Last Call Review of draft-ietf-teas-te-express-path-03
review-ietf-teas-te-express-path-03-secdir-lc-huitema-2015-10-01-00

I have reviewed this document as part of the security directorate's

ongoing effort to review all IETF documents being processed by the

IESG.  These comments were written primarily for the benefit of the

security area directors.  Document editors and WG chairs should treat

these comments just like any other last call comments.



This document is ready for publication as an informational RFC.



Draft-ietf-teas-te-express-path provides considerations on the use of
performance criteria such as delay, loss and jitter when performing path
selection when using routing protocols IS-IS or OSPF. The document  warns
developers against using poor criteria and causing oscillation. It provides
guidance on the handling of paths whose measured criteria have changed.



The security section states that “This document is not currently believed to
introduce new security concerns.” Well, I currently believe that the authors
may be correct about that. The only potential attack that I can think of would
involve subtle manipulations of the criteria measurements in order to induce
path oscillations. Such attack scenario does not feel very realistic or very
serious. In any case that would not be a “new” attack due to this specific
draft, but rather an existing attack on IS-IS or OSPF.



-- Christian Huitema