Re: [Last-Call] [secdir] Secdir last call review of draft-ietf-regext-rfc7483bis-04
"Salz, Rich" <rsalz@akamai.com> Mon, 01 February 2021 19:21 UTC
Return-Path: <rsalz@akamai.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85CEE3A13FB; Mon, 1 Feb 2021 11:21:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.349
X-Spam-Level:
X-Spam-Status: No, score=-2.349 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DPJOfO935wcf; Mon, 1 Feb 2021 11:21:58 -0800 (PST)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 357073A13FE; Mon, 1 Feb 2021 11:21:58 -0800 (PST)
Received: from pps.filterd (m0122330.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 111JK7Lv006063; Mon, 1 Feb 2021 19:21:57 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=VLAYVh2JG3ezx1zGNrIcOySfI0yuW0Ya0obg3XWJs1s=; b=ODilxyRzE0G3eVTWOWc5vx5JKBeBUM919VEWhPJBmdAmkpKwPh+lD5tLeA01UQGgMgyd kfCfwp0u1gHi/EXYeTp/IQh12zppPjO5nfGwR0vQfpsZTqbtx/CDYI3JGTHbbbR7vckS uMI67aPRulgx92r16RQeQ5qfq9A7wnLM0g3UbuMFyCJUd+6HK+SEbVHzTXQ2d4L49pjK tis8ZPcyVeTTuB9Rd60kJILffaDRWmhLYIRn6r52PP8d8IG//bwbs5EIEaa5BuOfRx11 W9nMh3x96Kmu++4FVW4/AE8kgj2gXpCLEMIwy0iAYratH1Wi/jzzhiDx0VmI3GAfUHku Mg==
Received: from prod-mail-ppoint7 (a72-247-45-33.deploy.static.akamaitechnologies.com [72.247.45.33] (may be forged)) by mx0b-00190b01.pphosted.com with ESMTP id 36d0k9p8u1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Feb 2021 19:21:57 +0000
Received: from pps.filterd (prod-mail-ppoint7.akamai.com [127.0.0.1]) by prod-mail-ppoint7.akamai.com (8.16.0.43/8.16.0.43) with SMTP id 111JKDwR022127; Mon, 1 Feb 2021 14:21:56 -0500
Received: from email.msg.corp.akamai.com ([172.27.165.117]) by prod-mail-ppoint7.akamai.com with ESMTP id 36d3p35gav-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 01 Feb 2021 14:21:56 -0500
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com (172.27.165.119) by ustx2ex-dag1mb1.msg.corp.akamai.com (172.27.165.119) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 1 Feb 2021 13:21:55 -0600
Received: from USTX2EX-DAG1MB1.msg.corp.akamai.com ([172.27.165.119]) by ustx2ex-dag1mb1.msg.corp.akamai.com ([172.27.165.119]) with mapi id 15.00.1497.010; Mon, 1 Feb 2021 13:21:55 -0600
From: "Salz, Rich" <rsalz@akamai.com>
To: "secdir@ietf.org" <secdir@ietf.org>
CC: "draft-ietf-regext-rfc7483bis.all@ietf.org" <draft-ietf-regext-rfc7483bis.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [secdir] Secdir last call review of draft-ietf-regext-rfc7483bis-04
Thread-Index: AQHW+M8p6wNHzSbT9kaieyflaaSaZKpDviOA
Date: Mon, 01 Feb 2021 19:21:55 +0000
Message-ID: <44F5BDA3-4488-4E76-84DE-87EBBFE4F0B0@akamai.com>
References: <161220714890.15602.5069607060927407996@ietfa.amsl.com>
In-Reply-To: <161220714890.15602.5069607060927407996@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.45.21011103
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.27.118.139]
Content-Type: text/plain; charset="utf-8"
Content-ID: <0083F4B1DC698541A70FA662ECE65268@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.737 definitions=2021-02-01_08:2021-01-29, 2021-02-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 suspectscore=0 mlxscore=0 spamscore=0 malwarescore=0 bulkscore=0 phishscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2102010098
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.737 definitions=2021-02-01_08:2021-01-29, 2021-02-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 phishscore=0 lowpriorityscore=0 priorityscore=1501 adultscore=0 clxscore=1011 spamscore=0 suspectscore=0 mlxlogscore=999 mlxscore=0 impostorscore=0 malwarescore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2102010101
X-Agari-Authentication-Results: mx.akamai.com; spf=${SPFResult} (sender IP is 72.247.45.33) smtp.mailfrom=rsalz@akamai.com smtp.helo=prod-mail-ppoint7
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/Rw5k3GGIAKAcut3RCkoK6ioGtWs>
Subject: Re: [Last-Call] [secdir] Secdir last call review of draft-ietf-regext-rfc7483bis-04
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2021 19:22:00 -0000
Browser crashed. Here's the real review. I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is ready with nits. I expected to see mention of HTTPS, as opposed to HTTP, in the protocol definition. At a minimum HTTPS MUST be used. In the security considerations. I wonder if using "451" status is worthwhile? I can accept either answer. As this is a protocol transliteration, the references to other RFC's and security considersations seem on-target. On 2/1/21, 2:19 PM, "Rich Salz via Datatracker" <noreply@ietf.org> wrote: Reviewer: Rich Salz Review result: Has Nits I reviewed this document for the security directorate, which tries to review all IETF drafts
- [Last-Call] Secdir last call review of draft-ietf… Rich Salz via Datatracker
- Re: [Last-Call] [secdir] Secdir last call review … Salz, Rich
- Re: [Last-Call] [secdir] Secdir last call review … Hollenbeck, Scott
- Re: [Last-Call] [secdir] Secdir last call review … Salz, Rich