Last Call Review of draft-ietf-aqm-eval-guidelines-11
review-ietf-aqm-eval-guidelines-11-secdir-lc-kivinen-2016-04-28-00

Request Review of draft-ietf-aqm-eval-guidelines
Requested rev. no specific revision (document currently at 13)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2016-05-04
Requested 2016-04-21
Authors Nicolas Kuhn, Preethi Natarajan, Naeem Khademi, David Ros
Draft last updated 2016-04-28
Completed reviews Genart Last Call review of -11 by Ralph Droms (diff)
Genart Telechat review of -11 by Ralph Droms (diff)
Secdir Last Call review of -11 by Tero Kivinen (diff)
Opsdir Last Call review of -11 by Linda Dunbar (diff)
Assignment Reviewer Tero Kivinen 
State Completed
Review review-ietf-aqm-eval-guidelines-11-secdir-lc-kivinen-2016-04-28
Reviewed rev. 11 (document currently at 13)
Review result Has Nits
Review completed: 2016-04-28

Review
review-ietf-aqm-eval-guidelines-11-secdir-lc-kivinen-2016-04-28

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Summary: ready with nits.

This document describes various criteria for doing characterizations
of active queue management schemes. As this is not really a protocol
document there is not that much of security issues that could raise
from here. The security considerations section says

   Some security considerations for AQM are identified in [RFC7567].This
   document, by itself, presents no new privacy nor security issues.

and I agree with that.

As for nits, the document uses very heavily references in a format
where it makes document very hard to read. The references are used in
such way, that if they are removed or hidden, the whole document comes
completely unreadable. I think the references should only provide
extra information, and the document should be readable even if you
remove everything between [], but in this case the text comes like
this:

   An AQM scheme SHOULD adhere to the recommendations outlined in
   [], and SHOULD NOT provide undue advantage to flows with
   smaller packets [].

Also references style (i.e. whether it is [RFCxxxx] or [1]) should not
affect the document readability, but in this case it makes things very
hard to read when text is like:

   [1] separately describes the AQM algorithm implemented in a
   router from the scheduling of packets sent by the router.

When you are reading the document and you do not remember what [1] (or
[RFC7567]) actually is it forces you to go and check the reference
section to see what this document is.

It would be better if the text would be expanded so that the actual
text is readable even if you remove all references, i.e. the first
example would come:

   An AQM scheme SHOULD adhere to the recommendations outlined in Byte
   and Packet Congestion Notification document [RFC7141], and SHOULD
   NOT provide undue advantage to flows with smaller packets.

(I have no idea why the second reference was there at all, it might be
useful if it provided section talking about that, but as the whole
document is "IETF Recommendations Regarding Active Queue Management",
I do not think it relates only to the smaller packets.
-- 
kivinen at iki.fi