--- 1/draft-ietf-lsr-ospf-admin-tags-00.txt	2021-03-22 13:22:34.735580388 -0700
+++ 2/draft-ietf-lsr-ospf-admin-tags-01.txt	2021-03-22 13:22:34.759580985 -0700
@@ -1,18 +1,18 @@
 
 Network Working Group                                     A. Lindem, Ed.
 Internet-Draft                                                 P. Psenak
 Intended status: Standards Track                           Cisco Systems
-Expires: July 24, 2021                                  January 20, 2021
+Expires: September 22, 2021                               March 21, 2021
 
      Extensions to OSPF for Advertising Prefix Administrative Tags
-                   draft-ietf-lsr-ospf-admin-tags-00
+                   draft-ietf-lsr-ospf-admin-tags-01
 
 Abstract
 
    It is useful for routers in an OSPFv2 or OSPFv3 routing domain to be
    able to associate tags with prefixes.  Previously, OSPFv2 and OSPFv3
    were relegated to a single tag for AS External and Not-So-Stubby-Area
    (NSSA) prefixes.  With the flexible encodings provided by OSPFv2
    Prefix/Link Attribute Advertisement and OSPFv3 Extended LSAs,
    multiple administrative tags may advertised for all types of
    prefixes.  These administrative tags can be used for many
@@ -31,21 +31,21 @@
    Internet-Drafts are working documents of the Internet Engineering
    Task Force (IETF).  Note that other groups may also distribute
    working documents as Internet-Drafts.  The list of current Internet-
    Drafts is at https://datatracker.ietf.org/drafts/current/.
 
    Internet-Drafts are draft documents valid for a maximum of six months
    and may be updated, replaced, or obsoleted by other documents at any
    time.  It is inappropriate to use Internet-Drafts as reference
    material or to cite them other than as "work in progress."
 
-   This Internet-Draft will expire on July 24, 2021.
+   This Internet-Draft will expire on September 22, 2021.
 
 Copyright Notice
 
    Copyright (c) 2021 IETF Trust and the persons identified as the
    document authors.  All rights reserved.
 
    This document is subject to BCP 78 and the IETF Trust's Legal
    Provisions Relating to IETF Documents
    (https://trustee.ietf.org/license-info) in effect on the date of
    publication of this document.  Please review these documents
@@ -228,24 +228,30 @@
    path and, if the implementation supports multiple tags, MAY associate
    tags for multiple contributing LSAs up to the maximum number of tags
    supported.
 
 5.  Security Considerations
 
    This document describes a generic mechanism for advertising
    administrative tags for OSPF prefixes.  The administrative tags are
    generally less critical than the topology information currently
    advertised by the base OSPF protocol.  The security considerations
-   for the generic mechanism are dependent on the future application
-   and, as such, should be described as additional capabilities are
-   proposed for advertisement.  Security considerations for the base
-   OSPF protocol are covered in [RFC2328] and [RFC5340].
+   for the generic mechanism are dependent on their application.  One
+   such application is to control leaking of OSPF routes to other
+   protocols (e.g., BGP [RFC4271]).  If an attacker were able to modify
+   the admin tags associated with OSPF routes and they were be used for
+   this application, such routes could be prevented from being
+   advertised in routing domains where they are required (subtle denial
+   or service) or they could be advertised into routing domains where
+   they shouldn't be advertised (routing vulnerability).  Security
+   considerations for the base OSPF protocol are covered in [RFC2328]
+   and [RFC5340].
 
 6.  IANA Considerations
 
    The following values should be allocated from the OSPF Extended
    Prefix TLV Sub-TLV Registry [RFC7684]:
 
    o  TBD - 32-bit Administrative Tag TLV
 
    The following values should be allocated from the OSPFv3 Extended-LSA
    Sub-TLV Registry [RFC8362]:
@@ -296,20 +302,25 @@
               F. Baker, "OSPFv3 Link State Advertisement (LSA)
               Extensibility", RFC 8362, DOI 10.17487/RFC8362, April
               2018, <https://www.rfc-editor.org/info/rfc8362>.
 
 8.2.  Informative References
 
    [RFC3101]  Murphy, P., "The OSPF Not-So-Stubby Area (NSSA) Option",
               RFC 3101, DOI 10.17487/RFC3101, January 2003,
               <https://www.rfc-editor.org/info/rfc3101>.
 
+   [RFC4271]  Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
+              Border Gateway Protocol 4 (BGP-4)", RFC 4271,
+              DOI 10.17487/RFC4271, January 2006,
+              <https://www.rfc-editor.org/info/rfc4271>.
+
    [RFC5130]  Previdi, S., Shand, M., Ed., and C. Martin, "A Policy
               Control Mechanism in IS-IS Using Administrative Tags",
               RFC 5130, DOI 10.17487/RFC5130, February 2008,
               <https://www.rfc-editor.org/info/rfc5130>.
 
    [RFC8920]  Psenak, P., Ed., Ginsberg, L., Henderickx, W., Tantsura,
               J., and J. Drake, "OSPF Application-Specific Link
               Attributes", RFC 8920, DOI 10.17487/RFC8920, October 2020,
               <https://www.rfc-editor.org/info/rfc8920>.