Hi Watson, Thanks for your review and comments. please see replies below, Al > -----Original Message----- > From: Watson Ladd via Datatracker [mailto:noreply@xxxxxxxx] > Sent: Saturday, June 27, 2020 10:09 AM > To: secdir@xxxxxxxx > Cc: ippm@xxxxxxxx; draft-ietf-ippm-route.all@xxxxxxxx; last-call@xxxxxxxx > Subject: Secdir last call review of draft-ietf-ippm-route-08 > > Reviewer: Watson Ladd > Review result: Has Nits > > I have reviewed this document as part of the security directorate's > ongoing > effort to review all IETF documents being processed by the IESG. These > comments > were written primarily for the benefit of the security area directors. > Document > editors and WG chairs should treat these comments just like any other last > call > comments. > > The summary of the review is Has Nits. > > One little thing: class C has a meaning already, and I think the authors meant a > class to be referred to by C, not the ancient term for a division of IP space > that fell out of use long before my birth. Later on this becomes clear, > but in the introduction it did throw me off. [acm] The class C terminology appears first in the Terms and Definitions, unless I overlooked an instance in the intro... We were asked to define the term Routing Class on AD review, which we did. Perhaps we could add the clarification from section 4.1.2: ... (unrelated to address classes of the past) ... But somehow RFC 2330 (the IPPM Framework) and most recently RFC 8468 used designation without much difficulty. > > The conclusion paragraph also seems to describe a much less comprehensive > document then the introduction pragraph. This does seem to have been an effect > of evolution, and is pretty easily fixed and mostly cosmetic. [acm] Thanks, we also see requests to remove "conclusion" sections from RFCs, and that's a possible resolution too. > > Now for the meat: what about the security considerations? Since this draft is > describing enhancements to traceroute and ways to describe the measurements > taken by such enhanced traceroutes, the security impact is minimal and the > authors reference the existing RFCs describing the security impacts of > tracroutes on networks. [acm] I'm looking for the action implied in your comment. Do we add the sentences: This draft describes enhancements to traceroute and ways to describe the measurements taken by such enhanced traceroute tools. The security impact is minimal and the authors reference the existing RFCs describing the security impacts of active and hybrid measurements on networks (of which traceroute measurements are a subset) below. Or? > > Sincerely, > Watson Ladd > -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
