[Modern] Opsdir last call review of draft-ietf-modern-problem-framework-03

Linda Dunbar <ldunbar@huawei.com> Mon, 12 February 2018 21:48 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Linda Dunbar <ldunbar@huawei.com>
To: ops-dir@ietf.org
Cc: modern@ietf.org, draft-ietf-modern-problem-framework.all@ietf.org, ietf@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <151847211687.6022.3464641768771654781@ietfa.amsl.com>
Date: Mon, 12 Feb 2018 13:48:36 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/modern/1Yi7KyPCuDC-edNOUVZH3UeZtiA>
Subject: [Modern] Opsdir last call review of draft-ietf-modern-problem-framework-03

Reviewer: Linda Dunbar
Review result: Has Issues

The draft brought up a very interesting aspect of Telephone Numbers (TNs),
especially the mobile phone number which is widely used for getting "secure
code" for secure access to very sensitive content, such as bank account.

However, the draft only describes how today's TNs are acquired and managed
(e.g. the Use cases in Section 4). Two issues with the draft: 1) The draft
didn't have the content to describe what is the problems with the current
practices. (I was expecting to read the "problems" when I started to read the
draft) 2) The draft didn't describe the problems of using mobile phone number
for authenticating the access to sensitive data content.

Linda dunbar

[Modern] Opsdir last call review of draft-ietf-mo… Linda Dunbar
Re: [Modern] Opsdir last call review of draft-iet… Gorman, Pierce A [CTO]