Document: draft-ietf-pim-lasthop-threats-03.txt Reviewer: Eric Gray Review Date: 03/27/2008 Summary: This document is nearly ready to publish as an Informational RFC. COMMENTS/QUESTIONS ================== I don't understand the following statement (from Introduction, page 3): "The impact on the outside of the link is described in [RFC4609]." What is the "outside of the link" in this context? __________________________________________________________________ In section 2, an attacking node is defined to be either a host or an unauthorized router. This brings up a point - perhaps it is necessary to point out that attacks based on subversion of an authorized router are out of scope (in the Introduction)? __________________________________________________________________ "Unauthorized" may not be the right word in section 2.2. The text in the section seems to imply that enabling PIM on a router's host interface effectively "authorizes" hosts to become PIM neighbors. Perhaps "Nodes May Exhibit Unauthorized Behavior as PIM Neighbors" or "Nodes May Be Invalid PIM Neighbors" would be more correct? __________________________________________________________________ There is a bit of confusion in the bullets in section 3.1 (page 6) - the lead in appears to assume that bullets apply to an attacker that has managed to have itself elected as the DR, yet the third bullet doesn't seem to require this. I would suggest breaking the bit about "even if the router is not DR" out into a separate paragraph after the bullets (along the lines of "Sending PIM Prune messages may also be an effective attack vector even if the attacking node is not elected DR, since PIM Prune messages are accepted from (on?) downstream interfaces even in this case.") __________________________________________________________________ NITs ==== In section 2.1 "as unicast" or just "unicast" as opposed to "by unicast"? ("unicast" is not - AFAIK - an active element or agent capable of sending [Register] messages...) __________________________________________________________________