Hi,
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.
The summary of the review is Ready with nits:
• section 1: Introduction
However, an RPKI relying party may want to override some of the
information expressed via putative TAs and the certificates
It seems that TA is being used for the first time here. The acronym
should be extended to ease the reading of the document. I am reading it
as Trust Anchor.
• section 2. RPKI RPs with SLURM
SLURM provides a simple way to enable RPs to establish a local,
It seems to me the acronym RP is used for the first time. It seems that
it should be expanded to ease the reading of the document. I am reading it
as Relaying Party.
• section 6 Security considerations
I My reading is that the section catches the criticality of the SLURM
files and that network operators are already familiar provisioning critical
data. As such I believe the section is sufficiently clear.
• whole document:
It seems that BGPSec, and BGPsec are used together. I believe this
should be harmonized to BGPsec.
Yours,
Daniel