Re: [regext] Secdir telechat review of draft-ietf-regext-epp-fees-18
Roger D Carney <rcarney@godaddy.com> Tue, 01 October 2019 14:41 UTC
Return-Path: <rcarney@godaddy.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 849C0120809; Tue, 1 Oct 2019 07:41:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=secureservernet.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0u77lAjHnncH; Tue, 1 Oct 2019 07:41:48 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-eopbgr750135.outbound.protection.outlook.com [40.107.75.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A82E120803; Tue, 1 Oct 2019 07:41:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G0bwe5vfqu5wUo4gbAlrIJ8tYjqm4X7X+G2+eCFF0cMl/HYgdJiv+vIyOprRpHw/x8EcujmoK8tX33+/HbA+y9YxLWUWJH5kCgef3QfYDHO468uxDcoaF8o2b89z+HNbJa8BFbg0bTU+CKTHKGBKVdQW0aqvsPpHYOh+vR/EGI78/HLpK0hEg9mmPa3wI201BY10RWzrP5chxFNogXrOC6HHl3X6CikPb2MGGGprhoKJvk0lFkxHEqyk4aOwmY1o+VUFnnfXvkG2FXhFkNqCmcRGFdoOk6erMDEApLMBwwfmGcfDtUv4FmaST8tBUK/OnY5jkXEQvXSavoS7ZhCqew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kpeo83lFt4D5YR6AmBTNalhNNx+9Zm2KOhk+pn7Mov0=; b=bVtLd+nHIcY/vR6tkx2GzMJehECnaXeuWASLJSfKXUb30ERYSI0Fao1NBuXlYIprdfTfQ4bE7XBvMPd3qkzTbWSt0rieqWoteQYktQmlKBKy7e9cJunY0Z8ZjjMntGFUnriYbEJg+IJW+Zb75Jk9M68IifR5Fx9nldSEjBcaloOUv5yRQcVLDSVBE+va5RM51i0mD0z8anNKTSj0psD9YaWiSR8kQtuisrmX2SJc1JpPmYuBpAIU5XVRv14eOc9PQ1zCrcaWeWAKsaFJngcofuxMuFS91Zw0YIU45kqbylG3+YXXrS/c8tcPtAuJ8/f4CQBUryQuGFYyk+kbr5n8rQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=godaddy.com; dmarc=pass action=none header.from=godaddy.com; dkim=pass header.d=godaddy.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=secureservernet.onmicrosoft.com; s=selector2-secureservernet-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kpeo83lFt4D5YR6AmBTNalhNNx+9Zm2KOhk+pn7Mov0=; b=fLzW8Sn7WKPGYXiSecx9/PXp6B1jaS3D0ZGe3eXF/KCBeRH+p6csboFjyhu9LIgDNQJCmIb2mNHwlIw7KMXEXeDeucAfTirYjtHHCzNw/0XrA0TwhhTHXNw6qGTMKury4QtvYncqC6bniD+ck9s5aMFA22Yb49rXRIJ5vkcrRhs=
Received: from BL0PR02MB5491.namprd02.prod.outlook.com (20.177.207.214) by BL0PR02MB5684.namprd02.prod.outlook.com (20.177.241.95) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2305.18; Tue, 1 Oct 2019 14:41:44 +0000
Received: from BL0PR02MB5491.namprd02.prod.outlook.com ([fe80::614d:ec26:993a:6d44]) by BL0PR02MB5491.namprd02.prod.outlook.com ([fe80::614d:ec26:993a:6d44%6]) with mapi id 15.20.2305.017; Tue, 1 Oct 2019 14:41:44 +0000
From: Roger D Carney <rcarney@godaddy.com>
To: The IESG <iesg@ietf.org>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: Secdir telechat review of draft-ietf-regext-epp-fees-18
Thread-Index: AQHVbZeddHUlI7uosEyL/oi/Xx9KbKdEVNNQ
Date: Tue, 01 Oct 2019 14:41:44 +0000
Message-ID: <BL0PR02MB54910B480A8B4B53D008FB29B19D0@BL0PR02MB5491.namprd02.prod.outlook.com>
References: <156875259956.17440.16915883379549498946@ietfa.amsl.com>
In-Reply-To: <156875259956.17440.16915883379549498946@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rcarney@godaddy.com;
x-originating-ip: [173.18.40.219]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c3b9f6ee-0744-47ae-943f-08d7467d7b4a
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: BL0PR02MB5684:
