Re: [secdir] SECDIR review of draft-josefsson-gss-capsulate-04

Chris Lonvick <clonvick@cisco.com> Fri, 27 May 2011 11:06 UTC

Return-Path: <clonvick@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5410FE069A; Fri, 27 May 2011 04:06:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZPlp5FW8iUf3; Fri, 27 May 2011 04:06:22 -0700 (PDT)
Received: from sj-iport-1.cisco.com (sj-iport-1.cisco.com [171.71.176.70]) by ietfa.amsl.com (Postfix) with ESMTP id AD839E0688; Fri, 27 May 2011 04:06:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=clonvick@cisco.com; l=1474; q=dns/txt; s=iport; t=1306494382; x=1307703982; h=date:from:to:cc:subject:in-reply-to:message-id: references:mime-version; bh=wyEdtNUGstsfn04Q7sIDn9uidwMki0roA23dd5ivJaQ=; b=YeZEJZ4a17zs5u0AVrPddktfECwpPVs+ph96q+wP33Evth3bm3vCskRR D9jGe0yFOZj56tSQtDXKyP6/wJccXKGdNYQs3MYsNEQn6IYg2zNunS0S+ hOATpdz06FT9VvrBFQ48W3jTgAj+oNnqJR3TwTfPe0oboSzsqxhIAPqrw 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EAAmF302rRDoJ/2dsb2JhbABUEKYmd4hwnX6dZ4YeBIZjmEBV
X-IronPort-AV: E=Sophos;i="4.65,279,1304294400"; d="scan'208";a="455384838"
Received: from mtv-core-4.cisco.com ([171.68.58.9]) by sj-iport-1.cisco.com with ESMTP; 27 May 2011 11:06:19 +0000
Received: from sjc-cde-032.cisco.com (sjc-cde-032.cisco.com [171.69.29.20]) by mtv-core-4.cisco.com (8.14.3/8.14.3) with ESMTP id p4RB6JZM016834; Fri, 27 May 2011 11:06:19 GMT
Date: Fri, 27 May 2011 04:06:16 -0700 (PDT)
From: Chris Lonvick <clonvick@cisco.com>
To: Simon Josefsson <simon@josefsson.org>, secdir-secretary@mit.edu
In-Reply-To: <87liy4se5s.fsf@latte.josefsson.org>
Message-ID: <Pine.GSO.4.63.1105270359550.24901@sjc-cde-032.cisco.com>
References: <Pine.GSO.4.63.1104151342060.1613@sjc-cde-011.cisco.com> <87liy4se5s.fsf@latte.josefsson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: draft-josefsson-gss-capsulate.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] SECDIR review of draft-josefsson-gss-capsulate-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 May 2011 11:06:23 -0000

Hi Simon,

I like it.  :-)

Hopefully we can get ahead of a request for re-review and I can add my 
comments about the -05 version here:

I find the document to be of good quality and recommend that it be 
published.

Regards,
Chris

On Wed, 18 May 2011, Simon Josefsson wrote:

> Hi Chris,
>
> Thanks for review!  I agree with all your suggestions, and have
> published -05 that should address them.  Please verify.
>
> /Simon
>
> Chris Lonvick <clonvick@cisco.com> writes:
>
>> Hi,
>>
>> I have reviewed this document as part of the security directorate's
>> ongoing effort to review all IETF documents being processed by the
>> IESG.  These comments were written primarily for the benefit of the
>> security area directors.  Document editors and WG chairs should treat
>> these comments just like any other last call comments.
>>
>> Overall, I find the document to be of good quality and ready to progress.
>>
>> One editorial suggestion I'd make would be to either include or
>> directly reference the security section of RFC 2743 in your own
>> security considerations section.
>>
>> Also, I'm just not partial towards the use of "otherwise" to describe
>> a return code from gss_oid_equal.  Personally, I think it should be
>> directly specified.
>>
>> Finally, I think you have a formatting inconsistency in Section 4.1;
>> the "otherwise" should be tabbed out to line up in the other column.
>>
>> Regards,
>> Chris
>