Early Review of draft-ietf-idr-bgpls-segment-routing-epe-17

Request Review of draft-ietf-idr-bgpls-segment-routing-epe
Requested rev. no specific revision (document currently at 19)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2018-11-09
Requested 2018-10-20
Requested by Susan Hares
Authors Stefano Previdi, Ketan Talaulikar, Clarence Filsfils, Keyur Patel, Saikat Ray, Jie Dong
Draft last updated 2018-11-09
Completed reviews Rtgdir Early review of -11 by Ravi Singh (diff)
Secdir Early review of -17 by Carl Wallace (diff)
Opsdir Early review of -17 by Sheng Jiang (diff)
Genart Last Call review of -18 by Joel Halpern (diff)
Security directorate should review the security considerations to determine if the current text is sufficient.  The shepherd believes the text is sufficient, but needs guidance from the security directorate. 

operational direcorate should review the manageability section to determine if a reference to future yang modules need to be added.  Due to technical considerations (NMDA, versioning) the BGP yang module is slow to maturity.   What type of language do you feel should be added here to encourage future yang modules for these BGP functions.  

Thank you to the reviewers.    Please note that we are late in the review cycle and heading for last call.   A quick review these key points rather than an in-depth review is requested for hte early review.   A full in-depth review will done during Last call.
Assignment Reviewer Carl Wallace
State Completed
Review review-ietf-idr-bgpls-segment-routing-epe-17-secdir-early-wallace-2018-11-09
Reviewed rev. 17 (document currently at 19)
Review result Has Nits
Review completed: 2018-11-09


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments
just like any other last call comments.

This document describes an extension to BGP Link State (BGP-LS) for
advertisement of BGP Peering Segments along with their BGP peering node
information so that efficient BGP Egress Peer Engineering (EPE) policies
and strategies can be computed based on Segment Routing. As extensions to
RFC7752, the security considerations incorporate language from that
document by reference in addition to segment routing security
considerations from the architecture document (RFC8402). This seems
appropriate. I found the document to be well written. One minor comment,
reusing the same reference diagram for Figure 5 as in
draft-ietf-spring-segment-routing-central-epe-05 Figure 1 may be
worthwhile (as would making sure all items in the diagram are described in
the test below the diagram).