Reviewer: Rich Salz Review result: Has Nits I was assigned a SECDIR early review of this document.
This experimental draft defines a new lightweight authentication scheme intended to prevent only one type of spoofing attack, that a network connection is "Up." I think it makes a considered trade-off of the issues around target deployment and attack prevention and it's nice to see something that realistically picks a middle road between all-or-nothing and practical considerations. Sec 1: I have never heard of the term "meticulous keying" before. Sec 3: The MUST in bfd.AuthType is then contradicted by the following sentence, so should that be SHOULD? Minor inconsistency: Sec 4 uses "person-in-the-middle" while Sec 14.1 says "man-in-the-middle" Major confusion: are you using ISAAC or ISAAC+ ?
