[secdir] secdir review of draft-ietf-mile-template-04

Samuel Weiler <weiler+secdir@watson.org> Fri, 18 May 2012 14:01 UTC

Return-Path: <weiler+secdir@watson.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F03C21F8650; Fri, 18 May 2012 07:01:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hQ-+8YyaICmb; Fri, 18 May 2012 07:01:05 -0700 (PDT)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by ietfa.amsl.com (Postfix) with ESMTP id E939521F864E; Fri, 18 May 2012 07:01:04 -0700 (PDT)
Received: from fledge.watson.org (localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.14.4/8.14.4) with ESMTP id q4IE13QC013878; Fri, 18 May 2012 10:01:03 -0400 (EDT) (envelope-from weiler+secdir@watson.org)
Received: from localhost (weiler@localhost) by fledge.watson.org (8.14.4/8.14.4/Submit) with ESMTP id q4IE130H013873; Fri, 18 May 2012 10:01:03 -0400 (EDT) (envelope-from weiler+secdir@watson.org)
X-Authentication-Warning: fledge.watson.org: weiler owned process doing -bs
Date: Fri, 18 May 2012 10:01:03 -0400 (EDT)
From: Samuel Weiler <weiler+secdir@watson.org>
X-X-Sender: weiler@fledge.watson.org
To: draft-ietf-mile-template.all@tools.ietf.org, secdir@ietf.org, iesg@ietf.org
Message-ID: <alpine.BSF.2.00.1205180950280.66835@fledge.watson.org>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (fledge.watson.org [127.0.0.1]); Fri, 18 May 2012 10:01:03 -0400 (EDT)
Subject: [secdir] secdir review of draft-ietf-mile-template-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 May 2012 14:01:05 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors. Document editors and WG chairs should treat 
these comments just like any other last call comments.

This doc provides a template for other i-d's describing IODEF 
extensions.  The template reminds authors that they need a security 
considerations section and cites 3552.  The surrounding document has 
no security considerations of note.  I'm fine with the doc moving 
forward as-is.

Minor:

The doc title and abstract use "IODEF" without expansion, but I think 
it's an uncommon enough term that expansion is needed.

This doc's security considerations section says: "This document 
defines a template for extensions to IODEF; the security 
considerations for IODEF [RFC5070] apply."  I might instead say "This 
document raises no security issues.  Extensions defined using the 
template in Appendix A need to provide an analysis of security issues 
they may raise.  See A.5 for more details."