Early Review of draft-richardson-roll-applicability-template-01
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
Boilerplate aside, I hope that this document is not being processed
by the IESG because I don't think it's suitable for publishing even as
an Informational RFC (it's intended status). It seems to have the right
sections to properly articulate the ROLL Applicability Statement but
there is no content there so it is not suitable for any purpose as a
stand-alone document and it's not really possible to review it. This
seems more like an internal placeholder document for the ROLL WG
to work on as a precursor to producing a real applicability statement
and not the kind of document that the IETF normally produces, and
that the Security Area Directorate normally reviews.
Some suggestions for improving this template so some other
draft that would be suitable for advancement could be written:
- Instead of "Hello", I think the content of "1. Introduction"
should be a description of what the applicability statement
will be and what it's for, that way this text can just be copied
into the real applicability statement. It seems like a template
should provide this information.
- Make a 1.2 for terminology and put "RPL" and "trickle" there
along with some other ROLL-related terms.
- there are probably different security considerations for P2P
and P2MP communication, probably split those out in
section 6 so the applicability statement addresses them.
- 4.2.1 should be "Services Provided at Layer 2" or something
general like that. If you need an expert that might be better
noted as a parenthetical comment for 4.2.