Re: [Rfced-future] Secdir last call review of draft-iab-rfcefdp-rfced-model-11
Peter Saint-Andre <stpeter@stpeter.im> Thu, 24 February 2022 00:14 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: rfced-future@ietfa.amsl.com
Delivered-To: rfced-future@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DAB53A11E5; Wed, 23 Feb 2022 16:14:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.811
X-Spam-Level:
X-Spam-Status: No, score=-2.811 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.714, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=stpeter.im header.b=pdU375zW; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=mNDGRRxh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7kZb8VmifR-C; Wed, 23 Feb 2022 16:14:32 -0800 (PST)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 554C23A11D5; Wed, 23 Feb 2022 16:14:32 -0800 (PST)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 586CC5C021C; Wed, 23 Feb 2022 19:14:31 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Wed, 23 Feb 2022 19:14:31 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stpeter.im; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm2; bh=axL3npaUpa2ew1 d65JkPbmS4FECyl8tjrh4RZUeezk0=; b=pdU375zWFMfF9E6D7HYn9Bwd3mdUTq y4d8QekNYx7W3adSiMBJlw5AgMKmTgIevuL68EdHFzHjDja2rC4kDEWKL+bweOyR ZnKrOeMLkyGFx3BXy4bMFbWbIFNOEJAAUApNIggIfEwY0zPPGPob8txg0km+Ocgw qzB4GoaczbtoFuJgQZ8CxQIP+VIbgTsuP4oB1I/UGKsiajo9I0ABLRo0sa2fhJjB as0WVkUS7KaWU6tsJlMQqrrTxVMOYkPXRlxC9z6zYLsXKoYdT/KCIkdcbrK0ViWL C6JYNtfhaccp1IC9d7NCwE91sxE1oYdbOfvssvuvlJ3Ill/1YmE/Qx5Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=axL3npaUpa2ew1d65JkPbmS4FECyl8tjrh4RZUeez k0=; b=mNDGRRxhYQusP5r5AXqhRHom3O61OrgvDY5EY9W91g/023T8Dwnz9r+I9 uSGIrLGhWtoedG+xpq9oJoJV91qDOqvSdGnIB64+dJJ4qtEn9lpFxbHqWHly1r7S 74bi+CiwWxi/P7M9NQ6GtH3P1VP6dBeYoZIC2AnHU8OjDsLvvz66a0HoMa6bAl3e 8/A1kYenC+iU88A02syL1b+QeobRNwAKsgX1ZqlYHHkvsNJd2W34f0vgsjZt4qck 0tB+JL+tYdW00ZiVfhgOKeivMxNpdc22X7L7MqJyPHrl9gui88vmBk1LkrEWduF4 fZ5CdUkaHK5NDj4C195mR0S2Af4ug==
X-ME-Sender: <xms:580WYlpGbNXVsQqMeuStnsuD2mU1lEYoQVmW7z89zIXDG8avA7J5JA> <xme:580WYnrsPFVLHGpB_H2QeGsG-53m_NXu64bDF5euBQEIS9Udhx9QHd61h8Nsp3ZWh eHuTEOl5iXaitYIMw>
X-ME-Received: <xmr:580WYiOkPsupYswjDuncobdYmJXMArTOtEs51J-K4-I7BT0SzWB2iNtW7f19vTvhYO_3RO8AVfK3-5EbTzpclk1kOfRPvMGRWL7XMyk>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddrledugddulecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefkffggfgfvfhfhufgjtgfgsehtjeertddtfeejnecuhfhrohhmpefrvghtvghr ucfurghinhhtqdetnhgurhgvuceoshhtphgvthgvrhesshhtphgvthgvrhdrihhmqeenuc ggtffrrghtthgvrhhnpefgleekveevlefgheejuefhheeuhfekfedtfffggefhgeetvdeg iefgvdekledtgfenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh hrohhmpehsthhpvghtvghrsehsthhpvghtvghrrdhimh
X-ME-Proxy: <xmx:580WYg7BSsD5M6rhTaFCvOzuaw9bAmSTUMDQMgX8mUX-XnOWmk9wxA> <xmx:580WYk6LcmIljVAafzx5xxR7mjixOfxoL9a4y7-34i5vsihVIWI2pA> <xmx:580WYogAvGSOGsWK2OD7XZ3TFq_2Z2rOzRgaJg9XsvcHSFwd3YhTeA> <xmx:580WYuTE0c_Yo_N0TRJrNNQxRZceGb1ESbKfQ8gI5FQ1eV9GzP7eFA>
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 23 Feb 2022 19:14:30 -0500 (EST)
Message-ID: <ab3121a4-e2a0-d0d7-644d-673ae6cb0e40@stpeter.im>
Date: Wed, 23 Feb 2022 17:14:25 -0700
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.6.1
Content-Language: en-US
To: Russ Mundy <mundy@tislabs.com>
