Last Call Review of draft-ietf-pwe3-p2mp-pw-requirements-07
review-ietf-pwe3-p2mp-pw-requirements-07-secdir-lc-gondrom-2014-05-30-00

Request Review of draft-ietf-pwe3-p2mp-pw-requirements
Requested rev. no specific revision (document currently at 10)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2014-05-27
Requested 2014-03-20
Authors Frederic JOUNAY, Yuji Kamite, Giles Heron, Matthew Bocci
Draft last updated 2014-05-30
Completed reviews Genart Last Call review of -07 by Brian Carpenter (diff)
Genart Telechat review of -09 by Brian Carpenter (diff)
Secdir Last Call review of -07 by Tobias Gondrom (diff)
Opsdir Last Call review of -07 by Linda Dunbar (diff)
Assignment Reviewer Tobias Gondrom
State Completed
Review review-ietf-pwe3-p2mp-pw-requirements-07-secdir-lc-gondrom-2014-05-30
Reviewed rev. 07 (document currently at 10)
Review result Has Nits
Review completed: 2014-05-30

Review
review-ietf-pwe3-p2mp-pw-requirements-07-secdir-lc-gondrom-2014-05-30



I have reviewed this document as part of the
      security directorate's ongoing effort to review all IETF documents
      being processed by the IESG.  These comments were written
      primarily for the benefit of the security area directors. 
      Document editors and WG chairs should treat these comments just
      like any other last call comments.





      The draft is informational and about requirements and a framework
      for Point-to-Multipoint Pseudowire (PW) over MPLS Packet Switched
      Networks.







Th

e
          document appears ready for publication. 





          A couple of comments: 


          1. Even though this document is only about requirements, it
          uses in a couple of places 2119 language. 


          In principle that could even been seen as improving
          "readability", however, I am not sure whether that is
          appropriate usage for a requirement document, as 2119 is
          intended to signal conformance with a specification (which
          this ID is not). 







2. The security consideration
            section is basically empty, only referring to RFC3916 and
            P2P PW. Considering that this is only a requirements
            document, this can be sufficient. 


            (Note: it could have been nice to think about whether or how
            a move from P2P to P2MP PW might change or require
            additional security requirements for the specification.
            However, as this is only the requirements document and not
            the specification, this question can also be answered in the
            following spec.) 





            3. Nits: 


            section 5 security considerations: 


            should have a reference for "initial P2P PW definition"







 Thank you and best regards. 





        Tobias