[secdir] Secdir review of draft-ietf-appsawg-uri-get-off-my-lawn-04.txt

Alexey Melnikov <alexey.melnikov@isode.com> Mon, 12 May 2014 16:06 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77F1C1A075A; Mon, 12 May 2014 09:06:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.651
X-Spam-Level:
X-Spam-Status: No, score=-2.651 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xQLMLf__x5BN; Mon, 12 May 2014 09:06:07 -0700 (PDT)
Received: from waldorf.isode.com (waldorf.isode.com [62.3.217.251]) by ietfa.amsl.com (Postfix) with ESMTP id 4D0C21A0755; Mon, 12 May 2014 09:06:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1399910755; d=isode.com; s=selector; i=@isode.com; bh=WYvY0L/PpLVma0HKtxj1/HFMzwdMX8k1ePYX0ixyYVs=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=f57/tmMTkHTi0J5SbiPaBmG4lPdylBIL1421FuUnZYgjEqAFdIB5ndJBEKjzRpU081JVWJ WzeiSQqyyQmIkvTdjtWHd/xGOHsKQPMWX1Zd6yayr51VfVQnDyDgHjSD3x/VzQMfIgnhUm YvysZydBKQEIEZ8sPe8sMeKmcbbLQUE=;
Received: from [192.168.0.7] (cpc5-nmal20-2-0-cust24.19-2.cable.virginm.net [92.234.84.25]) by waldorf.isode.com (submission channel) via TCP with ESMTPA id <U3DxYgBujrml@waldorf.isode.com>; Mon, 12 May 2014 17:05:55 +0100
Message-ID: <5370F185.7020703@isode.com>
Date: Mon, 12 May 2014 17:06:29 +0100
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-appsawg-uri-get-off-my-lawn.all@tools.ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/UPutJxHMypRQ65Ge105hk-ZQiVE
Subject: [secdir] Secdir review of draft-ietf-appsawg-uri-get-off-my-lawn-04.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 May 2014 16:06:11 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document talks about the practice of mandating some forms of URI 
sub-structure in documents, which use existing URI schemes.
This document is arguing that such practice is inappropriate,
because that essentially usurps ownership or URI sub-structure from URI 
owners.  This document further describes some acceptable alternatives 
for use in standards.

I agree with the Security Considerations that this document does not 
introduce new protocol artifacts with security considerations.

I think this document is Ready.