Hi Brian, Thanks for the review and suggestion. It seems the last sentence adds unnecessary confusion, thus it has been removed in the latest revision (v-07). Best regards, Jie > -----Original Message----- > From: Brian Weis via Datatracker <noreply@xxxxxxxx> > Sent: Saturday, February 8, 2025 8:08 AM > To: secdir@xxxxxxxx > Cc: draft-ietf-idr-cpr.all@xxxxxxxx; idr@xxxxxxxx; last-call@xxxxxxxx > Subject: Secdir last call review of draft-ietf-idr-cpr-06 > > Reviewer: Brian Weis > Review result: Ready > > I have reviewed this document as part of the security directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written primarily for the benefit of the security area > directors. Document editors and WG chairs should treat these comments just > like any other last call comments. > > The summary of the review is Ready. > > The suggestions that I made in my Early Review have been satisfactorily > addressed, and I see no further concerns. > > There is just one nit regarding this new sentence in Security Considerations: > "While this is similar to other intent- based mechanisms, as the packets > will > also be encapsulated with necessary information to represent and fulfill > the > intent." > I think the word "as" could be removed to make it grammatically correct. > Then I think it's intending to say that the added encapsulation will aid in > hiding an attacker's ability to "identify packets associated with a particular > intent", but actually an attacker this motived to identify those packets will > also be aware of the additional encapsulations. I would suggest just removing > this sentence entirely, unless there is a different meaning than I understand. > -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
