I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

This document discusses a threat model for BGP Path Security.   The  document contains a lot of good information, but I found it hard to follow in places  
Some issues:

1.   I found it difficult to link the threats in section 3 to the attacks in section 4.   This is more of a consistency of terminology issue and is probably just a nit. 
2.   The attacks in sections 4.1, 4.2, and 4.3 seem to be largely discounted as out of scope, yet they seem to impact the goals of PATHSEC.   Is it assumed that there are countermeasures in place such as link protection between RGP peers?    If other countermeasures besides PATHSEC are expected to be in place this should probably be mentioned in the security considerations.  
3.   I found the argument against not including 'route leakage' a bit weak since the documents seems to be able to define what it means.   Wouldn't 'route leakage' be a mechanism to realize one or more of the threats in section 3?  


Thanks,

Joe