I have reviewed this document as part of the
      security directorate's ongoing effort to review all IETF documents
      being processed by the IESG. These comments were written primarily
      for the benefit of the security area directors. Document editors
      and WG chairs should treat these comments ust like any other last
      call comments.





      This ID is informational and specifies requirements for
      operations, administration and maintenance (OAM) in TRILL
      (Transparent Interconnection of Lots of Links). 





      The document lists requirements from an operational perspective.
      And less from a security perspective. 


      Section "4.8. Security and Operational considerations" is very brief.
      


      And although I like the basic attitude of the first sentence there
      "Methods MUST be provided to protect against exploitation of OAM
      framework for security and denial of service attacks."


      The section is not clear about which requirements might derive
      from the "protect against exploitation of OAM ...for security...".
      The draft could benefit from deriving from this security
      consideration statement a set of clear and specific requirements
      for OAM for TRILL and/or linking them to the operational
      requirements listed in the previous sections. 





      Section 5 is just a pointer to section 4.8 and could be merged
      with section 4.8 and/or removed. 


      It is reasonable to refer to the basic security considerations for
      TRILL in RFC6325, but it would be good to add/think about
      requirement implications from security requirements for OAM. 





      Best regards, Tobias