completed reviews Genart Last Call review of -10 by Suresh Krishnan (diff)
Secdir Last Call review of -10 by Yaron Sheffer (diff)
Assignment Reviewer Yaron Sheffer
State Completed
Review review-ietf-rtgwg-ipfrr-notvia-addresses-10-secdir-lc-sheffer-2013-02-07
Reviewed rev. 10 (document currently at 11)
Review result Ready
Review completed: 2013-02-07


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors.  Document editors and WG chairs should treat these
comments just like any other last call comments.

This document describes a method to protect a network from router/link 

failures by encapsulating packets in an envelope that denotes what nodes 

it should *not* be routed through. This is not a protocol definition 

(despite a few stray MUSTs), it is only an informational summary of 

design issues and a framework.


The document is good to go. In fact, a SecDir review is not applicable.


The document does contain a Security Considerations section that goes 

through 3 potential security issues. But since the document in general 

is a high-level discussion, it is impossible to analyze whether all 

pertinent security issues are covered. If the not-via mechanism is ever 

specified as a protocol, the security analysis will need to be done from