Cc: draft-iab-rfcefdp-rfced-model.all@ietf.org, iab@iab.org, last-call@ietf.org, "rfced-future@iab.org" <rfced-future@iab.org>, "secdir@ietf.org" <secdir@ietf.org>
References: <164565670705.28507.12262976632263611001@ietfa.amsl.com>
From: Peter Saint-Andre <stpeter@stpeter.im>
In-Reply-To: <164565670705.28507.12262976632263611001@ietfa.amsl.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/rfced-future/AByA62ggrIVMnu-RxZvd3htNNQo>
Subject: Re: [Rfced-future] Secdir last call review of draft-iab-rfcefdp-rfced-model-11
X-BeenThere: rfced-future@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: RFC Editor Future Development Program <rfced-future.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/rfced-future>, <mailto:rfced-future-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rfced-future/>
List-Post: <mailto:rfced-future@iab.org>
List-Help: <mailto:rfced-future-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/rfced-future>, <mailto:rfced-future-request@iab.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Feb 2022 00:14:38 -0000
Hi Russ, thanks for your review. Comments inline. On 2/23/22 3:51 PM, Russ Mundy via Datatracker wrote: > Reviewer: Russ Mundy > Review result: Ready > > Reviewer: Russ Mundy > Review result: Ready with nits > > I have (re)reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the IESG. > These comments were written primarily for the benefit of the security area > directors. Document editors and WG chairs should treat these comments just > like any other last call comments. > > The summary of the review is: Ready with nits > > The document is well written, understandable and provides sound definition of a > new version of the RFC Editor Model. > > The only nits that I identified in the document are in the Security > Considerations section where the wording infers that "the RFC Editor" is a > single entity (or person). I recognize that the wording in the section came > mostly from earlier RFC Editor Model versions but since this Model Version > clearly states that the activities are performed by a collection of multiple > entities, the wording of section 10 seems inconsistent with other parts of the > document. Good catch. We copied the Security Considerations from RFC 6635/8728 and didn't properly update it to reflect version 3 of the model. > Without trying to make this section unduly long or complex, I suggest making > something like the following changes to section 10: > > First paragraph, third sentence current wording: > > "Since the RFC Editor maintains the index of publications, sufficient security > must be in place to ...." > > Suggest changing to: > > "Since multiple entities described in this document participate in maintenance > of the index of publications, sufficient security must be in place and followed > by each entity to ..." Something like that would make sense, although we might want to mention the RFC Production Center because Section 4.3 specifies that they have responsibility for publication, archiving, etc. > Second paragraph current wording: > > "The IETF LLC should take ..." > > Suggest changing to: > > "The IETF LLC or any other contracting activity(s), e.g., subcontracts, should > take ..." That seems reasonable. > Again, thanks for the excellent quality draft - hopefully, the suggested > changes make section 10 clearer. They do, thanks! Peter
- Re: [Rfced-future] Secdir last call review of dra… Peter Saint-Andre