[Int-dir] Intdir telechat review of draft-ietf-regext-data-escrow-05

Carlos Bernardos via Datatracker <noreply@ietf.org> Tue, 17 March 2020 19:22 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: int-dir@ietf.org
Delivered-To: int-dir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 66C8D3A0A84; Tue, 17 Mar 2020 12:22:04 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Carlos Bernardos via Datatracker <noreply@ietf.org>
To: <int-dir@ietf.org>
Cc: last-call@ietf.org, draft-ietf-regext-data-escrow.all@ietf.org, regext@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.121.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <158447292431.32022.16831304843056833158@ietfa.amsl.com>
Reply-To: Carlos Bernardos <cjbc@it.uc3m.es>
Date: Tue, 17 Mar 2020 12:22:04 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-dir/8BJEPavSHK0BYTe_f1W1BFG-fwA>
Subject: [Int-dir] Intdir telechat review of draft-ietf-regext-data-escrow-05
X-BeenThere: int-dir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "This list is for discussion between the members of the Internet Area directorate." <int-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-dir>, <mailto:int-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-dir/>
List-Post: <mailto:int-dir@ietf.org>
List-Help: <mailto:int-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-dir>, <mailto:int-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2020 19:22:05 -0000

Reviewer: Carlos Bernardos
Review result: Ready with Nits

Reviewer: Carlos J. Bernardos
Review result: Ready with nits

I am an assigned INT directorate reviewer for draft-ietf-regext-data-escrow 
These comments were written primarily for the benefit of the Internet Area
Directors. Document editors and shepherd(s) should treat these comments just
like they would treat comments from any other IETF contributors and resolve
them along with any other Last Call comments that have been received. For more
details on the INT Directorate, see http://www.ietf.org/iesg/directorate.html.

I hope these comments are clear and useful.

>From an INT directorate point of view the document is ready, as it does not
deal with the mechanisms used to actually transfer the data escrow deposits. I
have some comments regarding the security and privacy sections. - In section 10
(Security considerations):

"Depending on local policies, some elements or, most likely, the whole deposit
will be considered confidential. As such, the registry transmitting the data to
the escrow agent should take all the necessary precautions such as encrypting
the data itself and/or the transport channel to avoid inadvertent disclosure of
private data."

I'd assume the should in "escrow agent should take" should be UPPER case, right?

"Authentication of the parties passing data escrow deposit files is also of the
utmost importance. The escrow agent SHOULD properly authenticate the identity
of the registry before accepting data escrow deposits. In a similar manner, the
registry SHOULD authenticate the identity of the escrow agent before submitting
any data.

Additionally, the registry and the escrow agent SHOULD use integrity checking
mechanisms to ensure the data transmitted is what the source intended.
Validation of the contents by the escrow agent is RECOMMENDED to ensure not
only that the file was transmitted correctly from the registry, but also that
the contents are "meaningful"."

In general, I wonder why not all the SHOULDs in this section are not MUST. But
this should be probably better assessed by the SECDIR.

- In section 11 (Privacy considerations):

"This specification defines a format that may be used to escrow personal data.
The process of data escrow is governed by a legal document agreed by the
parties, and such legal document must regulate the particularities regarding
the protection of personal data."

I'd assume the must should be in UPPER case, no?

Thanks,

Carlos