Re: [regext] [Int-dir] Intdir telechat review of draft-ietf-regext-data-escrow-05

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Fri, 20 March 2020 11:10 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 820893A0845; Fri, 20 Mar 2020 04:10:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=gOzljdZ0; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=uqHBp7KG
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V1yhvxSU1MUl; Fri, 20 Mar 2020 04:10:49 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFCA13A083F; Fri, 20 Mar 2020 04:10:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4862; q=dns/txt; s=iport; t=1584702648; x=1585912248; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=GNe8BzM77aaKv4UZU6x/C/wc6ED84MMj0v4F/w0Pvos=; b=gOzljdZ0ctwWqdz/QdcpIZdI8h6nF9grdB7FKWQRGjZWSR6Ef3hptDIv tORvgLYs44Ui/ZAxl/1UBFHrlusuq/DtTJEdqQGOAinBPiN7d9+u5DMPb kQFcGDIrCvz2mwvsfUIA+AtZEUjP76mUdRKBuepgaBn2vAJnoWlUVsnae k=;
IronPort-PHdr: =?us-ascii?q?9a23=3ARo8DZx/Cdi00Ev9uRHGN82YQeigqvan1NQcJ65?= =?us-ascii?q?0hzqhDabmn44+8ZB7E/fs4iljPUM2b8P9Ch+fM+4HYEW0bqdfk0jgZdYBUER?= =?us-ascii?q?oMiMEYhQslVcObGEvwL/PCZC0hF8MEX1hgrDm2?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CxAAA1pHRe/4ENJK1dCRoBAQEBAQE?= =?us-ascii?q?BAQEDAQEBAREBAQECAgEBAQGBe4FUJCwFbFggBAsqhBiDRQOKcIJfmByCUgN?= =?us-ascii?q?UCQEBAQwBARgLCgIEAQGERAIXgg0kOBMCAwEBCwEBBQEBAQIBBQRthVYMhWM?= =?us-ascii?q?BAQEBAwEBEBERDAEBLAsBCwQCAQgOAwMBAgMCJgICAiULFAEICAIEAQkEBQk?= =?us-ascii?q?ZgwQBgksDLgEOogsCgTmIYnWBMoJ/AQEFhQkYggwJgQ4qixCBHxqBQT+BESc?= =?us-ascii?q?ggk0+glkLAQEBgTgsgxEygiyNWAgKgwmfWAqCPJJGhDgdm1WPCoZ8lGoCBAI?= =?us-ascii?q?EBQIOAQEFgWkigVhwFTsqAYJBCUcYDY4dg3OFFIVBdAKBJ4soLYIUAQE?=
X-IronPort-AV: E=Sophos;i="5.72,284,1580774400"; d="scan'208";a="741029371"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 20 Mar 2020 11:10:46 +0000
Received: from XCH-ALN-005.cisco.com (xch-aln-005.cisco.com [173.36.7.15]) by alln-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 02KBAkRa005508 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 20 Mar 2020 11:10:46 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-005.cisco.com (173.36.7.15) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 20 Mar 2020 06:10:46 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 20 Mar 2020 06:10:45 -0500
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 20 Mar 2020 07:10:45 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; =?utf-8?q?b=3DBz01KJGRDGuIMaxJlhNx2CGE781A5MRvGW10Mttd2k+xyvG/RgYQtysrSNaPl?= =?utf-8?q?GRwDEy0d6caAxgGOfmlRRVmsY4zkCUWZzVjrzWbYv7RY0XjN2YdUiUPMjaTlQ2ctX?= =?utf-8?q?yeqSUBK//hzK9sBxu4g92fmpgBpGcuapfSJFY5ctnD+EjhqEE8iDRs5zdo5KPU4Ic?= =?utf-8?q?YjoaA4VCuWIpXmeU/goEiqRBB5RuTuHbc/GLcyzte/Gz66sFl/PdDRC0vqMKUEZXW?