[alto] Secdir last call review of draft-ietf-alto-unified-props-new-18
Paul Wouters via Datatracker <noreply@ietf.org> Wed, 15 September 2021 21:37 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: alto@ietf.org
Delivered-To: alto@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C3DA3A1403; Wed, 15 Sep 2021 14:37:27 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Paul Wouters via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: alto@ietf.org, draft-ietf-alto-unified-props-new.all@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.37.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <163174184742.9427.9373192733692803905@ietfa.amsl.com>
Reply-To: Paul Wouters <paul.wouters@aiven.io>
Date: Wed, 15 Sep 2021 14:37:27 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/alto/OSRds78wsdVXGjEA35LJ9vqOt5w>
Subject: [alto] Secdir last call review of draft-ietf-alto-unified-props-new-18
X-BeenThere: alto@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <alto.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/alto>, <mailto:alto-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/alto/>
List-Post: <mailto:alto@ietf.org>
List-Help: <mailto:alto-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Sep 2021 21:37:28 -0000
Reviewer: Paul Wouters Review result: Has Nits I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Has Nits This document extends RFC 7285 (the ALTO protocol) with some new registries and values. As such, there is no real change to the protocol, only to the possible information conveyed via the ALTO protocol. Therefor it is appropriate to refer to RFC 7285 for the Security Considerations, as is done in this document. While extensions to a protocol don't necessitate an Updates: clause, in this case I think it should because the document addresses shortcomings in the original protocol. That is, new implementations are expected to really require implementing this new document as part of the "core specification". Thus implementers reading 7285 should really be warned to also read (and implement) this document. The IANA considerations are quite verbose. Usually, this section only contains the minimal information for an IANA operator to read to implement the requested changes. In this case there is lots of text on justifying things that are better omitted or written out in another section. The new IANA registries do not all seem to allow for private use registrations? This means technically any new value cannot be tested unless by violating the RFC. At least, that is my reading but I'm a little confused by it.
- [alto] Secdir last call review of draft-ietf-alto… Paul Wouters via Datatracker
- Re: [alto] Secdir last call review of draft-ietf-… Randriamasy, Sabine (Nokia - FR/Paris-Saclay)
- Re: [alto] [Last-Call] Secdir last call review of… Qin Wu
- Re: [alto] [Last-Call] Secdir last call review of… Randriamasy, Sabine (Nokia - FR/Paris-Saclay)