Re: [secdir] Secdir review of draft-ietf-nfsv4-rfc3530bis-dot-x-16
Magnus Nyström <magnusn@gmail.com> Wed, 17 April 2013 00:29 UTC
Return-Path: <magnusn@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD75F21F9425; Tue, 16 Apr 2013 17:29:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1
X-Spam-Level:
X-Spam-Status: No, score=-1 tagged_above=-999 required=5 tests=[AWL=1.299, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kbPidcNcc4wk; Tue, 16 Apr 2013 17:29:16 -0700 (PDT)
Received: from mail-we0-x229.google.com (mail-we0-x229.google.com [IPv6:2a00:1450:400c:c03::229]) by ietfa.amsl.com (Postfix) with ESMTP id 7E6E921F93EA; Tue, 16 Apr 2013 17:29:15 -0700 (PDT)
Received: by mail-we0-f169.google.com with SMTP id x43so854348wey.28 for <multiple recipients>; Tue, 16 Apr 2013 17:29:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=+6zbAy4HFoYuC1QvZ+UEzAuOnjyY1/Z5CoX+5jIbeSI=; b=OJU+HVRuyBdFz9aIUYMJHFYIHezOiA7j8Mx7hDo0FwPRGOH1MDo4IBV3fKWrX+q/5K shrPqCO9RqJEW4VqcqOcP53Vu4dEGVVgmFq00875FM/cSqonYzYJby8DJ1AnWFECBU3p s+m9FAnZVyIUMubjYjMIn6w2I7zeq6CnIuktx93hShu5pfZDC4TGZb1kUlGEWsLC5Ymo JtcCCpwTBUJzqaQKi4dagscuu+l7hrtiz471C3P77uq0aTPmMEOm+5qk524dRgfm9hMw F3LoVQ/YNuieWgzoKG/Hknq/d35rKdjYUrPm/KYsFUX+uYwov188XRFWBtgqa5uifQy3 ociQ==
MIME-Version: 1.0
X-Received: by 10.194.8.99 with SMTP id q3mr7060673wja.34.1366158554645; Tue, 16 Apr 2013 17:29:14 -0700 (PDT)
Received: by 10.180.85.202 with HTTP; Tue, 16 Apr 2013 17:29:14 -0700 (PDT)
In-Reply-To: <D3C85B3C-1FD3-4ED8-8195-3AEB2B984C89@netapp.com>
References: <CADajj4Zpeis=swQ8OrSWoKYb2f89jfs28UwOeBY76gb12ifLHg@mail.gmail.com> <D3C85B3C-1FD3-4ED8-8195-3AEB2B984C89@netapp.com>
Date: Tue, 16 Apr 2013 17:29:14 -0700
Message-ID: <CADajj4ZaCYdnK0LuPLgkZPnyZ+f19AWva9L0SRT-qKy5psy7RQ@mail.gmail.com>
From: Magnus Nyström <magnusn@gmail.com>
To: "Haynes, Tom" <Tom.Haynes@netapp.com>
Content-Type: multipart/alternative; boundary="047d7b5d65925b4f1c04da83930d"
Cc: "<draft-ietf-nfsv4-rfc3530bis-dot-x@tools.ietf.org>" <draft-ietf-nfsv4-rfc3530bis-dot-x@tools.ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Secdir review of draft-ietf-nfsv4-rfc3530bis-dot-x-16
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2013 00:29:16 -0000
Hi Tom, lest there be any misunderstanding: What I suggested was, that it may make sense to discuss how internationalization aspects as they pertain to the XDR itself may impact security in this document's security consideration section. If the main 2530bis document already discusses internationalization aspects covering also XDR aspects then I don't see a strong need to add it to this one. Thanks, /M On Tue, Apr 16, 2013 at 5:16 PM, Haynes, Tom <Tom.Haynes@netapp.com> wrote: > > On Apr 14, 2013, at 11:22 PM, Magnus Nyström <magnusn@gmail.com> wrote: > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the IESG. > These comments were written primarily for the benefit of the security area > directors. Document editors and WG chairs should treat these comments just > like any other last call comments. > > This NFSv4.0 document provides the XDR definition for NFSv4.0. As such, > except for the introductory section and standard sections towards the end, > it consists entirely of extractable, machine-readable declarations and > definitions. > > The Security Considerations section simply refers to the rfc2530bis main > document. This may be sufficient; however, if the NFSv4.0 XDR definition > introduces any new parsing risks (for example, anything related to > internationalization?), then it may be better placed in this document. > -- Magnus > > > > Hi Magnus, > > That simply becomes too unwieldily. > > We have another example of this, RFC 5661 and 5662. I always look at RFC > 5661 and I rarely look at RFC 5662. > > My expectation is that this is the way others work. > > I would prefer to leave the internationalization work back in the main > document. > > Thanks, > Tom > -- -- Magnus
- [secdir] Secdir review of draft-ietf-nfsv4-rfc353… Magnus Nyström
- Re: [secdir] Secdir review of draft-ietf-nfsv4-rf… Haynes, Tom
- Re: [secdir] Secdir review of draft-ietf-nfsv4-rf… Magnus Nyström