= =?utf-8?q?Q+6Bgz3l8oky2q80BCSitrbpzJ7VExf+4yLKOwrmfSGE1Y+2JVh0D6GrcL87KyLfa?= =?utf-8?q?Io/MrLID8ugB+Lobw9l3Q=3D=3D?=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; =?utf-8?q?h=3DFrom=3ADate=3ASubject=3AMessage-ID=3ACont?= =?utf-8?q?ent-Type=3AMIME-Version=3AX-MS-Exchange-SenderADCheck=3B?= =?utf-8?q?bh=3DGNe8BzM77aaKv4UZU6x/C/wc6ED84MMj0v4F/w0Pvos=3D=3B_b=3DW1QX/7?= =?utf-8?q?z7nqxBV2HmO176z7YlfCo6pXw4NyPjKf3EvU/8WqIj0UfeXTMrliJAhC/keN46x2U?= =?utf-8?q?wMmitU9B+V5X9vgGjo7O4OjbANExt5KOwjMFibsm+Ce6NdC39lcXXGKAAiJD46zWs?= =?utf-8?q?mwsvb6+T445aDpHrAxfPNkrQHrfHXg17c0HaoopQvGFq6NGStbz+vgawRkFhLuvk4?= =?utf-8?q?rbyxgdMuIYNhekBTcZtyepsovpbxoxWT3VeDPflcZqWpcf69yRM3B6dACT9e8kE4P?= =?utf-8?q?rdRMLcTB6hDRKglfXuIHFfaqfzSpMZyKLZCoZEqt1QDFM5AlhS5xFoa/JnayI/lCp?= =?utf-8?q?4pbUk20Oeow=3D=3D?=
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; =?utf-8?q?h=3DFrom=3ADate=3ASubject=3AM?= =?utf-8?q?essage-ID=3AContent-Type=3AMIME-Version=3AX-MS-Exchange-SenderADC?= =?utf-8?q?heck=3B_bh=3DGNe8BzM77aaKv4UZU6x/C/wc6ED84MMj0v4F/w0Pvos=3D=3B_b?= =?utf-8?q?=3DuqHBp7KGN3mkcAgSaO8/vvvkpi9sqxnH/hWGZPLpX2oGgt9QsiGoiKsoqaAvWB?= =?utf-8?q?ifWPbWjNSQu0GV4J4iOBycgAa5vgYaZ1O23ZjRuSkCY3LPshnZcywjAOYASYRsCr2?= =?utf-8?q?uPN1F6z9/8n87KozKMILxndqVDfbkXLUmbuIKDACtM90=3D?=
Received: from DM5PR11MB1753.namprd11.prod.outlook.com (2603:10b6:3:10d::13) by DM5PR11MB1994.namprd11.prod.outlook.com (2603:10b6:3:e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2814.22; Fri, 20 Mar 2020 11:10:44 +0000
Received: from DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::680d:e22e:72d5:67ca]) by DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::680d:e22e:72d5:67ca%3]) with mapi id 15.20.2814.025; Fri, 20 Mar 2020 11:10:44 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Carlos Bernardos <cjbc@it.uc3m.es>, "int-dir@ietf.org" <int-dir@ietf.org>
CC: "last-call@ietf.org" <last-call@ietf.org>, "draft-ietf-regext-data-escrow.all@ietf.org" <draft-ietf-regext-data-escrow.all@ietf.org>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [Int-dir] Intdir telechat review of draft-ietf-regext-data-escrow-05
Thread-Index: AQHV/JFgsW8QlqzYnk22zfJQ/G048qhRaAWA
Date: Fri, 20 Mar 2020 11:10:44 +0000
Message-ID: <3435C261-99FD-4A78-ABE6-6321A1421557@cisco.com>
References: <158447292431.32022.16831304843056833158@ietfa.amsl.com>
In-Reply-To: <158447292431.32022.16831304843056833158@ietfa.amsl.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.35.20030802
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com;
x-originating-ip: [2001:420:c0c1:36:6d6a:63f0:b113:dc19]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8a508065-fb06-40c2-b5cc-08d7ccbf559f
x-ms-traffictypediagnostic: DM5PR11MB1994:
