Early Review of draft-ietf-idr-bgpls-segment-routing-epe-17
|Requested rev.||no specific revision (document currently at 19)|
|Team||Security Area Directorate (secdir)|
|Requested by||Susan Hares|
|Authors||Stefano Previdi, Ketan Talaulikar, Clarence Filsfils, Keyur Patel, Saikat Ray, Jie Dong|
|Draft last updated||2018-11-09|
Rtgdir Early review of -11 by Ravi Singh
Secdir Early review of -17 by Carl Wallace (diff)
Opsdir Early review of -17 by Sheng Jiang (diff)
Genart Last Call review of -18 by Joel Halpern (diff)
Security directorate should review the security considerations to determine if the current text is sufficient. The shepherd believes the text is sufficient, but needs guidance from the security directorate. operational direcorate should review the manageability section to determine if a reference to future yang modules need to be added. Due to technical considerations (NMDA, versioning) the BGP yang module is slow to maturity. What type of language do you feel should be added here to encourage future yang modules for these BGP functions. Thank you to the reviewers. Please note that we are late in the review cycle and heading for last call. A quick review these key points rather than an in-depth review is requested for hte early review. A full in-depth review will done during Last call.
|Reviewed rev.||17 (document currently at 19)|
|Review result||Has Nits|
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes an extension to BGP Link State (BGP-LS) for advertisement of BGP Peering Segments along with their BGP peering node information so that efficient BGP Egress Peer Engineering (EPE) policies and strategies can be computed based on Segment Routing. As extensions to RFC7752, the security considerations incorporate language from that document by reference in addition to segment routing security considerations from the architecture document (RFC8402). This seems appropriate. I found the document to be well written. One minor comment, reusing the same reference diagram for Figure 5 as in draft-ietf-spring-segment-routing-central-epe-05 Figure 1 may be worthwhile (as would making sure all items in the diagram are described in the test below the diagram).