[secdir] SecDir review of draft-ietf-sieve-vacation-seconds-02
Tina TSOU <tena@huawei.com> Mon, 08 November 2010 11:55 UTC
Return-Path: <tena@huawei.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CD2113A69BB for <secdir@core3.amsl.com>; Mon, 8 Nov 2010 03:55:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.384
X-Spam-Level:
X-Spam-Status: No, score=-100.384 tagged_above=-999 required=5 tests=[AWL=0.110, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J3nX5TzXksX5 for <secdir@core3.amsl.com>; Mon, 8 Nov 2010 03:55:30 -0800 (PST)
Received: from szxga03-in.huawei.com (unknown [119.145.14.66]) by core3.amsl.com (Postfix) with ESMTP id 2FCF43A69AC for <secdir@ietf.org>; Mon, 8 Nov 2010 03:55:30 -0800 (PST)
Received: from huawei.com (szxga03-in [172.24.2.9]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LBK00544EGSXC@szxga03-in.huawei.com> for secdir@ietf.org; Mon, 08 Nov 2010 19:55:40 +0800 (CST)
Received: from huawei.com ([172.24.2.119]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LBK00K5WEGSIR@szxga03-in.huawei.com> for secdir@ietf.org; Mon, 08 Nov 2010 19:55:40 +0800 (CST)
Received: from dhcp-72cb.meeting.ietf.org (dhcp-72cb.meeting.ietf.org [130.129.114.203]) by szxml01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0LBK00IYQEGNNF@szxml01-in.huawei.com> for secdir@ietf.org; Mon, 08 Nov 2010 19:55:40 +0800 (CST)
Date: Mon, 08 Nov 2010 19:55:34 +0800
From: Tina TSOU <tena@huawei.com>
To: secdir@ietf.org
Message-id: <6DB045CE-E31B-4BA4-999F-313316A05389@huawei.com>
MIME-version: 1.0
X-Mailer: Apple Mail (2.936)
Content-type: multipart/alternative; boundary="Boundary_(ID_gX5v6XWIJyd+OTeNmpECxA)"
Subject: [secdir] SecDir review of draft-ietf-sieve-vacation-seconds-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Nov 2010 11:55:31 -0000
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.
This document describes a further extension to the Sieve Vacation
extension, allowing multiple auto-replies to the same sender in a
single day by adding a ":seconds" parameter.
In section 4, it says
Security considerations for the Sieve Vacation extension [RFC5230]
apply equally here. In addition, implementations SHOULD consider
the
number of auto-replies that might be generated by allowing small
values of ":seconds" (including 0), and MAY impose additional limits
on that number. See the Security Considerations section of RFC 3834
[RFC3834] for a fuller discussion.
I don't see any other pending issues regarding the security aspect.
B. R.
Tina
http://tinatsou.weebly.com