Hi.

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

I am no expert on routing in general or IGP flex algorithms in particular. That said, I found the Abstract and Introduction jarring. The first paragraph of the Abstract would be better as part of the introduction than the abstract.

The Security Considerations section seems mostly copy-pasted from RFC 9350 with mild editing.  The substance may be correct - that the only new attack possible is suppressing reachability for a prefix, but I think only the second paragraph is necessary for that.