I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

The document is ready with 2 nits.

The document specifies an extension to the Label Distribution Protocol (LDP,
RFC 5036) to provide bindings between Pseudo Wires (PW) and Label Switch
Paths (LSP) established over MPLS-TP (RFC6773). The goal is to ensure that
both directions of the PW are mapped to the same LSP, and thus avoid
asymmetric routing. The document specifies additional LDP extensions to
carry the required information.

The security section acknowledges one concern: that attackers could misuse
the option to force a pseudo wire through an unnatural path, either as a
denial of service attack, or to facilitate traffic interception. The
proposed mitigation to that attack is essentially "careful Implementation",
i.e. only accept binding requests where the LSP endpoints match the PW
endpoints. Should a mismatch occur, I assume that the endpoint will reject
the proposed binding, as specified in section 5, PSN Binding Operation for
MS-PW. 

And here is one nit: I would like to see the verification behavior specified
as part of the binding operations, rather than merely mentioned in the
security section. Also, is there a specific error case for the security
failure, or just the generic error message? 

The next nit is tied to the general security profile of LDP, which is
specified to use TCP(MD5). There is no expectation of privacy for LDP data.
I am not sure that the new extensions increase the "privacy surface" of LDP.
They do carry global identifiers of source and destination, and inform about
the path of packets between these destinations, and it seems that
adversaries could use that for monitoring and targeting purposes. But it is
possible that the information is already present in LDP. A note to that
effect in the security section would have been nice.

-- Christian Huitema