[secdir] Secdir review of draft-reed-urn-dgiwg-02

Vincent Roca <vincent.roca@inrialpes.fr> Mon, 09 May 2011 10:29 UTC

Return-Path: <vincent.roca@inrialpes.fr>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30D5EE07AF; Mon, 9 May 2011 03:29:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.249
X-Spam-Level:
X-Spam-Status: No, score=-10.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tYHSTl+YIrcH; Mon, 9 May 2011 03:29:45 -0700 (PDT)
Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) by ietfa.amsl.com (Postfix) with ESMTP id 12286E068D; Mon, 9 May 2011 03:29:40 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.64,339,1301868000"; d="scan'208";a="82640942"
Received: from geve.inrialpes.fr ([194.199.24.116]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/AES128-SHA; 09 May 2011 12:28:32 +0200
From: Vincent Roca <vincent.roca@inrialpes.fr>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Date: Mon, 9 May 2011 12:28:32 +0200
Message-Id: <5FADE82E-A84E-4D9D-A8DD-B337C06D5EA4@inrialpes.fr>
To: IESG <iesg@ietf.org>, secdir@ietf.org, draft-reed-urn-dgiwg.all@tools.ietf.org
Mime-Version: 1.0 (Apple Message framework v1084)
X-Mailer: Apple Mail (2.1084)
Subject: [secdir] Secdir review of draft-reed-urn-dgiwg-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 May 2011 10:29:46 -0000

Hello,

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

This document introduces a new namespace for the DGI Working Group
(http://www.dgiwg.org) and has a very light security considerations
section (1 sentence only), as is usually the case with such documents
(see http://www.iana.org/assignments/urn-namespaces/urn-namespaces.xml).

That being said, since the goal of the DGIWG is to facilitate the
exchange of geospatial information between countries, in particular
in context of military cooperations, security is critical. Therefore
the author could perhaps elaborate a little bit more.
For instance one or two sentences highlighting the importance of 
having secure methods to access locations once the URN resolution
has taken place (i.e. after the name to location resolution) could
be added, with a few pointers.

Regards,

   Vincent