On 05/01/15 21:33, Randy Bush wrote: >>>>> and the new lsas could not be used in path shortening attacks, >>>>> right? >>>> >>>> this document only defines the format of the LSA’s it does not talk >>>> about processing by the routing engines. >>> >>> so the secdir sees no need to warn about it. got it. </sarcasm> >> >> If secdir is going to warn about it through this process, then surely >> the right place to do that is in the comments on the document that >> does talk about processing by the routing engines? > > a naïve person might think that all documents in a series that have > security implications would be flagged in the security considerations > section. > > but i have had my say. let's get back to work. Yeah, I don't think arguing about it between secdir reviewers will help us so much:-) I noted that this had been raised in my ballot ([1] at the end) and asked if text is needed. Randy - if you have suggested text that could go in there that'd be good. I'm not clear enough about the relationship between that attack and this draft to know what'd be good to be honest. Cheers, S. [1] https://datatracker.ietf.org/doc/draft-ietf-ospf-te-metric-extensions/ballot/#stephen-farrell > > randy > > >