Last Call Review of draft-ietf-trill-irb-13
review-ietf-trill-irb-13-secdir-lc-emery-2016-06-30-00

Request Review of draft-ietf-trill-irb
Requested rev. no specific revision (document currently at 14)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2016-06-24
Requested 2016-06-17
Authors Hao Weiguo, Li Yizhou, Andrew Qu, Muhammad Durrani, Ponkarthick Sivamurugan
Draft last updated 2016-06-30
Completed reviews Genart Last Call review of -13 by Francis Dupont (diff)
Secdir Last Call review of -13 by Shawn Emery (diff)
Opsdir Last Call review of -10 by Scott Bradner (diff)
Rtgdir Early review of -09 by Russ White (diff)
Rtgdir Early review of -09 by Susan Hares (diff)
Rtgdir Early review of -09 by Hannes Gredler (diff)
Assignment Reviewer Shawn Emery 
State Completed
Review review-ietf-trill-irb-13-secdir-lc-emery-2016-06-30
Reviewed rev. 13 (document currently at 14)
Review result Has Nits
Review completed: 2016-06-30

Review
review-ietf-trill-irb-13-secdir-lc-emery-2016-06-30

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This draft specifies layer 3 (inter-subnet) gateway messaging of the
TRILL (Transparent Interconnection of Lots of Links) protocol.

The security considerations section does exist and refers to Intermediate
System to Intermediate System (IS-IS) authentication (RFC 5310) for securing
information advertised by Routing Bridges.  For generic TRILL security the
draft refers to RFC 6325.  For sensitive data, it prescribes end-to-end
security, but does not reference or provide details on how this is done in
a layer 3 deployment.

General comments:

None.

Editorial comments:

Does TRILL and FGL need to be expanded in the Abstract and Introduction section, respectively?
I think it would be helpful to describe the "Inner.VLAN" syntax used throughout the document.
s/that belong to same/that belong to the same/
s/VLANs in entire/VLANs in the entire/
s/optimal pair-wise forwarding path/optimal pair-wise forwarding paths/
s/check the Inner.MacDA/checks the Inner.MacDA/
s/tenant gateway MAC change/tenant gateway MAC changes,/
s/Zhenbin Li, Zhibo Hu./Zhenbin Li, and Zhibo Hu./

Shawn.
--