[secdir] Security review of draft-ietf-uta-xmpp-05

Hannes Tschofenig <hannes.tschofenig@gmx.net> Thu, 09 April 2015 03:05 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECD9D1B3766; Wed, 8 Apr 2015 20:05:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7GVJnWfo-jvA; Wed, 8 Apr 2015 20:05:07 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8AC91B3765; Wed, 8 Apr 2015 20:05:04 -0700 (PDT)
Received: from [192.168.10.171] ([207.47.25.82]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0M96Jd-1YY1V424k9-00CSRr; Thu, 09 Apr 2015 05:04:56 +0200
Message-ID: <5525EC51.3040903@gmx.net>
Date: Thu, 09 Apr 2015 05:04:49 +0200
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: The IESG <iesg@ietf.org>, draft-ietf-uta-xmpp@tools.ietf.org, "secdir@ietf.org" <secdir@ietf.org>
OpenPGP: id=4D776BC9
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="nn2IfaXALDb9ntHxcehXOEA9ppddMsOCA"
X-Provags-ID: V03:K0:3b5ctptCDjXDX3UJfx1LZpY7OtIvl7hFeu22C8gi0Yf2wn1UZl5 paI2ibYe+pq3xGZJG1UbbOIG/IWgKYN/jvuKwoAsqu8eUN2KCnthE9xZkfZ5LGKcY2CVmmu 8DZOOLLWWfCmPedMI/iTE3gLTHqi09hXh8th5aQ88PXy8/XpwjF6ozgj5JQgTEdW5Gf7JpI 2GsPPBMzFu5NEB7yFH9NQ==
X-UI-Out-Filterresults: notjunk:1;
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/u6-cP_tuYQQiEZAHdKUs5vm9vtE>
Subject: [secdir] Security review of draft-ietf-uta-xmpp-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2015 03:05:09 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document is ready for publication.

I have only one small comment: draft-ietf-uta-xmpp does not really
recommend anything that has not already been recommended in the other
referenced specifications. Hence it appears a bit redundant.