Early Review of draft-richardson-roll-applicability-template-01
review-richardson-roll-applicability-template-01-secdir-early-harkins-2013-02-21-00

Request Review of draft-richardson-roll-applicability-template
Requested rev. no specific revision (document currently at 02)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2013-02-21
Requested 2013-02-05
Authors Michael Richardson
Draft last updated 2013-02-21
Completed reviews Secdir Early review of -01 by Dan Harkins (diff)
Assignment Reviewer Dan Harkins
State Completed
Review review-richardson-roll-applicability-template-01-secdir-early-harkins-2013-02-21
Reviewed rev. 01 (document currently at 02)
Review result Has Issues
Review completed: 2013-02-21

Review
review-richardson-roll-applicability-template-01-secdir-early-harkins-2013-02-21

  Hello,

  I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

  Boilerplate aside, I hope that this document is not being processed
by the IESG because I don't think it's suitable for publishing even as
an Informational RFC (it's intended status). It seems to have the right
sections to properly articulate the ROLL Applicability Statement but
there is no content there so it is not suitable for any purpose as a
stand-alone document and it's not really possible to review it. This
seems more like an internal placeholder document for the ROLL WG
to work on as a precursor to producing a real applicability statement
and not the kind of document that the IETF normally produces, and
that the Security Area Directorate normally reviews.

  Some suggestions for improving this template so some other
draft that would be suitable for advancement could be written:

  - Instead of "Hello", I think the content of "1. Introduction"
     should be a description of what the applicability statement
     will be and what it's for, that way this text can just be copied
     into the real applicability statement. It seems like a template
     should provide this information.
  - Make a 1.2 for terminology and put "RPL" and "trickle" there
     along with some other ROLL-related terms.
  - there are probably different security considerations for P2P
     and P2MP communication, probably split those out in
     section 6 so the applicability statement addresses them.
  - 4.2.1 should be "Services Provided at Layer 2" or something
     general like that. If you need an expert that might be better
     noted as a parenthetical comment for 4.2.

  regards,

  Dan.