Hi Donald, Thanks for your review.
On Thu, Aug 29, 2019 at 8:21 PM Donald Eastlake <[email protected]> wrote: > > I have reviewed this document as part of the Security Directorate's ongoing > effort to review all IETF documents being processed by the IESG. Document > editors and WG chairs should treat these comments just like any other last > call comments. > > The summary of the review is Almost Ready. > > This document specifies an extension to the stateful Path Computation Element > Communication Protocol to associate two or more Label Switched Paths for the > purpose of setting up path protection. > > This is not at all my area of expertise. The Security Considerations section > primarily refers to the Security Considerations in existing RFCs and one > draft, draft-ietf-pce-association-group (which is already in the RFC Editor > queue). I think these references are pretty thorough and provide good > security coverage and advice with one possible exception. Given that this > document specifies a new facility, it seems likely that a few narrow > sentences would be in order about the damage an adversary could cause by > specifically monkeying with that new facility. > I see that authors have posted a new revision (-10) that has this sentence - Adding a spurious protection LSP to the Path Protection Association group could give false sense of network reliability, which leads to issues when the working LSP is down and the protection LSP fails as well. https://tools.ietf.org/html/draft-ietf-pce-stateful-path-protection-10#section-7 Does this work for you? Thanks! Dhruv > Tiny nits: > In abstract and other places when referring to what this standards track > draft does: "describes" -> "specifies" or "defines" > Draft references draft-ietf-pce-association-diversity-08 when latest version > is -09 > > Thanks, > Donald > =============================== > Donald E. Eastlake 3rd +1-508-333-2270 (cell) > 1424 Pro Shop Court, Davenport, FL 33896 USA > [email protected] _______________________________________________ Pce mailing list [email protected] https://www.ietf.org/mailman/listinfo/pce
