I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.   This document is ready for publication as an informational RFC.   Draft-ietf-teas-te-express-path provides considerations on the use of performance criteria such as delay, loss and jitter when performing path selection when using routing protocols IS-IS or OSPF. The document  warns developers against using poor criteria and causing oscillation. It provides guidance on the handling of paths whose measured criteria have changed.   The security section states that “This document is not currently believed to introduce new security concerns.” Well, I currently believe that the authors may be correct about that. The only potential attack that I can think of would involve subtle manipulations of the criteria measurements in order to induce path oscillations. Such attack scenario does not feel very realistic or very serious. In any case that would not be a “new” attack due to this specific draft, but rather an existing attack on IS-IS or OSPF.   -- Christian Huitema