Reviewer: Yoav Nir Review result: Ready I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document extends the BGP Graceful Restart feature from RFC 4724 to also cover Notification messages. It does not make significant changes to the security properties of the original RFC. The one concern I had while reading the draft was in section 4.1 where when the extension is active, stale routes are not deleted, so an attacker can use repeated resets (the BGP connection is just TCP) to prevent stale route deletion. As the security considerations section says, this is mitigating by elevating the stale timer (after which stale routes are deleted) from MAY to MUST in that case. In summary, the document is well-written and deals with the security issues adequately.
