I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors.  Document editors and WG chairs should treat these
comments just like any other last call comments.

Summary: Ready with nits

Consider adding text to the Introduction mentioning malicious activity
as a possible cause of these unexpected traffic flows, rather than
leaving it toward the end of the document in the Security
Considerations.

The Security Considerations (Section 6) text describes possible
malicious activity by an AS to deliberately cause unexpected traffic
flow through another AS.  Although the first paragraph of the Security
Considerations says "The objective of this document is to inform on this
potential routing security issue", there appears to be no prior mention
in this document of possibility of maliciously induced unexpected
traffic flow.  The current Introduction characterizes the unexpected
traffic flows primarily as side effects of filtering or other
configuration, but appears not to include the possibility of a malicious
cause.

Editorial:

In the second paragraph of Section 1: "While BGP" should be "Although
BGP", to avoid implying dependency or temporal coincidence.

In the first two paragraphs of Section 3.1, "his" should be "its".
Please avoid the unnecessary use of gendered pronouns.

In the first paragraph of Section 3.2, delete "data" from "as much data
information as possible".

For the title of Section 4, consider dropping one instance of the word
"traffic".

In the last paragraph of Section 4.1, in the sentence "...neighboring
AS... opposes the peering agreement", consider replacing "opposes" with
"contravenes", "infringes", or another synonym.