Last Call Review of draft-ietf-roll-p2p-measurement-07

Request Review of draft-ietf-roll-p2p-measurement
Requested rev. no specific revision (document currently at 10)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2013-02-05
Requested 2013-01-10
Authors Mukul Goyal, Emmanuel Baccelli, Anders Brandt, Jerry Martocci
Draft last updated 2013-02-07
Completed reviews Secdir Last Call review of -07 by Alexey Melnikov (diff)
Assignment Reviewer Alexey Melnikov 
State Completed
Review review-ietf-roll-p2p-measurement-07-secdir-lc-melnikov-2013-02-07
Reviewed rev. 07 (document currently at 10)
Review result Ready
Review completed: 2013-02-07


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document specifies a mechanism that enables an RPL router [RFC6550] 

to measure the aggregated values of given routing metrics along an 

existing route towards another RPL router, thereby allowing the

router to decide if it wants to initiate the discovery of a better

The Security Considerations section talks about compromised routers 

causing CPU overload in the routers in the network, draining their

batteries and causing traffic congestion in the network. It also talks 

about using this extension to discover topological features of the LLN 

(such as the identity of the key routers in the topology) or the 

remaining energy levels [RFC6551] in the routers in order to attack LLN. 

It points to use of Secure Measurement Object as a way to provide 

authorization for performing such discovery operation. This looks 

adequate to me.