Last Call Review of draft-ietf-sidrops-rtr-keying-02
review-ietf-sidrops-rtr-keying-02-opsdir-lc-bradner-2018-12-26-00

Request Review of draft-ietf-sidrops-rtr-keying
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2018-12-18
Requested 2018-12-04
Authors Randy Bush, Sean Turner, Keyur Patel
Draft last updated 2018-12-26
Completed reviews Rtgdir Last Call review of -01 by Dhruv Dhody (diff)
Secdir Last Call review of -01 by Daniel Franke (diff)
Opsdir Last Call review of -02 by Scott Bradner (diff)
Assignment Reviewer Scott Bradner 
State Completed
Review review-ietf-sidrops-rtr-keying-02-opsdir-lc-bradner-2018-12-26
Reviewed rev. 02 (document currently at 06)
Review result Serious Issues
Review completed: 2018-12-26

Review
review-ietf-sidrops-rtr-keying-02-opsdir-lc-bradner-2018-12-26

This is an OPSDIR review of Router Keying for BGPsec (draft-ietf-sidrops-rtr-keying).

This seems like a useful document but it is hard to see why it should be standards track or why it should be using RFC 2119 type terminology.

Standards track should be reserved for technology specifications where interoperability is an issue.  I do not see interoperability issues being addressed in this document since it focuses on how to create keys rather than the features of keys that might be important for interoperability.  (as an aside, if this document were adopted on the standards track how would it ever demonstrate interoperability to progress?) This seems much more of an informational document to me and not even a BCP since the practices it describes do not meet what I consider to be BCP material (see RFC 2026 section 5)

The same issue arises with the use of RFC 2119 type terminology – RFC 2119 terminology is only to be used where interoperability is an issue – see RF 2119 section 6:

6. Guidance in the use of these Imperatives
   Imperatives of the type defined in this memo must be used with care
   and sparingly.  In particular, they MUST only be used where it is
   actually required for interoperation or to limit behavior which has
   potential for causing harm (e.g., limiting retransmisssions)  For
   example, they must not be used to try to impose a particular method
   on implementors where the method is not required for
   interoperability.

I did not discover any issues worth mentioning with the document if it is viewed as operational guidance.

Scott