This document has been reviewed as part of the transport area review team's
ongoing effort to review key IETF documents. These comments were written
primarily for the transport area directors, but are copied to the document's
authors and WG to allow them to address any issues raised and also to the IETF
discussion list for information.

When done at the time of IETF Last Call, the authors should consider this
review as part of the last-call comments they receive. Please always CC
tsv-art@ietf.org if you reply to or forward this review.

This document, on its own, does not pose any particular concern from a transport layer standpoint, though of course any network action built with it that modifies packets at layer 4 would. (Note to users of this functionality in the future: please do not do this).

Keeping in mind that I do not run an MPLS network (either in production or on an experimental basis), I remain concerned about how the proposed approach would work on actual MPLS networks; two issues in particular warrant particular attention IMO:

I'm... vaguely aware of how MPLS and ECMP work (as the latter does have impact on transports and applications whose performance is sensitive to packet reordering), and this vague awareness leads me to be concerned that load balancing entropy can be carried in MNA ancillary data, and I don't really understand how this will interact with ECMP as it is used in the Internet today. I *think* the guidance in section 11 para 5 ("When adding the Entropy Label Identifier (ELI)...") is intended to address this but I honestly can't figure out how this would play out in a mixed deployment or during the rollout of this functionality.

I will defer to the SECDIR review and Security ADs on security concerns with this approach, though I note that the Security Considerations section is filled with enough caveats that I'd be extremely wary of deploying this approach on a production network. "The IETF needs to ensure that only secure network actions are defined," in particular, is not guidance that I would know how to follow as a security AD, and seems to gravely misunderstand the role of the Internet standards process in ensuring distributed system security.