Dear authors: Hi!
I have a couple of comments about this document (below). I am going to start the IETF Last Call, and schedule it in the next IESG Telechat, with the expectation that my comments will be addressed before then. Thanks! Alvaro. C1. The reference to rfc7607 should be Informative. C2. [Major] Security Considerations. I think that there is one consideration that should be mentioned in this section: Given that the largest value is preferred (2 = invalid), there is an attack vector where a router in the path (yes, even an internal router) can inject a community indicating that the route is invalid; the communities are not protected. This action could result in inconsistent routing or in even a DoS. I know the document is not explicit about what to do with the validation state (which is ok), but the clear intention (from rfc6811 and rfc7115) is that it will be used to make routing decisions. Please add some text about this potential issue.
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