x-microsoft-antispam-prvs: <BL0PR02MB56842F42E1574767EDC04200B19D0@BL0PR02MB5684.namprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0177904E6B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(366004)(376002)(136003)(346002)(39860400002)(396003)(189003)(199004)(13464003)(476003)(229853002)(3846002)(6436002)(790700001)(6116002)(256004)(316002)(450100002)(71200400001)(71190400001)(446003)(11346002)(6506007)(186003)(86362001)(53546011)(26005)(486006)(2906002)(14444005)(102836004)(66476007)(25786009)(66556008)(110136005)(7696005)(2501003)(99286004)(478600001)(74316002)(55016002)(7736002)(64756008)(236005)(6306002)(14454004)(6246003)(54896002)(9686003)(66946007)(33656002)(66446008)(8676002)(81156014)(81166006)(52536014)(5660300002)(8936002)(66066001)(76116006)(76176011); DIR:OUT; SFP:1102; SCL:1; SRVR:BL0PR02MB5684; H:BL0PR02MB5491.namprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: godaddy.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Mo6q+IM+WWqF3RhYrqovkKp/8ytdg5oWcOTY44mo+O+tsiieSRLVzO5XD429gQoVuuMB2w8O6KhLAgkxestG5r6BaGyfT1cu49ozoUU/q62+C3QlozZktDDJKzw1zQnRe3gytNYY2Nsg7DOr1L7wg3d4hID95Ws3anXKO662bJK5H7NDueFDiOvwpZc66Ca2Bsesv4asWHcFbNkHKv0DazwuFLKvjqPtq+Vqm8QGzWgqcfjkUyRc4NBj6y/FadCsdwce3Four9lATqW9f3RDxH44oK55xapraeS8omaOHCqUQDx4n7pCZlXTea6m4BnOQ3iEnnPRo0YLczBUzBggNJcERFq2Fu0xHYrgqXv98Ix580+jtyzQbLvvupHzXGlHCuSGw9Cv763OwsNp6AKZT9fi9SYiH+5ht8noLSUpWSQ=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BL0PR02MB54910B480A8B4B53D008FB29B19D0BL0PR02MB5491namp_"
MIME-Version: 1.0
X-OriginatorOrg: godaddy.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c3b9f6ee-0744-47ae-943f-08d7467d7b4a
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Oct 2019 14:41:44.8146 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d5f1622b-14a3-45a6-b069-003f8dc4851f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: bazDBQZdTjT7G51GwScJq43a9gNUbjKYvhehwqyH+BsPLJKQvrYX61rQZUxdFlPpPPEkw1tPUcnXC0B+xDDuSQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR02MB5684
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/vl50IEEt_qDcosRV-Kdun_GrVaU>
Subject: Re: [regext] Secdir telechat review of draft-ietf-regext-epp-fees-18
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Oct 2019 14:41:51 -0000
Good Morning, Thanks for your comments Yoav, please see my responses below, a new revision will be published shortly to address issues brought up in this latest round of comments. Thanks Roger -----Original Message----- From: Yoav Nir via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> Sent: Tuesday, September 17, 2019 3:37 PM To: secdir@ietf.org<mailto:secdir@ietf.org> Cc: ietf@ietf.org<mailto:ietf@ietf.org>; draft-ietf-regext-epp-fees.all@ietf.org<mailto:draft-ietf-regext-epp-fees.all@ietf.org>; regext@ietf.org<mailto:regext@ietf.org> Subject: Secdir telechat review of draft-ietf-regext-epp-fees-18 Notice: This email is from an external sender. Reviewer: Yoav Nir Review result: Has Nits The changes in revision -17 are fine. I would still like to have it stated that financial information is not at risk of leaking because the account information of a customer is only sent in communications with that customer. The Security Considerations section already says that encryption is used when transmitting financial information. That is necessary but not sufficient. You also need to state that such information is only sent to entities that should have access to that information. [RDC] Section 7 will be updated to add: “The server will only provide information, including financial information, that is relevant to the authenticated client.”
- [regext] Secdir telechat review of draft-ietf-reg… Yoav Nir via Datatracker
- Re: [regext] Secdir telechat review of draft-ietf… Roger D Carney