I have been selected as the Routing Directorate reviewer for this draft. For background, see the RtgDir wiki.

Summary: This draft updates BCP guidance for secure, reliable BGP operations—replacing RFC 7454—by outlining goals and practices for session protection, route filtering, and attribute handling in the Internet’s Default-Free Zone.

Major:
- Section 4.1: the second bullet is not great for a standards doc: 
      "All ASes left of the originating AS in the AS_PATH MUST be authorized to advertise the NLRI to the AS directly to their left,.."

Suggest the following: 
 "Let AS_PATH = {AS1, AS2, …, ASn}, where AS1 is the neighbor that sent the UPDATE and ASn is the origin. For each k in 1..n−1, AS(k+1) MUST/SHOULD be authorized to export the NLRI to ASk according to their bilateral routing policy (e.g., provider–customer, peer, or lateral-peer)."


Minor: 
- Section 3.1 lists desired properties (prevent off-path injection, interruption, etc.) but gives no references (e.g., GTSM/TTL-security, TCP-AO, BGP-MD5, CoPP/CP-policing, max-prefix). It would be helpful to readers to have the informative references or a short “Examples include …” 

NITS: 
Section 2 Scope: 
- suggest expand DFZ: “...routers in the Default-Free Zone (DFZ)"

Section 3.2: 
- “External activity towards the management interface do not interfere …” -> “does not interfere …”.

Ack: Acknowledgements list has Martin Pels twice;

Warm Regards, 
Linda Dunbar