I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at < http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Please resolve these comments along with any other Last Call comments you may receive. (Sorry it is rather late). Document: draft-ietf-karp-ospf-analysis-05 Reviewer: Elwyn Davies Review Date: 5 November 2012 IETF LC End Date: 2012-10-17 IESG Telechat date: (if known) - Summary: Almost ready. Just a couple of minor nits. Major issues: None Minor issues: None Nits/editorial comments: s2.2: > RFC 4552 [RFC4552] describes how the authentication header and > encapsulating security payload mechanism can be used to protect > OSPFv3 packets. I guess this piece ought to say that AH, ESP, SPI etc come out of IPsec and give a reference a bit earlier in the section - IPsec is mentioned but no reference given in the 2nd para of the section. s3, para 1: > As discussed, neither version of OSPF meets the requirements of > inter-connection or intra-connection replay protection. Neither of the discussions above mention the phrases 'inter-connection' or 'intra-connection'. For OSPFv3 this is implicit because 'no replay protection is provided'. For OSPFv2 it would be desirable to explain how the problems outlined in s2.1 relate to these terms. s3, para 4: The first two sentences contain the phrase 'a number of attacks that are possible because of a per-packet replay.' Ther sentences can be easily combined s3, para 5: > Unfortunately, OSPFv2 does > not have a procedure for dealing with sequence numbers reaching the > maximum age. Is 'age' the correct term here? 'maximum value' perhaps?