[core] Secdir Last Call review of draft-ietf-core-senml-more-units

"Valery Smyslov" <valery@smyslov.net> Tue, 22 October 2019 07:21 UTC

Return-Path: <valery@smyslov.net>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id C6B7612004F; Tue, 22 Oct 2019 00:21:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.5
X-Spam-Status: No, score=-0.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_SORBS_WEB=1.5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=smyslov.net
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 6-2TkSTO9Hut; Tue, 22 Oct 2019 00:21:05 -0700 (PDT)
Received: from direct.host-care.com (direct.host-care.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF51212002F; Tue, 22 Oct 2019 00:21:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=smyslov.net ; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID :Date:Subject:Cc:To:From:Sender:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=eB6Xf/vg+EdWUhR97Dm96pijyYqx7PqtzwH8TrYxBPY=; b=ACU80qcJfp1wwTcUNRLeOwHNdv uGdEyyogad7mqJkcgWcHnNChe9vFZMpSpxiCl2HDzBC+M8wxBxHjQEnzYFj5TUmhBCxSVOANtvzAF 7OEZCQxAxmzJoa1pL3f8vIVhb1odStBnNX87UfrAET2F7zflsxhVwD8ng4LVGEeM4nfa8M5A973aR ahpBitb7NdkLjLQazUYKnSzMb+TtLcL+o04M2OHwG7jxZ00ZYijgsP2TvPYXIMg6abkPjys4kUNOd ZZJjPCQ5hHa1QYUu9IK0EGXpaiy4ZdAooEoJpmxTpARvH8xbLebXXTlqJg+EppIA7mucoc81caZo6 0dGDQPgw==;
Received: from [] (port=58649 helo=buildpc) by direct.host-care.com with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.92) (envelope-from <valery@smyslov.net>) id 1iMoTT-0007yX-Uw; Tue, 22 Oct 2019 03:21:00 -0400
From: "Valery Smyslov" <valery@smyslov.net>
To: <secdir@ietf.org>
Cc: <draft-ietf-core-senml-more-units@ietf.org>, <core@ietf.org>, <ietf@ietf.org>
Date: Tue, 22 Oct 2019 10:20:58 +0300
Message-ID: <050d01d588a9$41b06ef0$c5114cd0$@smyslov.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdWIpdf2A1a6Eq92S7mADJGdYNFbGw==
Content-Language: ru
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - direct.host-care.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - smyslov.net
X-Get-Message-Sender-Via: direct.host-care.com: authenticated_id: valery@smyslov.net
X-Authenticated-Sender: direct.host-care.com: valery@smyslov.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/3lGI7qO7FnsSqm_gdl4jnQvc-Rw>
Subject: [core] Secdir Last Call review of draft-ietf-core-senml-more-units
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Oct 2019 07:21:07 -0000

Reviewer: Valery Smyslov	
Review result: Ready

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

This is a short document that defines additional measurement units
and subunits to be used in SenML (RFC8428). As such the primary
purpose of the document is to request IANA to update "SenML Units" 
registry and to create a new one - a "secondary units" sub-registry.

The document doesn't define any actual protocol. The Security
Considerations section refers to RFC8428, since introduction
of new measurement units is believed to not bring any 
new security implications.

Nit (not related to security). In para:

   SenML packs MAY, but SHOULD NOT, use secondary units in place of
   SenML units, where the exception of the "SHOULD NOT" lies in the
   context of specific existing data models that are based on these
   secondary units.

I think that uppercase "MAY" is redundant here, because using 
"SHOULD NOT" always assumes that there may be exceptions.