[regext] Opsdir last call review of draft-ietf-regext-data-escrow-05

Susan Hares via Datatracker <noreply@ietf.org> Sat, 29 February 2020 12:52 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: regext@ietf.org
Delivered-To: regext@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B75B3A09EE; Sat, 29 Feb 2020 04:52:54 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Susan Hares via Datatracker <noreply@ietf.org>
To: <ops-dir@ietf.org>
Cc: last-call@ietf.org, regext@ietf.org, draft-ietf-regext-data-escrow.all@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.119.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <158298077431.4710.7567872252675716080@ietfa.amsl.com>
Reply-To: Susan Hares <shares@ndzh.com>
Date: Sat, 29 Feb 2020 04:52:54 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/jAUcNrfph5rJ_8JBJx34DuMwVjg>
Subject: [regext] Opsdir last call review of draft-ietf-regext-data-escrow-05
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Feb 2020 12:52:55 -0000

Reviewer: Susan Hares
Review result: Ready

Status:  Ready
comments:  Excellent write-up

Detailed Comment:  I have read and re-read this document to find an error in
the technical text.  Congratulations to the authors.  This is one of the few
documents I cannot find any improvement in the base text.

Did you check the text code snippet with a validator?  If not, it is normally
good form.

My operational comments on this document are "meta-comments" for the Operations
AD below

The security section starts out with the phrase:
 "This specification does not define the security mechanism to be used
in the transmission of the dat escrow deposits, since it only
specifies the  minimum necessary to enable the rebuidling of a
registry from the deposits wtihotu intervention from the original registry."

Given this focus, it is difficult to determine if the data deposited is really
the data that was on the original source.   The language among the
depositers is couched in "recommended" and "should".

As a META question, the IESG reviewers should ask is the the "best"
than can be done due to the on the legal constraints in the countries
that the data registries live in.  If so, it would be wise to provide
a second document that provides additional suggestions for
countries in which additional operational security can be mandated.