Re: [Roll] WG Last Call draft-ietf-roll-trickle-mcast-02

[Thomas Heide Clausen <thomas@thomasclausen.org>]

Dear JP, Michael, All,

I have only just flipped through this latest version of this I-D; a more detailed review will follow.

However, I already have one major comment.....

I wonder why a WGLC is issued for a protocol specification, wherein the "Security Considerations" section is entirely empty? (Well, fair be fair, it does explicitly say "TODO"...)

Knowing the IESG and the SEC ADs, they tend to (rightfully) not be lenient on such matters, and I think that it behoves the WG to be very attentive to security also.

In my opinion, it is not prudent for the WG to consider a protocol specification as "mature enough to take forward" until such time that also the security implications and considerations are carefully addressed.

As it is, they are not - and, for that reason alone I'd like to go on record with strong opposition to progressing this document.

Note, I have not reviewed the document in detail - that will come. However lack of _any_ security considerations whatsoever is, alone, a showstopper. 

Best,

Thomas

ps: FWIW, the 2119-boilerplate used doesn't capture the errata.

Sent from my iPad

On 25 oct. 2012, at 08:55, "JP Vasseur (jvasseur)" <jvasseur@cisco.com> wrote:

> Dear all,
> 
> draft-ietf-roll-trickle-mcast-02  has been discussed on the mailing list and during WG meeting a number of time; the document is stable and 
> has been implemented. Thus this starts a 2-week WG Last call ending on Nov 9 at noon ET. Please send your comments to the authors 
> and copy the mailing list and the co-chairs.
> 
> Thanks.
> 
> JP.
> 
> _______________________________________________
> Roll mailing list
> Roll@ietf.org
> https://www.ietf.org/mailman/listinfo/roll