[secdir] Secdir last call review of draft-ietf-ippm-stamp-srpm-11
Kathleen Moriarty via Datatracker <noreply@ietf.org> Sat, 27 May 2023 12:01 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DE69C15199D; Sat, 27 May 2023 05:01:54 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Kathleen Moriarty via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-ippm-stamp-srpm.all@ietf.org, ippm@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 10.4.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <168518891417.37288.16035640571886484945@ietfa.amsl.com>
Reply-To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Date: Sat, 27 May 2023 05:01:54 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/J8Cfa3nCl3AGq5cd24cQq-InmKM>
Subject: [secdir] Secdir last call review of draft-ietf-ippm-stamp-srpm-11
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.39
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 May 2023 12:01:54 -0000
Reviewer: Kathleen Moriarty Review result: Has Nits The security considerations could be slightly expanded to refer to the "encrypted mode" and "authenticated mode" that is referenced from RFC8545 security considerations. Perhaps a direct reference to where those are specified would be better than the current reference as that just states in the security considerations section that they are recommended, but that document does not define those options. The reader would then be able to jump to those documents/sections rather than having to take multiple steps to see what the additional security options include. The limit on where this protocol used provides good context. It's also good that the integrity protection is built-in. I appreciate the working group and authors efforts to build-in security options. Well done!
- [secdir] Secdir last call review of draft-ietf-ip… Kathleen Moriarty via Datatracker