[secdir] Secdir review of draft-schaad-curdle-oid-registry-02
Tero Kivinen <kivinen@iki.fi> Tue, 17 October 2017 12:52 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 256B4134184; Tue, 17 Oct 2017 05:52:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.778
X-Spam-Level:
X-Spam-Status: No, score=0.778 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bP2OPP5D_7E9; Tue, 17 Oct 2017 05:52:46 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [212.16.101.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C881132FB1; Tue, 17 Oct 2017 05:52:46 -0700 (PDT)
Received: from fireball.acr.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id v9HCqfND022444 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 17 Oct 2017 15:52:41 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id v9HCqeRo015726; Tue, 17 Oct 2017 15:52:40 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <23013.64792.817951.742437@fireball.acr.fi>
Date: Tue, 17 Oct 2017 15:52:40 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: iesg@ietf.org, secdir@ietf.org, draft-schaad-curdle-oid-registry.all@tools.ietf.org
X-Edit-Time: 8 min
X-Total-Time: 8 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/3baOYURfRwYIPSlt6eK51irz2gg>
Subject: [secdir] Secdir review of draft-schaad-curdle-oid-registry-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Oct 2017 12:52:48 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document is Ready with Nits. This document creates and IANA registry and fills it with initial values. The numbers are inside the donated set of OIDs (donated from Symantec Website Security) that was donated to the curdle WG earlier. The security considerations section that as this just creates an IANA registry it does not raise any new security considerations (altoigh somepeople claim anything related to ASN.1 is security issue, I do agree with the statement in the draft). The only nit I have is that the document creates a called "SMI Security for Cryptographic Algorithms", and I have no idea what SMI means. I.e., it would be better if the name of the registry actually told people what is expected to be inside this registry... Perhaps "Short OIDs for Cryptographic Algorithms for different IETF protocol" or similar. -- kivinen@iki.fi
- [secdir] Secdir review of draft-schaad-curdle-oid… Tero Kivinen
- Re: [secdir] Secdir review of draft-schaad-curdle… Russ Housley