I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready with nits. I previously reviewed -06 and almost all of my suggestions then were adopted. :-) Security: I believe that the theme of the Security Considerations section, that possible use of the IOAM flags specified in this document could be used in amplification attacks, is correct and that the Security Considerations section adequately explores this topic. Minor: In Section 2.2, Terminology: Suggest adding, for OAM, a reference to RFC 6291 "Guidelines for the Use of the "OAM" Acronym in the IETF". Section 4.1, 1st paragraph, 2nd sentence: I think "i.e." (which mean "id est" or "that is") should be "e.g." (which means "exempli gratia" or "for example") because I think there are reasons for on-demand use of IOAM Loopback other than failure detection. Section 4.1, last paragraph, 1st sentence: "with the Loopback flag" -> "with the Loopback flag set to 1". Section 4.1.1, last sentence of 3rd paragraph: "If there is no prior knowledge about the network topology or size, it is recommended to use N>100." -> "It is RECOMMENDED that N > 10*M or, if there is no knowledge of network topology or size, N > 100." Section 5, 2nd paragraph: "must terminate" -> "MUST terminate". Miscellaneous: Section 4.1.1, last paragraph: "guaranteed" is impossible to enforce. Suggest making this a little weaker such as: "if it is not guaranteed that" -> "unless". Editorial: Section 4.2, 2nd paragraph: "The looped back data rate SHOULD NOT exceed 1/N of the interface capacity on any of the IOAM node's interfaces. It is recommended to use N>100." -> "The looped back data rate SHOULD NOT exceed one percent of the interface capacity on any of the IOAM node's interfaces." Section 4.4, 1st paragraph: "and processed accordingly." -> "and the packet is processed accordingly." Section 5, 1st sentence after Figure 2: I don't think the whole draft focuses on active measurement. Perhaps "This draft focuses ..." -> "This section focuses ..." Section 5, 3rd bullet point: Fix up confusing wording. "A selected data packet that is replicated, and its (possibly truncated) copy is forwarded with one or more IOAM option," -> "A selected data packet is replicated and its (possibly truncated) copy is forwarded with one or more IOAM options,". Section 5, last paragraph: Could make a similar "one percent" change as suggested above. Section 6, 1st sentence: Too many "follow"s. Either delete "the following" or delete "as follows". That's it. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e3e3@gmail.com