Last Call Review of draft-ietf-bier-architecture-07
review-ietf-bier-architecture-07-rtgdir-lc-hares-2017-07-03-00
| Request | Review of | draft-ietf-bier-architecture |
|---|---|---|
| Requested rev. | no specific revision (document currently at 08) | |
| Type | Last Call Review | |
| Team | Routing Area Directorate (rtgdir) | |
| Deadline | 2017-06-30 | |
| Requested | 2017-06-15 | |
| Requested by | Alia Atlas | |
| Authors | IJsbrand Wijnands, Eric Rosen, Andrew Dolganow, Tony Przygienda, Sam Aldrin | |
| Draft last updated | 2017-07-03 | |
| Completed reviews |
Rtgdir Last Call review of -07 by Susan Hares
(diff)
Opsdir Last Call review of -07 by Victor Kuarsingh (diff) Genart Last Call review of -07 by Dan Romascanu (diff) Genart Last Call review of -08 by Dan Romascanu |
|
| Assignment | Reviewer | Susan Hares |
| State | Completed | |
| Review | review-ietf-bier-architecture-07-rtgdir-lc-hares-2017-07-03 | |
| Reviewed rev. | 07 (document currently at 08) | |
| Review result | Has Nits | |
| Review completed: | 2017-07-03 |
Review
review-ietf-bier-architecture-07-rtgdir-lc-hares-2017-07-03
RTG-DIR Review: Status: Almost -ready - needs a few minor concerns fixed in the security considerations section. General Comment: The mix of authors has created a easily readable document. Thank you! Minor comments on Security: Like Victor Kuarsingh victor@jvknet.com who did the OPS-DIR Review, I found the security section to ignore the DDoS attack if setting "all-bits". Victor stated: " It is probably worth pointing out as well that when the initial BIER encapsulation is imposed, certain errors, such as setting all the bits in the BitString, can result in DoS attacks (intended or unintended)." Perhaps it would be worth beefing up paragraph 3 or 4 in section 8, to consider security section to consider more than section 5 (advertising BFR-ids and BRF-prefixes". Are there any ways that attacks through the provisioning efforts may lead to DDoS attacks? I would recommend that a security person with routing experience look at this architecture. I do not have experience with security attacks of this nature other than in a theoretical aspect. Editorial nit: Page 28, last paragraph starting with "if one of the encapsulations of [MPLS_BIER_ENCAPS] is used. There is a jump in logic between the second sentence and the third. Please re-read the text and smooth a bit. Since this author set shows superb writing skills, I will only suggest that you review this text. Any solution to the editorial nit is fine with me. Sue hares