>In the Paris IETF, we had lots of valuable comments on the nhdp-sec-threats >document, and it was adopted as wg document.
>In the discussion, the issue concerned most is the scope of the document: should >we include the common attacks for networks, and the interaction with protocols >using NHDP (OLSRv2, SMF, ...).
In general, both common and interaction attacks need to be documented
per protocol, it is more useful to have the scope of protocol's
vulnerability without excluding common network attacks and issues. Any
additional attacks should be considered, otherwise the document scope
section should specify if it excludes something.
>The current revision of the document also includes a section for the impacts on >protocols using NHDP. The rationale is that, as a neighbor discovery protocol, >NHDP is used in combination with other protocols most of the time. Therefore, the >document describes how the those protocols might be disrupted by the >misbehavior of NHDP (in common sense, such as MPR calculation, data sinkhole, >etc. ). If we are going to produce more threats documents in the future, there is no >need to worry about those common ones in NHDP (for example, we probably don't >want to discuss the threats in MPR selection in both SMF-threats and OLSRv2->threats).
Maybe you mean only threats-documents that use NHDP, so they need to
refer to this NHDP-sec-threats document, but if a protocol is not
using NHDP, it is important that its threat document scope includes
all attacks/threats possibilities.