[secdir] Sector Review of draft-ietf-mile-iodef-guidance-10
Catherine Meadows <catherine.meadows@nrl.navy.mil> Tue, 29 August 2017 15:52 UTC
Return-Path: <catherine.meadows@nrl.navy.mil>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 404F7132C3E; Tue, 29 Aug 2017 08:52:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cj8-kudPXHeZ; Tue, 29 Aug 2017 08:52:31 -0700 (PDT)
Received: from ccs.nrl.navy.mil (mx0.ccs.nrl.navy.mil [IPv6:2001:480:20:118:118::211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9445132962; Tue, 29 Aug 2017 08:52:29 -0700 (PDT)
Received: from ashurbanipal.fw5540.net (fw5540.nrl.navy.mil [132.250.196.100]) by ccs.nrl.navy.mil (8.14.4/8.14.4) with ESMTP id v7TFqRAP016679 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Tue, 29 Aug 2017 11:52:28 -0400
From: Catherine Meadows <catherine.meadows@nrl.navy.mil>
Content-Type: multipart/alternative; boundary="Apple-Mail=_499AD170-6653-4144-9917-DC886748D4A6"
Date: Tue, 29 Aug 2017 11:52:27 -0400
Message-Id: <93C424C0-EEF5-4A1B-B322-0C3C60519DA7@nrl.navy.mil>
To: secdir@ietf.org, iesg@ietf.org, draft-ietf-mile-iodef-guidance.all@ietf.org
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
X-CCS-MailScanner: No viruses found.
X-CCS-MailScanner-Info: See: http://www.nrl.navy.mil/ccs/support/email
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/RJ-zNdgWrTXQ5YfKzrbKn6EdZZA>
Subject: [secdir] Sector Review of draft-ietf-mile-iodef-guidance-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Aug 2017 15:52:33 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready With Nits. This document contains advice on using the Incident Object Description Exchange Format (IODEF) to describe incident reports. In contains general guidelines. No security-related issues are addressed; in particular guidance on setting restrictions is avoided. In the security considerations section, the authors point out that this document introduces no new security concerns other than those already addressed in RFC7870 (the IODEF RFC), and reader is referred to RFC7970 for any security questions. I agree with this, and I don’t see any need for making substantive changes. There are a couple of nits though: 1. The sentence at the bottom of page 6, beginning “IODEF implementations SHOULD not consider using their own IODEF extensions unless …” doesn’t parse. I think you can get the meaning you intended by removing the words “”is not a suitable option” at the end. 2. The “Nevertheless” at the beginning of the second sentence of the Security Considerations section is confusing. The second sentence doesn’t contradict the first; it merely elaborates on it. I’d suggest removing the word “Nevertheless.” Cathy Meadows Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows@nrl.navy.mil <mailto:catherine.meadows@nrl.navy.mil>
- [secdir] Sector Review of draft-ietf-mile-iodef-g… Catherine Meadows