Last Call Review of draft-ietf-sidr-rpki-rtr-rfc6810-bis-08
review-ietf-sidr-rpki-rtr-rfc6810-bis-08-secdir-lc-miller-2017-02-14-01

[ re-posting old review to get it onto the mailing list archives; some bugs
prevented it the first time ]

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Document:
Reviewer: Matthew A. Miller
Review Date: 2017-02-14
IETF LC End Date: 2017-01-30
IESG Telechat date: 2017-02-16

Summary:

This document is ready for publication as a Proposed Standard, but has
a minor concern that should be addressed.

This document describes a protocol for distributing RPKI information
to routers from trusted caches.

Major issues:  NONE

Minor issues:

* In Section 5.1. "Fields of a PDU", for the Flags: definition, it
states that:

    """
    The remaining bits in the flags field are reserved for future use.
    In protocol version 1, they MUST be 0 on transmission and SHOULD
    be ignored on receipt.
    """

However, this seems backwards to me.  Would it seem safer that the
reserved flags "MUST be ignored on receipt".

Nits/editorial comments: NONE