[secdir] secdir re-review of draft-ietf-abfab-arch-12

Tom Yu <tlyu@MIT.EDU> Tue, 25 March 2014 22:21 UTC

Return-Path: <tlyu@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 1A4DD1A0242; Tue, 25 Mar 2014 15:21:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.611
X-Spam-Status: No, score=-2.611 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id XgdgC7Ida9dz; Tue, 25 Mar 2014 15:21:21 -0700 (PDT)
Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu []) by ietfa.amsl.com (Postfix) with ESMTP id 9EA4A1A0168; Tue, 25 Mar 2014 15:21:20 -0700 (PDT)
X-AuditID: 1209190e-f79ee6d000000c40-7f-5332015f297e
Received: from mailhub-auth-1.mit.edu ( []) (using TLS with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id EC.A7.03136.F5102335; Tue, 25 Mar 2014 18:21:19 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu []) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id s2PMLHm9021716; Tue, 25 Mar 2014 18:21:18 -0400
Received: from cathode-dark-space.mit.edu (cathode-dark-space.mit.edu []) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id s2PMLE8E002246 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 25 Mar 2014 18:21:15 -0400
Received: (from tlyu@localhost) by cathode-dark-space.mit.edu ( id s2PMLDEC017657; Tue, 25 Mar 2014 18:21:13 -0400 (EDT)
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-abfab-arch.all@tools.ietf.org
From: Tom Yu <tlyu@MIT.EDU>
Date: Tue, 25 Mar 2014 18:21:13 -0400
Message-ID: <ldvsiq5apie.fsf@cathode-dark-space.mit.edu>
Lines: 22
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrLIsWRmVeSWpSXmKPExsUixCmqrBvPaBRscHEJl8XaNadYLGb8mchs 8WHhQxYHZo8lS34yeXy5/JktgCmKyyYlNSezLLVI3y6BK+P34YKCoxwVj95fZG1g/M7WxcjJ ISFgInFo0TZmCFtM4sK99UBxLg4hgdlMEtc6PzFBOBsZJVqWH2OEcM4xSUw+uxEq08Uo0f9g I1i/iICPxMZJc5lAbGEBU4nnz6YDxTk42ASkJY4uLgMJswioSrx6d4cdxOYVsJB4ueEYWDmP AKdE7+GprBBxQYmTM5+wgNjMAloSN/69ZJrAyDcLSWoWktQCRqZVjLIpuVW6uYmZOcWpybrF yYl5ealFusZ6uZkleqkppZsYwaEmybeD8etBpUOMAhyMSjy8EyYYBguxJpYVV+YeYpTkYFIS 5f33ByjEl5SfUpmRWJwRX1Sak1p8iFGCg1lJhPfDPaAcb0piZVVqUT5MSpqDRUmcV55DO1hI ID2xJDU7NbUgtQgmK8PBoSTBu5TBKFhIsCg1PbUiLTOnBCHNxMEJMpwHaDgLSA1vcUFibnFm OkT+FKOilDivKUhCACSRUZoH1wtLBa8YxYFeEebtBaniAaYRuO5XQIOZgAaHN+mBDC5JREhJ NTAuT08p0BabvWy7aG9DSWHGY/7VgpwJlie/7r4UdlLw9sLPC1NSuE8/W3Q0VHfyhAb9/1+r 3P2kJ+x40CXfcvOD+kHHxV3bbP53vdWxfXtdqu5ZkqtAaLt+T5eizcJq48aPxdsmCG2dtmnG RaWDD1IlU/dGfBFVa3tZFPPO5q+D/K7Qr517msuVWIozEg21mIuKEwFTYjEt4AIAAA==
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/7VVJrBgSv2isNJRYi1CyovTnMko
Subject: [secdir] secdir re-review of draft-ietf-abfab-arch-12
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Mar 2014 22:21:23 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

Summary: ready with nits

The Security Considerations (section 5) no longer has the placeholder
text from the -10 version.  The text describing the detailed security
properties of the various communication channels appears to be gone,
possibly replaced by summaries in section 4.  Other items listed in
the "to be addressed" paragraph from -10 appear to have been covered
by new text.

I'm not sure whether the removed text describing the security
properties of the communication channels was completely redundant with
text in section 4, but some of it seems close, so the current state
might be good enough.  What is the authors' belief about that?

There appears to be a author's query labeled [CREF1]; has that
question been resolved?