Last Call Review of draft-ietf-sidr-rpki-rtr-rfc6810-bis-08

Request Review of draft-ietf-sidr-rpki-rtr-rfc6810-bis
Requested rev. no specific revision (document currently at 09)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2017-01-30
Requested 2017-01-16
Authors Randy Bush, Rob Austein
Draft last updated 2017-03-06
Completed reviews Opsdir Last Call review of -08 by Stefan Winter (diff)
Secdir Last Call review of -08 by Matthew Miller (diff)
Assignment Reviewer Matthew Miller 
State Completed
Review review-ietf-sidr-rpki-rtr-rfc6810-bis-08-secdir-lc-miller-2017-02-14
Reviewed rev. 08 (document currently at 09)
Review result Has Nits
Review completed: 2017-03-06


[ re-posting old review to get it onto the mailing list archives; some bugs prevented it the first time ]

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

Reviewer: Matthew A. Miller
Review Date: 2017-02-14
IETF LC End Date: 2017-01-30
IESG Telechat date: 2017-02-16


This document is ready for publication as a Proposed Standard, but has
a minor concern that should be addressed.

This document describes a protocol for distributing RPKI information
to routers from trusted caches.

Major issues:  NONE

Minor issues:

* In Section 5.1. "Fields of a PDU", for the Flags: definition, it
states that:

    The remaining bits in the flags field are reserved for future use.
    In protocol version 1, they MUST be 0 on transmission and SHOULD
    be ignored on receipt.

However, this seems backwards to me.  Would it seem safer that the
reserved flags "MUST be ignored on receipt".

Nits/editorial comments: NONE