Reviewer: Phillip Hallam-Baker Review result: Has Issues I have reviewed this document and in general, it seems ready. While it does raise serious security concerns, it is not clear that these are new to this proposal or that this proposal gives more leverage to an attacker.
Specifically, the draft stipulates that 'the area is in a single administrative domain' the security considerations describes one set of attacks arising from customers served by the domain. However, this set of attacks may be broader than described. Consider for instance the case where there are two domains A and B that provide transit for ISP C. An attacker that wants to ensure C is serviced exclusively by B might perform a denial of service attack on A so as to increase the cost of that route so as to achieve that goal. A real world attack that has been seen in the past is country X preparing for an invasion of country Y, performing BGP level attacks to effectively reroute Internet traffic within Y so that the government Web sites were serviced by fake sites set up by X. These sites containing messages of the form 'don't worry about the military exercises'. _______________________________________________ rtgwg mailing list -- rtgwg@ietf.org To unsubscribe send an email to rtgwg-le...@ietf.org
