Re: [secdir] secdir review of draft-ietf-dime-rfc4006bis-07
Ben Campbell <ben@nostrum.com> Wed, 11 April 2018 14:45 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FDCD12D775; Wed, 11 Apr 2018 07:45:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.88
X-Spam-Level:
X-Spam-Status: No, score=-1.88 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BWJP11dmhZjS; Wed, 11 Apr 2018 07:45:57 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8EEA1200F1; Wed, 11 Apr 2018 07:45:56 -0700 (PDT)
Received: from [10.0.1.91] (cpe-66-25-7-22.tx.res.rr.com [66.25.7.22]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id w3BEjsL5069176 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 11 Apr 2018 09:45:55 -0500 (CDT) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-66-25-7-22.tx.res.rr.com [66.25.7.22] claimed to be [10.0.1.91]
From: Ben Campbell <ben@nostrum.com>
Message-Id: <7B2D7604-059F-415B-8DFB-ECB5E2F37C0D@nostrum.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_928DA161-464C-44B0-B57A-FB12EC2F9C71"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
Date: Wed, 11 Apr 2018 09:45:53 -0500
In-Reply-To: <1688903973.1637579.1523424564269@mail.yahoo.com>
Cc: iesg@ietf.org, secdir@ietf.org, draft-ietf-dime-rfc4006bis.all@ietf.org, David Mandelberg <david+work@mandelberg.org>
To: Yuval Lifshitz <yuvalif@yahoo.com>
References: <cc39fd8b-2d5f-fe13-c686-15d69a6c1d54@mandelberg.org> <1688903973.1637579.1523424564269@mail.yahoo.com>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Nzi51MpAtospWJ7rNz7oCcvheP8>
Subject: Re: [secdir] secdir review of draft-ietf-dime-rfc4006bis-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2018 14:46:01 -0000
Hi, The term “AVP” is on the IETF’s “well known” abbreviation list. (Both for Attribute Value Pair and Audio Visual Profile) Thanks! Ben. > On Apr 11, 2018, at 12:29 AM, Yuval Lifshitz <yuvalif@yahoo.com> wrote: > > Hi David, > > * The term AVP is well known for anyone implementing a Diameter spec. It is also defined in the base spec (https://tools.ietf.org/html/rfc6733#section-1.2). > * IMO, one second of inaccuracy is not considered overcharge or revenue leakage in time based service > > Yuval > > On Wednesday, April 11, 2018, 7:16:15 a.m. GMT+3, David Mandelberg <david+work@mandelberg.org> wrote: > > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the > IESG. These comments were written primarily for the benefit of the > security area directors. Document editors and WG chairs should treat > these comments just like any other last call comments. > > The summary of the review is Ready with nits. > > (nit) The term AVP is used extensively, and I don't see a definition. > Would its definition be obvious to anybody implementing this spec? I'm > assuming it means attribute-value pair. > > (nit, section 5.1.1) "For time based services, the quota is continuously > consumed at the regular rate of 60 seconds per minute." Are leap seconds > a problem? > > -- > Freelance cyber security consultant, software developer, and more > https://david.mandelberg.org/
- [secdir] secdir review of draft-ietf-dime-rfc4006… David Mandelberg
- Re: [secdir] secdir review of draft-ietf-dime-rfc… Yuval Lifshitz
- Re: [secdir] secdir review of draft-ietf-dime-rfc… Ben Campbell