Hi Daniel, Thanks for the review. I hear and understand the anxiety. In case it helps any, I'm trying to address at least some of those concerns in other documents (e.g. draft-jholland-mboned-cbacc). I agree it will take some thoughtful configuration and cautious controls to avoid troubles, but I think there are some networks that can blaze a useful trail here. Best, Jake On 2019-12-18, 17:50, "Daniel Franke via Datatracker" <noreply@xxxxxxxx> wrote: Reviewer: Daniel Franke Review result: Ready I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Sorry about the last minute review. This document is Ready. Its very intent gives me a little bit of anxiety: given the inherent DDoS amplification potential of any kind of UDP multicast, I tend to consider attempts to expand its usability beyond the most tightly-controlled and thoughtfully-configured environments to be ill-advised, but that is something the availability of auto-configuration protocols like this one will tend to encourage. However, this is something that clearly still has good uses and its security considerations section is thorough, which is all I can really ask. _______________________________________________ MBONED mailing list MBONED@xxxxxxxx https://www.ietf.org/mailman/listinfo/mboned -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
