I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq> Please resolve these comments along with any other Last Call comments you may receive. (My apologies for submitting these a day late.) Document: draft-ietf-roll-security-threats-00 Reviewer: Peter Yee Review Date: Jan-22-2012 IETF LC End Date: Jan-21-2012 IESG Telechat date: Unknown Summary: This draft is basically ready for publication, but has nits that should be fixed before publication. [Ready with nits.] This document analyzes security threats for routing in a low-power and lossy networks. It discusses countermeasures and operational considerations for dealing with the threats in the design of ROLL protocols. Major issues: Minor issues: Nits/editorial comments: General: replace "low power" with "low-power" throughout the document to match usage in other ROLL RFCs General: replace "a LLN" with "an LLN" throughout the document. General: there are quite a few really long, dense sentences in this document. They make parsing and comprehension more difficult. I realize that's not something terribly concrete on which you can act. Section 1, 1st paragraph, 2nd sentence: insert "a" before "user access interface" or consider making "interface" plural. Section 2, definition of Node: place a comma after "power". Section 3, 1st paragraph, 2nd sentence: since you're going to use CIA later in the document, perhaps you would like to include integrity in this sentence. Section 3.1, 1st paragraph, 3rd sentence: an adjective such as "improper" or "unauthorized" before "access" would be helpful. Section 3.3, 5th paragraph, last sentence: make "damages" singular. Section 4.1.1, second sentence: add a period after "etc". Section 4.3.2, Figure 2: I'm not sure why "Falsify as Good Link to Node_5" appears twice. Perhaps delete one? Section 4.3.4, 1st paragraph, 1st sentence: add a serial comma after "memory". Section 5.1.4, 3rd paragraph, last sentence: add a serial comma after "integrity". Section 5.1.4, 6th paragraph, 1st sentence: consider mentioning FIPS 140-2 not just for device hardening but for other tamper-resistance mechanisms and for correctness of cryptographic operations (including random number generation). Section 5.2.3, 2nd paragraph, 2nd sentence: consider changing "explicit and implicit" to "explicitly and implicitly". If not, rewrite the sentence so it parses. Section 5.2.3, 3rd paragraph, 2nd sentence: replace "shared key or public key based" with "a shared key- or public key-based". Section 5.2.4, 2nd sentence: add an "s" after "need" Section 5.2.5, 5th paragraph: You might also wish to consider an intrusion detection system (within the node and/or in conjunction with other nodes) as an alternative to external audit entity. The literature for MANETs has much to offer in this regard. The seminal paper is: Zhang, Y. & Lee, W. (2000). Intrusion detection in wireless ad-hoc networks. Proceedings of the 6th International Conference on Mobile Computing and Networking (MobiCom 2000), 275-283. doi:10.1145/345910.345958 Also consider: Liu, Y., Comaniciu, C., & Man, H. (2006). A Bayesian game approach for intrusion detection in wireless ad hoc networks. Proceedings of the 2006 Workshop on Game Theory for Communications and Networks (GAMENET06). doi:0.1145/1190195.1190198 Li, W., Parker, J., & Joshi, A. (2012). Security through collaboration and trust in MANETs. Mobile Networks & Applications, 17(3), 342-352. doi:10.1007/s11036-010-0243-9 Section 5.3, 1st sentence: Drop "a" before "proper". Section 5.3.2, 1st paragraph, 1st sentence: replace "battery or energy scavenging" with "batteries or energy scavenging". Section 5.3.2, 1st paragraph, 2nd sentence: replace "battery" with "energy-constrained". Section 5.3.3, 2nd bullet item: add "ing" to "select". Section 5.3.3, last paragraph, 2nd sentence: add "a" before "method". Section 5.3.3, last paragraph, 2nd sentence: it's also suboptimal from a network utilization perspective. Section 6, 2nd paragraph, 3rd sentence: delete "that" before "do not of". Section 6, last paragraph, last sentence: add a serial comma after "integrity". Section 6.1., 1st paragraph after bullet items: change "accordance of" to "accordance with". Section 6.2, 4th bullet item: add a comma after "increments". Section 6.2, 1st paragraph after bullet items, 2nd sentence: add "be" before "used". Section 6.2, 1st paragraph after bullet items, last sentence: insert "counting" between "as" and "against". Section 6.4, 5th paragraph, 3rd sentence: add "ly" after "separate". Section 6.4, 5th paragraph, 3rd sentence: remove the space in "IETF- standard". Section 6.4, 5th paragraph, 4th sentence: change "IKE" to "IKEv2". Section 6.4, 5th paragraph, 4th sentence: consider changing "private" to "secret" to avoid confusion between symmetric and asymmetric cryptograph concepts. Section 6.5.1, 3rd paragraph, 1st sentence: add "ly" after "independent". Section 6.5.1, 8th paragraph, 2nd sentence: add a comma after "LLNs" for ease of parsing. Section 6.5.1, 9th paragraph, 1st sentence: change "extends" to "extend". Section 6.5.2, 1st paragraph, 2nd sentence: delete ", as listed in the last subsection," since it isn't listed there.