Last Call Review of draft-ietf-roll-p2p-measurement-07
review-ietf-roll-p2p-measurement-07-secdir-lc-melnikov-2013-02-07-00

Request Review of draft-ietf-roll-p2p-measurement
Requested rev. no specific revision (document currently at 10)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2013-02-05
Requested 2013-01-10
Authors Mukul Goyal, Emmanuel Baccelli, Anders Brandt, Jerry Martocci
Draft last updated 2013-02-07
Completed reviews Secdir Last Call review of -07 by Alexey Melnikov (diff)
Assignment Reviewer Alexey Melnikov
State Completed
Review review-ietf-roll-p2p-measurement-07-secdir-lc-melnikov-2013-02-07
Reviewed rev. 07 (document currently at 10)
Review result Ready
Review completed: 2013-02-07

Review
review-ietf-roll-p2p-measurement-07-secdir-lc-melnikov-2013-02-07

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.



This document specifies a mechanism that enables an RPL router [RFC6550] 


to measure the aggregated values of given routing metrics along an 


existing route towards another RPL router, thereby allowing the



router to decide if it wants to initiate the discovery of a better
route.



The Security Considerations section talks about compromised routers 


causing CPU overload in the routers in the network, draining their


batteries and causing traffic congestion in the network. It also talks 


about using this extension to discover topological features of the LLN 


(such as the identity of the key routers in the topology) or the 


remaining energy levels [RFC6551] in the routers in order to attack LLN. 


It points to use of Secure Measurement Object as a way to provide 


authorization for performing such discovery operation. This looks 


adequate to me.