Re: [secdir] Secdir review of draft-schaad-curdle-oid-registry-02
Russ Housley <housley@vigilsec.com> Tue, 17 October 2017 19:15 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E877F132D4E for <secdir@ietfa.amsl.com>; Tue, 17 Oct 2017 12:15:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CR8xeZ-fl_fI for <secdir@ietfa.amsl.com>; Tue, 17 Oct 2017 12:15:20 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31192126B6E for <secdir@ietf.org>; Tue, 17 Oct 2017 12:15:20 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 97550300572 for <secdir@ietf.org>; Tue, 17 Oct 2017 15:15:19 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id wcDWKRdcPeoM for <secdir@ietf.org>; Tue, 17 Oct 2017 15:15:18 -0400 (EDT)
Received: from a860b60074bd.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id D53F9300265; Tue, 17 Oct 2017 15:15:17 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <23013.64792.817951.742437@fireball.acr.fi>
Date: Tue, 17 Oct 2017 15:15:17 -0400
Cc: IESG <iesg@ietf.org>, IETF SecDir <secdir@ietf.org>, draft-schaad-curdle-oid-registry.all@tools.ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <1E64673D-5612-442C-A543-045059C40811@vigilsec.com>
References: <23013.64792.817951.742437@fireball.acr.fi>
To: Tero Kivinen <kivinen@iki.fi>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/MC-_PYm3rb-q_7Oy2VAmC7_xDqM>
Subject: Re: [secdir] Secdir review of draft-schaad-curdle-oid-registry-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Oct 2017 19:15:22 -0000
SMI = Structure of Management Information That was assigned way back when someone thought that only MIB modules would need OIDs. Russ > On Oct 17, 2017, at 8:52 AM, Tero Kivinen <kivinen@iki.fi> wrote: > > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the > IESG. These comments were written primarily for the benefit of the > security area directors. Document editors and WG chairs should treat > these comments just like any other last call comments. > > This document is Ready with Nits. > > This document creates and IANA registry and fills it with initial > values. The numbers are inside the donated set of OIDs (donated from > Symantec Website Security) that was donated to the curdle WG earlier. > > The security considerations section that as this just creates an IANA > registry it does not raise any new security considerations (altoigh > somepeople claim anything related to ASN.1 is security issue, I do > agree with the statement in the draft). > > The only nit I have is that the document creates a called "SMI > Security for Cryptographic Algorithms", and I have no idea what SMI > means. I.e., it would be better if the name of the registry actually > told people what is expected to be inside this registry... > > Perhaps "Short OIDs for Cryptographic Algorithms for different IETF > protocol" or similar. > -- > kivinen@iki.fi > > _______________________________________________ > secdir mailing list > secdir@ietf.org > https://www.ietf.org/mailman/listinfo/secdir > wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
- [secdir] Secdir review of draft-schaad-curdle-oid… Tero Kivinen
- Re: [secdir] Secdir review of draft-schaad-curdle… Russ Housley