Document: draft-cheshire-dnsext-nbp-09 Reviewer: Elwyn Davies Review Date: 2010-11-23 IETF LC End Date: 2010-11-23 IESG Telechat date: (if known) Summary: This document has at least one open issue that I believe needs fixing, either by altering the scope of the applicability of the solution or fixing the requirements. The requirements envisage a protocol that could be used in an enterprise environment but it does not address issues of visibility and accessibility. This issue is clearly related to the security requirements that have been discussed elsewhere but differs from the authentication and general authorization aspects that have been the focus there. I believe that there needs to be discussion of how the service discovery can be controlled so that individual users/machines are only informed of services that they might be allowed to use. There should be some discussion of this issue beyond what is given peripherally in s3.11. Maybe this should be in s3.7, 3.10 or s3.11 (or maybe all of the above.) I suspect this is not an easy problem to solve in a zeroconf configuration. Otherwise the document is well written and clear, and I could not immediately think of any other aspect that had been missed or inadequately covered. Nits: [refreshingly free of nits!] The only comment might be that a pointer to some publically available definition or discussion of the existing Appletalk NBP miight be helpful if such a thing exists. Also idnits suggests that RFC 2462 should be replaced by RFC4862 which obsoleted it.