Re: [Lager] AD review of draft-ietf-lager-specification-10
"Marc Blanchet" <marc.blanchet@viagenie.ca> Sun, 20 March 2016 21:06 UTC
Return-Path: <marc.blanchet@viagenie.ca>
X-Original-To: lager@ietfa.amsl.com
Delivered-To: lager@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72B5F12D67D; Sun, 20 Mar 2016 14:06:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XlRlealE5V2w; Sun, 20 Mar 2016 14:06:16 -0700 (PDT)
Received: from jazz.viagenie.ca (jazz.viagenie.ca [IPv6:2620:0:230:8000::2]) by ietfa.amsl.com (Postfix) with ESMTP id B982612D52E; Sun, 20 Mar 2016 14:06:16 -0700 (PDT)
Received: from [192.168.1.111] (modemcable093.65-160-184.mc.videotron.ca [184.160.65.93]) by jazz.viagenie.ca (Postfix) with ESMTPSA id 29C5D476D6; Sun, 20 Mar 2016 17:06:16 -0400 (EDT)
From: Marc Blanchet <marc.blanchet@viagenie.ca>
To: Kim Davies <kim.davies@icann.org>
Date: Sun, 20 Mar 2016 17:06:15 -0400
Message-ID: <259A5E05-A478-4B16-9CEE-ABBF552A7B53@viagenie.ca>
In-Reply-To: <6B052A27-0C6C-4B2A-807D-41D7FDCFB537@icann.org>
References: <CALaySJJP0deDOxCs8YSPr72pfyRUsbZBVE9XO=_4d2AvEhVEtQ@mail.gmail.com> <6B052A27-0C6C-4B2A-807D-41D7FDCFB537@icann.org>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.4r5234)
Archived-At: <http://mailarchive.ietf.org/arch/msg/lager/1xhtsVL7od5TwjyqrxnSSUjRLlc>
Cc: "draft-ietf-lager-specification@ietf.org" <draft-ietf-lager-specification@ietf.org>, Barry Leiba <barryleiba@computer.org>, "lager@ietf.org" <lager@ietf.org>
Subject: Re: [Lager] AD review of draft-ietf-lager-specification-10
X-BeenThere: lager@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Label Generation Rules <lager.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lager>, <mailto:lager-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lager/>
List-Post: <mailto:lager@ietf.org>
List-Help: <mailto:lager-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lager>, <mailto:lager-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Mar 2016 21:06:18 -0000
On 20 Mar 2016, at 16:57, Kim Davies wrote: > Hi Barry, Hi all, > > On 3/13/16, 7:57 AM, "barryleiba@gmail.com on behalf of Barry Leiba" > <barryleiba@gmail.com on behalf of barryleiba@computer.org> wrote: > >> Hi, authors, shepherd, and working group. >> Here's my AD review of draft-ietf-lager-specification-10. > > Asmus and I have implemented this feedback into a revised -11 draft > that > is ready to post, except for one outstanding issue: > >> -- Section 12 -- >> >> If a system that is querying an identifier list (such as a domain >> zone) that uses the rules in this memo, and those rules are not >> implemented correctly, and that system is relying on the rules >> being >> applied, the system might fail if the rules are not applied in a >> predictable fashion. This could cause security problems for the >> querying system. >> >> First, I think you have an extra "that" after the parentheses. >> Second, can you be more specific than "This could cause security >> problems"? What sort of problems? How can they be mitigated? This >> needs to be something more than "bad implementations can result in >> bad >> things." > > I agree this paragraph essentially means bad implementations can > result in > bad things. I don't have a proposed approach on how to mitigate this > general > situation other than to follow the specification. Perhaps it makes the > most > sense simply to strike this entire paragraph unless anyone has > suggestions > on alternative wording. I would vote to just strike the paragraph, since reading it does not help me really. Marc. > > kim_______________________________________________ > Lager mailing list > Lager@ietf.org > https://www.ietf.org/mailman/listinfo/lager
- [Lager] AD review of draft-ietf-lager-specificati… Barry Leiba
- Re: [Lager] AD review of draft-ietf-lager-specifi… Marc Blanchet
- Re: [Lager] AD review of draft-ietf-lager-specifi… Asmus Freytag
- Re: [Lager] AD review of draft-ietf-lager-specifi… Martin J. Dürst
- [Lager] Fwd: AD review of draft-ietf-lager-specif… Asmus Freytag
- Re: [Lager] AD review of draft-ietf-lager-specifi… Barry Leiba
- Re: [Lager] AD review of draft-ietf-lager-specifi… Barry Leiba
- Re: [Lager] AD review of draft-ietf-lager-specifi… Asmus Freytag
- Re: [Lager] AD review of draft-ietf-lager-specifi… Kim Davies
- Re: [Lager] AD review of draft-ietf-lager-specifi… Marc Blanchet
- Re: [Lager] AD review of draft-ietf-lager-specifi… Alexey Melnikov