Last Call Review of draft-ietf-sidr-bgpsec-threats-06
review-ietf-sidr-bgpsec-threats-06-secdir-lc-salowey-2013-09-26-00

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document discusses a threat model for BGP Path Security.   The  document
contains a lot of good information, but I found it hard to follow in places
Some issues:

1.   I found it difficult to link the threats in section 3 to the attacks in
section 4.   This is more of a consistency of terminology issue and is probably
just a nit. 2.   The attacks in sections 4.1, 4.2, and 4.3 seem to be largely
discounted as out of scope, yet they seem to impact the goals of PATHSEC.   Is
it assumed that there are countermeasures in place such as link protection
between RGP peers?    If other countermeasures besides PATHSEC are expected to
be in place this should probably be mentioned in the security considerations.
3.   I found the argument against not including 'route leakage' a bit weak
since the documents seems to be able to define what it means.   Wouldn't 'route
leakage' be a mechanism to realize one or more of the threats in section 3?

Thanks,

Joe