I am the assigned Gen-ART reviewer for
draft-ietf-mpls-mpls-and-gmpls-security-framework-07.txt

For background on Gen-ART, please see the FAQ at
<http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html>.

Please resolve these comments along with any other Last Call comments
you may receive.

Summary: This draft is almost ready for publication as Informational RFC
but I have a few comments.

Minor
=====

* Section 2

I think the definition of a P router is not very accurate. It reads

"A P router is used to interconnect the PE routers."

Isn't it possible that there are multiple P routers on a path between
two PE routers

e.g.

PE--P--P--P--PE

* Section 3

-> "Figure 1 depicts the concept of trusted zones within the MPLS/GMPLS
framework"

Figure 1 does not show the trusted zones at all. It needs to be revised
or this sentence needs to be removed.

-> In Figure 2 why is CE1 considered an unauthorized neighbor? I can
understand why it is untrusted but I do not see why it is unauthorized.

* Section 4

"The discussion is limited to those threats that are unique to
MPLS/GMPLS networks or that affect MPLS/GMPLS network in unique ways."

This is not really true. Most of the attacks described in this document
are not specific to MPLS/GMPLS networks at all. Suggest removing this
sentence.

Editorial
=========

Please fix the following typos

* Section 7.1.1

s/cryptograpgic/cryptographic/

* Normative References

s/EFC 2741/RFC 2747/