[secdir] secdir review of draft-gould-rfc4310bis-05

Nicolas Williams <Nicolas.Williams@sun.com> Thu, 04 March 2010 20:49 UTC

Return-Path: <Nicolas.Williams@sun.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4D2603A8E4B for <secdir@core3.amsl.com>; Thu, 4 Mar 2010 12:49:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.046
X-Spam-Level:
X-Spam-Status: No, score=-6.046 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1VOhi9u2Ok4f for <secdir@core3.amsl.com>; Thu, 4 Mar 2010 12:49:18 -0800 (PST)
Received: from sca-ea-mail-3.sun.com (sca-ea-mail-3.Sun.COM [192.18.43.21]) by core3.amsl.com (Postfix) with ESMTP id A0A173A8C7E for <secdir@ietf.org>; Thu, 4 Mar 2010 12:49:18 -0800 (PST)
Received: from dm-central-02.central.sun.com ([129.147.62.5]) by sca-ea-mail-3.sun.com (8.13.6+Sun/8.12.9) with ESMTP id o24KnKST000097 for <secdir@ietf.org>; Thu, 4 Mar 2010 20:49:20 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by dm-central-02.central.sun.com (8.13.8+Sun/8.13.8/ENSMAIL, v2.2) with ESMTP id o24KnKLe002371 for <secdir@ietf.org>; Thu, 4 Mar 2010 13:49:20 -0700 (MST)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3) with ESMTP id o24Kfode015225; Thu, 4 Mar 2010 14:41:50 -0600 (CST)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3/Submit) id o24KfoYe015224; Thu, 4 Mar 2010 14:41:50 -0600 (CST)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to Nicolas.Williams@sun.com using -f
Date: Thu, 4 Mar 2010 14:41:50 -0600
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: secdir@ietf.org
Message-ID: <20100304204149.GV1072@Sun.COM>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.7i
Cc: shollenbeck@verisign.com, jgould@verisign.com
Subject: [secdir] secdir review of draft-gould-rfc4310bis-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Mar 2010 20:49:19 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors.  Document editors and WG chairs should treat these
comments just like any other last call comments.

This document presents no new security considerations over the RFC it
seeks to update.  For a provisioning protocol the primary security
considerations relate to authentication, which does not belong here, and
authorization, which does belong here.  The security considerations
section of this I-D appears to be complete.

Nico
--