[secdir] Review of draft-ietf-precis-nickname-18

Shawn M Emery <shawn.emery@oracle.com> Mon, 06 July 2015 05:41 UTC

Return-Path: <shawn.emery@oracle.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id E4D201A87AC for <secdir@ietfa.amsl.com>; Sun, 5 Jul 2015 22:41:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id zjoqC2kGTfTh for <secdir@ietfa.amsl.com>; Sun, 5 Jul 2015 22:41:35 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 647131A87AA for <secdir@ietf.org>; Sun, 5 Jul 2015 22:41:35 -0700 (PDT)
Received: from aserv0022.oracle.com (aserv0022.oracle.com []) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id t665fY47001320 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 6 Jul 2015 05:41:34 GMT
Received: from userv0122.oracle.com (userv0122.oracle.com []) by aserv0022.oracle.com (8.13.8/8.13.8) with ESMTP id t665fWAO018197 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 6 Jul 2015 05:41:34 GMT
Received: from abhmp0015.oracle.com (abhmp0015.oracle.com []) by userv0122.oracle.com (8.13.8/8.13.8) with ESMTP id t665fWcX025029; Mon, 6 Jul 2015 05:41:32 GMT
Received: from [] (/ by default (Oracle Beehive Gateway v4.0) with ESMTP ; Sun, 05 Jul 2015 22:41:32 -0700
Message-ID: <559A155B.6080505@oracle.com>
Date: Sun, 05 Jul 2015 23:42:51 -0600
From: Shawn M Emery <shawn.emery@oracle.com>
User-Agent: Mozilla/5.0 (X11; SunOS i86pc; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: secdir@ietf.org
References: <554FE6F0.7000908@oracle.com>
In-Reply-To: <554FE6F0.7000908@oracle.com>
X-Forwarded-Message-Id: <554FE6F0.7000908@oracle.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Source-IP: aserv0022.oracle.com []
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/UXKWVe17EuZukyqwbQWW6LtGkWc>
Cc: draft-ietf-precis-nickname.all@tools.ietf.org
Subject: [secdir] Review of draft-ietf-precis-nickname-18
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jul 2015 05:41:37 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This draft provides guidance on how to process Unicode string nicknames.

The security considerations section does exist and refers to the PRECIS
framework's security consideration in relation to this draft's use of the
string class "FreeformClass" and visually similar characters.  UTS #39
is also referenced for security considerations of Unicode characters in
general and of visually similar characters.  I agree that the references
adequately covers considerations for nicknames in Unicode strings.

General comments:


Editorial comments: