Last Call Review of draft-ietf-l3vpn-2547bis-mcast-bgp-
review-ietf-l3vpn-2547bis-mcast-bgp-secdir-lc-santesson-2009-09-18-00

Request Review of draft-ietf-l3vpn-2547bis-mcast-bgp
Requested rev. no specific revision (document currently at 08)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2009-09-08
Requested 2009-08-27
Authors Yakov Rekhter, Rahul Aggarwal, Eric Rosen, Thomas Morin
Draft last updated 2009-09-18
Completed reviews Secdir Last Call review of -?? by Stefan Santesson
Assignment Reviewer Stefan Santesson
State Completed
Review review-ietf-l3vpn-2547bis-mcast-bgp-secdir-lc-santesson-2009-09-18
Review completed: 2009-09-18

Review
review-ietf-l3vpn-2547bis-mcast-bgp-secdir-lc-santesson-2009-09-18

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

This document describes the BGP encodings and procedures for exchanging the
information elements required by Multicast in MPLS/BGP IP VPNs, as specified
in draft-ietf-l3vpn-2547bis-mcast.

I would like to draw the Security AD's attention to consider whether the
security considerations section of this draft contains adequate information.

The security considerations section of this draft list a number of security
requirements, but very few considerations. That is, the section list
requirements but says very little, if anything at all, about the security
threats that are addressed by these requirements or whether handling of
these security threats falls inside or outside the scope of this document.

It is hard to review these security requirements in absence of a discussion
of the threats they are supposed to address.

/Stefan