S Moonesamy wrote:
Please review what Lisa said [1] about security considerations and post your comments to this mailing list.
'My point, now that I've figured out how to explain it, is that if the WG wants to avoid late surprises, it will cause the IESG to think about whether the security considerations need to be upgraded,'Lisa is raising a completely open-ended concern. Hence, we cannot know what will satisfy her.
That said, we probably can and should take a step back, for each specification we touch, and ask some basic questions about utility and safety. Even if something is heavily used, it is reasonable to ask whether the usage is sufficient, the dangers are sufficiently problematic, and the like.
Going from Draft to Full is not intended to entail a technical review, but it is still worth taking that extra moment to consider first principles briefly. Not in detail, but enough to let any glaring issues get stated.
With respect to security, for this extension, I think the citation to text in RFC 1652 text, works just fine.
On the usage side, again, I think SM's suggested text works. The extension is heavily used and that use is widely acknowledged.
d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.