[Insipid] Secdir last call review of draft-ietf-insipid-logme-marking-11
Leif Johansson <firstname.lastname@example.org> Mon, 09 July 2018 15:15 UTC
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BC9B12F295; Mon, 9 Jul 2018 08:15:46 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
From: Leif Johansson <email@example.com>
Cc: firstname.lastname@example.org, email@example.com, firstname.lastname@example.org
Date: Mon, 09 Jul 2018 08:15:46 -0700
Subject: [Insipid] Secdir last call review of draft-ietf-insipid-logme-marking-11
List-Id: SIP Session-ID discussion list <insipid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/insipid>, <mailto:email@example.com?subject=unsubscribe>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/insipid>, <mailto:firstname.lastname@example.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2018 15:15:47 -0000
Reviewer: Leif Johansson Review result: Ready I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. >From the abstract: This document describes an indicator for the SIP protocol which can be used to mark signaling as being of interest to logging. The document is clearly written and feels ready for publication from a quality standpoint. My only issue is in 7.4.6 - User Control of Logging: Why is the "must" in the first paragraph non-normative? Is it because there is no way to prove the existence or absence of user consent? I realize this may be a hard problem to solve but if this issue was considered and rejected it might be worth including a discussion about this in the document.
- [Insipid] Secdir last call review of draft-ietf... Leif Johansson
- Re: [Insipid] Secdir last call review of draft-... Dawes, Peter, Vodafone Group