Re: [secdir] Security review of draft-ietf-pce-questions-06

Hannes Tschofenig <hannes.tschofenig@gmx.net> Wed, 09 July 2014 09:05 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE9891A03B7; Wed, 9 Jul 2014 02:05:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4LVK913L-nUB; Wed, 9 Jul 2014 02:05:43 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FDFD1A0337; Wed, 9 Jul 2014 02:05:42 -0700 (PDT)
Received: from [192.168.131.128] ([80.92.116.212]) by mail.gmx.com (mrgmx001) with ESMTPSA (Nemesis) id 0LsUDg-1WcS7v0Jq4-0121tY; Wed, 09 Jul 2014 11:05:39 +0200
Message-ID: <53BD05DF.7080709@gmx.net>
Date: Wed, 09 Jul 2014 11:05:35 +0200
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: adrian@olddog.co.uk, 'Ben Laurie' <benl@google.com>, 'IETF Discussion List' <ietf@ietf.org>, secdir@ietf.org
References: <CABrd9SQYmSxOh+xBExkQ-iKGnG4dhZPBoR1U_iYLSG7kQCFE9Q@mail.gmail.com> <068f01cf9b53$7fc60b30$7f522190$@olddog.co.uk>
In-Reply-To: <068f01cf9b53$7fc60b30$7f522190$@olddog.co.uk>
X-Enigmail-Version: 1.5.2
OpenPGP: id=4D776BC9
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="bNvcckO4RVGA1Qm9VQEEXfwxH9D7kvvLi"
X-Provags-ID: V03:K0:mTHeb6i3c/MRmfWQfqjswmZltMZkmGJSw+iMK3NenKqaxWsxTcA Ap+OaRbi8Y55aEmsXewbCWe55/IRbmfvwTCdWaz/3Sthg4K3oWYKCy00VJsYhk7cRefSoyB WJO+Z6cPYYobMgon+bTiCP2DoNiga+N5Mtx/KTPcnCiJZAOcgl3UJBoFmnt9l331/BE7SOH Eigs0jTeumCLaHvk3OL0w==
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/W0h69QJB8U9IY0FaWbhB_FkO0ek
Cc: iesg@ietf.org
Subject: Re: [secdir] Security review of draft-ietf-pce-questions-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jul 2014 09:05:44 -0000


On 07/09/2014 10:55 AM, Adrian Farrel wrote:
> I would be pretty loathe to add security text to each section in this document: I think that would make the document heavy and less likely to be read by its intended consumers

I like that one.

I think I will quote you in the future as someone who had said

"Adding security text to a specification makes the document heavy and
less likely to be read by its intended consumers."

Ciao
Hannes