Title: secdir review of draft-ietf-karp-threats-reqs-03 I reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments. This document (draft-ietf-karp-threats-reqs-03) is a document intended to help guide protocol development in the KARP WG. The abstract states  "This document has two main parts - the first describes the threat analysis for attacks against routing protocols' transports and the second enumerates the requirements for addressing the described threats." The threat analysis is VERY badly written; it is a hodgepodge of attack discussions, using mostly non-standard security terminology, and peppered with a lot of redundant statements. The requirements discussion is somewhat better, but also suffers from use of poor terminology, an ad hoc approach to organization, and substantial redundancy. I have provided extensive comments and some questions in the attached PDF (an MS Word change tracked version of the document). The comments are so extensive as to not admit discussion in this message. Section 1.1 provides definitions for terms used in the document, and it has a number of problems. I suggest that the authors refer to NIST SP 800 series documents for definitions of terms associated with cryptographic keying, and to the IETF Security Glossary (RFC 4949) for other security terms. Also, many terms are used in the threat discussion (Section 2) that should be described based on the 4949 glossary, rather than what appear to be author-generated definitions. The goals discussion (Section 1.5) is one of the few sections of the document without major problems (other than editing). This document needs to be sent back to the WG for substantial revision. Steve Attachment: draft-ietf-karp-threats-reqs-03.doc Description: MS-Word document