Hi. Kathleen,
On 8/21/19, 7:42 AM, "Kathleen Moriarty via Datatracker" <noreply@xxxxxxxx> wrote:
Reviewer: Kathleen Moriarty
Review result: Has Nits
I apologize for the very late review. I see you are already working on Roman's
discuss, so perhaps this nit could be addressed still.
In the security considerations section, the following text is included:
As such, no new
security threats are introduced beyond the considerations in OSPFv2
[RFC2328], OSPFv3 [RFC5340], and [RFC5786].
However, new considerations follow and as such, the above statement isn't
entirely accurate. I do agree that no security is provided in these protocols,
and that is not new, but new information is exposed. Perhaps saying additional
considerations follow would be better than saying "no new security threats are
introduced".
As document shepherd and LSR WG Co-Chair, I disagree. There is no new information exposed. This draft simply enables the TE endpoints from both IPv4 and IPv6 to be advertised in either OSPFv2 or OSPFv3 rather than relegating advertisement of IPv4 TE information to OSPFv2 and IPv6 TE information to OSPFv3. If anything, it improves security by reducing the surface area for attacks to a single protocol rather than both protocols.
Thanks,
Acee
Thank you,
Kathleen