x-microsoft-antispam-prvs: =?utf-8?q?=3CDM5PR11MB19947D6933D0ECBD9932CBBCA9F?= =?utf-8?q?50=40DM5PR11MB1994=2Enamprd11=2Eprod=2Eoutlook=2Ecom=3E?=
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 03484C0ABF
x-forefront-antispam-report: SFV:NSPM; =?utf-8?q?SFS=3A=2810009020=29=284636?= =?utf-8?b?MDA5KSgzOTYwMDMpKDM3NjAwMikoMzQ2MDAyKSgzNjYwMDQpKDEzNjAwMykoMzk4?= =?utf-8?q?60400002=29=28199004=29=2876116006=29=2886362001=29=28110136005?= =?utf-8?b?KSg2NTA2MDA3KSg2NjU3NDAxMikoODExNTYwMTQpKDQzMjYwMDgpKDgxMTY2?= =?utf-8?b?MDA2KSg1MzU0NjAxMSkoMzE2MDAyKSg1NDkwNjAwMykoODY3NjAwMikoNTY2?= =?utf-8?q?0300002=29=28966005=29=2866556008=29=2864756008=29=282616005=29?= =?utf-8?q?=2866946007=29=2866476007=29=288936002=29=2836756003=29=286486002?= =?utf-8?b?KSg0Nzg2MDAwMDEpKDkxOTU2MDE3KSgzMzY1NjAwMikoNjY0NDYwMDgpKDI5?= =?utf-8?q?06002=29=28186003=29=286512007=29=2871200400001=29=3B?= DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR11MB1994; H:DM5PR11MB1753.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: =?utf-8?q?RTSjCmNJgSHZYsfA5jVYWUe7Tu/d12G?= =?utf-8?q?lW+YOTCHUhx5U7GtyoSWogkvut2brFFfTcm+Tq4M5LzY9299eQrPhvKZXjIvkrVo/?= =?utf-8?q?Z79JEigvU+L/QpYrEOVHKlwhDSsfmGzreqCzD17F/kMd8Lps48Rx/xOVGsYXIX5/a?= =?utf-8?q?YVB0xoFcGsd9cbHFG6wrf92PxPWSyocunUWJjt4/ba86xD3eeomrbddEBH9YC/aZ1?= =?utf-8?q?lVrxE5kBBbSb6vnHWyVZfDBzqnaQZJc3TqIe94oIz/7o2hrHsmKA62UrZYDp1ric7?= =?utf-8?q?i/VhJoxDR/Q8A66UYJ+vo5yY+XCVl2j5jp/3eO2Ld1KKGLkBjMdW6HmT6PC0F+hAl?= =?utf-8?q?orPFvape0fNZ96CnQupz9JJ++3iFGYvJa9/8QPSIYpNI+uTmYGuMpFVG209Y9slTm?= =?utf-8?q?+LRTua8k2j03IyCedLtvGMLcchN6Od1pD2i1hngeExVfFlFKay8+j/KzGPE8UuHTR?= =?utf-8?q?jBtVd+71Cd1fAbhVCGCqnxjOaaiV9y5vPR3IaRbUbYI9uxjA=3D=3D?=
x-ms-exchange-antispam-messagedata: =?utf-8?q?RnOJdVbEYlu/K1ieDMnu/nCqrq41n0?= =?utf-8?q?jqLnC5DDr686sFvXqxeRsvcJszQ+HTVSrROWRTbvbvZknlAOUJSXriUFQRa2pnoop?= =?utf-8?q?hGGxFN8pO9DW7Al/zsSry/c1XfwvgMTbqPsoIzNsggmx+8mmLSRc+1+rQV134biiE?= =?utf-8?q?6bd+CwMGEjA5q0QQyPMvfTynryfbFzd+7LK6oDzE1kfdiEg3uooeaA=3D=3D?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <472F45FC4CB35444BD3AD01439ABA399@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 8a508065-fb06-40c2-b5cc-08d7ccbf559f
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Mar 2020 11:10:44.1795 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: =?utf-8?q?Te59chcsiYAD1tXaJVaYP?= =?utf-8?q?uC5q5/3qCUlHy/jqgtp7F4jeWHgC5An4HGaZ5GtNPLTl5g29VITeAOXELuE9Edzpg?= =?utf-8?q?=3D=3D?=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1994
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.15, xch-aln-005.cisco.com
X-Outbound-Node: alln-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/YvdYvGi1q4YgWS8nAzHK5dmn84s>
Subject: Re: [regext] [Int-dir] Intdir telechat review of draft-ietf-regext-data-escrow-05
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Mar 2020 11:10:54 -0000

