Title: 

draft-ietf-tsvwg-rsvp-security-groupkeying-10.txt




This is a quick
re-check.







I reviewed this document as part
of the security directorate's ongoing effort to review all IETF
documents being processed by the IESG.  These comments were
written primarily for the benefit of the security area directors. 
Document editors and WG chairs should treat these comments just like
any other last call comments.







This document
(draft-ietf-tsvwg-rsvp-security-groupkeying-10.txt) compares group
keying vs. per-neighbor or per-interface keying options for RSVP. It
also examines the applicability of various protocol security
mechanisms (e.g., IPsec and the RSVP INTEGRITY object) in different
"trust" contexts, and for different RSVP message types.





This is a

 very well-written

 document. The Security
Consideration section is but one sentence, because the whole document
is an analysis of security issues associated with key management and
protocol options for RSVP security. I wish more documents were of this
quality!