I have reviewed this document as part of the security directorate's 


ongoing effort to review all IETF documents being processed by the IESG. 


 These comments were written primarily for the benefit of the security 


area directors.  Document editors and WG chairs should treat these 


comments just like any other last call comments.






This document extends the ways in which flows are identified by routers 


along the packet's path (other than the ingress/egress routers) by 


adding a new encapsulation Subsequent Address Family Identifier (SAFI) 


into the softwire binding.






I have little experience with routing and softwires, so take this review 


accordingly.






The draft is very brief and assumes that the reader is very familiar 


with softwires, routing, etc. It appears that it is simply extending 


RFC5512, and that it adds no new security considerations.




The current security considerations sections is one sentence:

"There are no additional security risks introduced by this design."



I think this is correct. If I were writing this, I might point back at 


RFC 5512 here, or perhaps even cut/paste the brief security 


considerations from that document into this one, just to be informative.




--Scott