[secdir] secdir review of draft-sheffer-rfc6982bis-00
Adam Montville <adam.w.montville@gmail.com> Fri, 29 April 2016 00:19 UTC
Return-Path: <adam.w.montville@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 503C612B020; Thu, 28 Apr 2016 17:19:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pulpLUtecLZ5; Thu, 28 Apr 2016 17:19:33 -0700 (PDT)
Received: from mail-oi0-x231.google.com (mail-oi0-x231.google.com [IPv6:2607:f8b0:4003:c06::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95A5B12D51F; Thu, 28 Apr 2016 17:19:30 -0700 (PDT)
Received: by mail-oi0-x231.google.com with SMTP id x201so102369792oif.3; Thu, 28 Apr 2016 17:19:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:subject:date:message-id:to:mime-version; bh=VwkBXKVWWCLcJp+VC7xz3UfRa4a+31FCquriZo069pM=; b=wqGVXK054QbvlK2VUPCOJhD+YtOLMqaCs82msEgzluDCf8Bmww427neVztXbxcLEH+ 60wxRFCzLqSV9lkAt0BMHnQo9oyv7+b8j52QWm5Z7CwN1a3XCFuRhLSnKEHq+bXOyUMq L0qPr9/VgYzbBjiY3cBTUAum6WarDk3/pMRyYWmfrH1z1R5Vb1uslEFw4fLfZcw9hS0A ue9f5yIj1my8wWA69+tSD4I7ajr2j+fo92conGOynK4TnOcB///NwWZuns+dTQUNrLbb hoTdv935FPxqPwGl5ZqVQdSdKXmFRewRDYKvDvDRj14CYyKLrPRZ+eK5M1dEaUGVvhnd OQTQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:subject:date:message-id:to:mime-version; bh=VwkBXKVWWCLcJp+VC7xz3UfRa4a+31FCquriZo069pM=; b=a+EtL13UQc64agaa5Y6mZQL8Rn4GXbMK0lTEhedQUdxgspPJGus+0Slg6gbJWq/+QU gfP4S8BhpvZDcKuZBSCg3CBFaaioCLRFEPeA4Um8a5EnA2P0iLw0VCrE+WvleORDbprm LeAw0tj59GDHjGgVFTfo+HIcaUV48FxzbUyuds7FO6BkSkSCAENpbWFlHuh/wiGeFSah TVXw3AZfJrmfUdfUH+LZiZTE0lKxIy/J2rvMdBFTTm7JfmatzC0xfkw8dUDVwUGMzlLt BrGxS5Gn56DcyrWHE6W84Hr4+/BoKNeuePkwQt84y9J9Lv9M1TsD0sCvZZyVTkBNcu3V e54A==
X-Gm-Message-State: AOPr4FXnHRiGYGNaR82pgv/zF1jrNrrsresY5qm8uZuAqAuKibpib4YV02Ory5HZld78EA==
X-Received: by 10.202.91.8 with SMTP id p8mr7049898oib.99.1461889170032; Thu, 28 Apr 2016 17:19:30 -0700 (PDT)
Received: from adams-mbp.attlocal.net (99-64-100-131.lightspeed.austtx.sbcglobal.net. [99.64.100.131]) by smtp.gmail.com with ESMTPSA id g6sm3827581oeu.9.2016.04.28.17.19.28 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Apr 2016 17:19:28 -0700 (PDT)
From: Adam Montville <adam.w.montville@gmail.com>
X-Pgp-Agent: GPGMail 2.6b2
Content-Type: multipart/signed; boundary="Apple-Mail=_77897290-9903-489B-9EB4-EBD4267E60A8"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Date: Thu, 28 Apr 2016 19:19:27 -0500
Message-Id: <D2B2F2B0-C0F2-43BC-81B6-09214C15273D@gmail.com>
To: The IESG <iesg@ietf.org>, secdir@ietf.org, draft-sheffer-rfc6982bis.all@ietf.org
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/kIejExwKi0jwBN6idmFdAT2-Xb0>
Subject: [secdir] secdir review of draft-sheffer-rfc6982bis-00
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Apr 2016 00:19:35 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft is ready. I found the draft readable and easy to understand. I agree with the statement made in the Security Considerations section that, being a process document, there are no real security considerations. I also agree with the perspective that a draft with an Implementation Status section probably has implementations, which, in turn, may mean that the protocol was more deeply examined and therefore more likely to be secured well. Kind regards, Adam
- [secdir] secdir review of draft-sheffer-rfc6982bi… Adam Montville