[secdir] Secdir review of draft-ietf-appsawg-rfc3536bis-06
Catherine Meadows <catherine.meadows@nrl.navy.mil> Mon, 11 July 2011 19:52 UTC
Return-Path: <catherine.meadows@nrl.navy.mil>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F063C11E80C6; Mon, 11 Jul 2011 12:52:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xVe+OapATInn; Mon, 11 Jul 2011 12:52:48 -0700 (PDT)
Received: from fw5540.nrl.navy.mil (fw5540.nrl.navy.mil [132.250.196.100]) by ietfa.amsl.com (Postfix) with ESMTP id B7F6511E80AB; Mon, 11 Jul 2011 12:52:47 -0700 (PDT)
Received: from chacs.nrl.navy.mil (sun1.fw5540.net [10.0.0.11]) by fw5540.nrl.navy.mil (8.13.8/8.13.6) with ESMTP id p6BJqjCH005558; Mon, 11 Jul 2011 15:52:46 -0400 (EDT)
Received: from chacs.nrl.navy.mil (sun1 [10.0.0.11]) by chacs.nrl.navy.mil (8.13.8/8.13.6) with SMTP id p6BJqhti002009; Mon, 11 Jul 2011 15:52:43 -0400 (EDT)
Received: from siduri.fw5540.net ([10.0.3.73]) by chacs.nrl.navy.mil (SMSSMTP 4.1.16.48) with SMTP id M2011071115524331621 ; Mon, 11 Jul 2011 15:52:43 -0400
From: Catherine Meadows <catherine.meadows@nrl.navy.mil>
Content-Type: multipart/alternative; boundary="Apple-Mail-8--752622389"
Date: Mon, 11 Jul 2011 16:02:22 -0400
Message-Id: <E2A16833-A619-4A5C-AC95-AC76F343C5E9@nrl.navy.mil>
To: secdir@ietf.org, iesg@ietf.org, draft-ietf-appsawg-rfc3536bis.all@tools.ietf.org
Mime-Version: 1.0 (Apple Message framework v1084)
X-Mailer: Apple Mail (2.1084)
Subject: [secdir] Secdir review of draft-ietf-appsawg-rfc3536bis-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jul 2011 19:52:49 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft provides definitions for a set of terms commonly used in internationalization in the IETF, that is terms having to do with the representation of text strings that appear in protocols in different languages, writing systems, and alphabets. In the security considerations sections the authors point out that since this draft consists of definitions of terminology having to do with the representation of text strings, it has only an indirect connection with security in some authentication methods may rely on the comparison of text strings. However, I don't see anything in the definition of terms here that would negatively impact the ability to discuss or specify such security methods, so I don't see any security issues here. One nit, having nothing to do with security: I found the phrase "Internet users must be able to be enter text in typical input methods and displayed in any human language." in the introduction somewhat hard to parse. Does it mean that 1) users should be able to use any of a set of typical input methods and 2) it should be possible to display the results in any human language, or that users should be able to enter text from any human language using typical input methods? Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows@nrl.navy.mil
- [secdir] Secdir review of draft-ietf-appsawg-rfc3… Catherine Meadows