Sarah, Thanks for the review. Security sections of RFC 8402 and 8986 describe the trust model for SR domain and filtering of packets at domain boundaries to prevent unwanted or malicious injection of packets into a SR domain. The same apply to this new SR behavior. I will add some text to the Security section clarifying this.
This document does assume some familiarity with Segment Routing. There is a terminology section for new terms defined in this document, but may I ask specifically what other terms from SR are not clear? -Rishabh On Mon, Jun 19, 2023 at 3:34 PM Sarah Banks via Datatracker < nore...@ietf.org> wrote: > Reviewer: Sarah Banks > Review result: Has Issues > > Hi, > > Major issues: None > Minor issues: > > I echo the sentiments of another reviewer with the security section; in > particular, are the security considerations cited in RFC8754 strong enough, > considering the replication of packets here? (It's OK if they are, but I > wonder > if it's worth calling out in the doc that this was explicitly considered > and > the authors landed at the same conclusion). > > Readers not yet experts in SR would likely have a hard time distinguishing > from > this draft which terms are net new in the document, versus those defined in > RFCs or other drafts; a clarifying terminology section would help, or > specifically citing terms to RFCs would help. > > Thank you, > Sarah > > > _______________________________________________ > spring mailing list > spring@ietf.org > https://www.ietf.org/mailman/listinfo/spring >
_______________________________________________ spring mailing list spring@ietf.org https://www.ietf.org/mailman/listinfo/spring
