[secdir] Secdir last call review of draft-ietf-extra-quota-06
Shawn Emery via Datatracker <noreply@ietf.org> Tue, 07 September 2021 02:32 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BC123A0B44; Mon, 6 Sep 2021 19:32:42 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Shawn Emery via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-extra-quota.all@ietf.org, extra@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.36.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <163098196206.10347.8674654620317888270@ietfa.amsl.com>
Reply-To: Shawn Emery <shawn.emery@gmail.com>
Date: Mon, 06 Sep 2021 19:32:42 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Yxe2tNBLSEOEbPTzGXAvxg7Yb8A>
Subject: [secdir] Secdir last call review of draft-ietf-extra-quota-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Sep 2021 02:32:43 -0000
Reviewer: Shawn Emery Review result: Has Nits I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft specifies an extension to the IMAP protocol that allows querying and administrative functions related to resource limits and utilization. The security considerations section does exist and describes that the extension must adhere to the local security policies. It continues to state that user's resource usage could also be considered sensitive information. I don't believe that this draft adds additional security concerns from the proposed to be obsoleted RFC, 2087. These updates define two additional resource types (ANNOTATION-STORAGE and MAILBOX), a response code, and two data items. General comments: None. Editorial comments: s/a couple of extension/an extension/ s/mupltiple/multiple/ s/ Name of the quota resource type:\n/ Name of the quota resource type: ANNOTATION-STORAGE\n/ s/registrations for 3/registrations for 4/ s/clarify meaning/clarify the meaning/
- [secdir] Secdir last call review of draft-ietf-ex… Shawn Emery via Datatracker
- Re: [secdir] Secdir last call review of draft-iet… Alexey Melnikov