[secdir] Secdir review of draft-ietf-idnabis-defs
Paul Hoffman <phoffman@imc.org> Fri, 16 October 2009 15:21 UTC
Return-Path: <phoffman@imc.org>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DFCF528C22E for <secdir@core3.amsl.com>; Fri, 16 Oct 2009 08:21:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.446
X-Spam-Level:
X-Spam-Status: No, score=-3.446 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J5bXPjbZ7U2B for <secdir@core3.amsl.com>; Fri, 16 Oct 2009 08:21:45 -0700 (PDT)
Received: from balder-227.proper.com (Balder-227.Proper.COM [192.245.12.227]) by core3.amsl.com (Postfix) with ESMTP id 3225F28C21B for <secdir@ietf.org>; Fri, 16 Oct 2009 08:21:45 -0700 (PDT)
Received: from [10.20.30.158] (75-101-30-90.dsl.dynamic.sonic.net [75.101.30.90]) (authenticated bits=0) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n9GFLlKV053756 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 16 Oct 2009 08:21:48 -0700 (MST) (envelope-from phoffman@imc.org)
Mime-Version: 1.0
Message-Id: <p06240829c6fe3b47af8e@[10.20.30.158]>
In-Reply-To: <tslk4yzku70.fsf@mit.edu>
References: <tslk4yzku70.fsf@mit.edu>
Date: Fri, 16 Oct 2009 08:21:45 -0700
To: secdir@ietf.org
From: Paul Hoffman <phoffman@imc.org>
Content-Type: text/plain; charset="us-ascii"
Cc: draft-ietf-idnabis-defs@tools.ietf.org
Subject: [secdir] Secdir review of draft-ietf-idnabis-defs
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Oct 2009 15:21:46 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Feel free to forward to any appropriate forum. This document is one of a series of four that make up the revised IDNA protocol (draft-ietf-idnabis-defs, -tables, -protocol, -bidi). The four document are intertwined, so the security considerations for all should be considered at the same time. Having said that, I find no significant issues with the security considerations in any of the four documents, including this one. Given the messy nature of both internationalization and designing user input mechanisms, these documents do the best that they can, and are not noticeably worse (and are hopefully better) than the previous IDNA protocol.
- [secdir] Secdir review of draft-ietf-idnabis-bidi Sam Hartman
- [secdir] Secdir review of draft-ietf-idnabis-defs Paul Hoffman