Last Call Review of draft-ietf-roll-p2p-measurement-07
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
This document specifies a mechanism that enables an RPL router [RFC6550]
to measure the aggregated values of given routing metrics along an
existing route towards another RPL router, thereby allowing the
router to decide if it wants to initiate the discovery of a better
The Security Considerations section talks about compromised routers
causing CPU overload in the routers in the network, draining their
batteries and causing traffic congestion in the network. It also talks
about using this extension to discover topological features of the LLN
(such as the identity of the key routers in the topology) or the
remaining energy levels [RFC6551] in the routers in order to attack LLN.
It points to use of Secure Measurement Object as a way to provide
authorization for performing such discovery operation. This looks
adequate to me.