Reviewer: David Mandelberg Review result: Has Nits Looks good, I think. The security considerations section doesn't have much detail, but this doc seems to be an extension of existing practice to additional TLVs in a way that wouldn't change the security considerations at all. The only security-relevant thing I could think of is around memory bounds and allocation in implementations. When going from limited-size fields to unlimited-size data across separate TLVs, I could imagine attacks that try to cause out of memory conditions on a router, or that try to overflow a fixed-size buffer. But this doc talks about existing TLVs that already work the same way, so I'm guessing that hasn't been an issue in practice, or has been mitigated? Do any of the existing docs talk about this? Or is there a size limit somewhere else (I'm not very familiar with IS-IS) that makes this a non-issue? -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