Thank you Carlos

I will use your review when balloting on this document.

Regards

-éric

-----Original Message-----
From: Int-dir <int-dir-bounces@ietf.org> on behalf of Carlos Bernardos via Datatracker <noreply@ietf.org>
Reply-To: Carlos Bernardos <cjbc@it.uc3m.es>
Date: Tuesday, 17 March 2020 at 20:22
To: "int-dir@ietf.org" <int-dir@ietf.org>
Cc: "last-call@ietf.org" <last-call@ietf.org>rg>, "draft-ietf-regext-data-escrow.all@ietf.org" <draft-ietf-regext-data-escrow.all@ietf.org>rg>, "regext@ietf.org" <regext@ietf.org>
Subject: [Int-dir] Intdir telechat review of draft-ietf-regext-data-escrow-05

    Reviewer: Carlos Bernardos
    Review result: Ready with Nits
    
    Reviewer: Carlos J. Bernardos
    Review result: Ready with nits
    
    I am an assigned INT directorate reviewer for draft-ietf-regext-data-escrow 
    These comments were written primarily for the benefit of the Internet Area
    Directors. Document editors and shepherd(s) should treat these comments just
    like they would treat comments from any other IETF contributors and resolve
    them along with any other Last Call comments that have been received. For more
    details on the INT Directorate, see http://www.ietf.org/iesg/directorate.html.
    
    I hope these comments are clear and useful.
    
    >From an INT directorate point of view the document is ready, as it does not
    deal with the mechanisms used to actually transfer the data escrow deposits. I
    have some comments regarding the security and privacy sections. - In section 10
    (Security considerations):
    
    "Depending on local policies, some elements or, most likely, the whole deposit
    will be considered confidential. As such, the registry transmitting the data to
    the escrow agent should take all the necessary precautions such as encrypting
    the data itself and/or the transport channel to avoid inadvertent disclosure of
    private data."
    
    I'd assume the should in "escrow agent should take" should be UPPER case, right?
    
    "Authentication of the parties passing data escrow deposit files is also of the
    utmost importance. The escrow agent SHOULD properly authenticate the identity
    of the registry before accepting data escrow deposits. In a similar manner, the
    registry SHOULD authenticate the identity of the escrow agent before submitting
    any data.
    
    Additionally, the registry and the escrow agent SHOULD use integrity checking
    mechanisms to ensure the data transmitted is what the source intended.
    Validation of the contents by the escrow agent is RECOMMENDED to ensure not
    only that the file was transmitted correctly from the registry, but also that
    the contents are "meaningful"."
    
    In general, I wonder why not all the SHOULDs in this section are not MUST. But
    this should be probably better assessed by the SECDIR.
    
    - In section 11 (Privacy considerations):
    
    "This specification defines a format that may be used to escrow personal data.
    The process of data escrow is governed by a legal document agreed by the
    parties, and such legal document must regulate the particularities regarding
    the protection of personal data."
    
    I'd assume the must should be in UPPER case, no?
    
    Thanks,
    
    Carlos
    
    
    _______________________________________________
    Int-dir mailing list
    Int-dir@ietf.org
    https://www.ietf.org/mailman/listinfo/int-dir