RTG-DIR Review: 

 

Status: Almost -ready - needs a few minor concerns fixed in the security
considerations section. 

 

General Comment: The mix of authors has created a easily readable document.
Thank you!   

 

Minor comments on Security: 

 

Like Victor Kuarsingh victor@jvknet.com who did the OPS-DIR Review, I found
the security section to ignore the DDoS attack if setting "all-bits".  

 

Victor stated: 

" It is probably worth pointing out as well that when the initial BIER 

 encapsulation is imposed, certain errors, such as setting all the bits 

 in the BitString, can result in DoS attacks (intended or unintended)."

 

Perhaps it would be worth beefing up paragraph 3 or 4 in section 8, to
consider 

 security section to consider more than section 5 (advertising BFR-ids and
BRF-prefixes". 

Are there any ways that attacks through the provisioning efforts may lead to
DDoS attacks?  

 

I would recommend that a security person with routing experience look at
this architecture.   I do not have experience with security attacks of this
nature other than in a theoretical aspect.  

 

 

Editorial nit: 

Page 28, last paragraph starting with "if one of the encapsulations of
[MPLS_BIER_ENCAPS] is used.  

 

There is a jump in logic between the second sentence and the third.   Please
re-read the text and smooth a bit.   Since this author set shows superb
writing skills, I will only suggest that you review this text.  Any solution
to the editorial nit is fine with me.  

 

Sue hares