> C1. The reference to rfc7607 should be Informative. > > C2. [Major] Security Considerations. I think that there is one > consideration that should be mentioned in this section: Given that the > largest value is preferred (2 = invalid), there is an attack vector > where a router in the path (yes, even an internal router) can inject a > community indicating that the route is invalid; the communities are > not protected. This action could result in inconsistent routing or in > even a DoS. I know the document is not explicit about what to do with > the validation state (which is ok), but the clear intention (from > rfc6811 and rfc7115) is that it will be used to make routing > decisions. Please add some text about this potential issue.
would you prefer a revision soon, or wait for other iesg comments? randhy _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
