Reviewer: Leif Johansson Review result: Minor issues I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The draft describes a way to handle groupings of large sets of sub- LSPs in a P2MP GMPLS setup for the purpose of traffic engineering (re-)optimization by introducing the concept of "fragment identifiers" Let me state up front that the topic is outside my normal area of expertise. My only question is this: could an attacker fake messages that would (to the receiver ingress node) appear to be part of a fragmented group of sub-LSPs so as to trigger a full re-computation of the tree? The text in the last but one paragraph of 4.2 would seem to suggest that this attack is a possibility. At "worst" this would be a denial-of-service attack but it should perhaps be addressed in the security considerations section anyway. Cheers Leif