[secdir] secdir review of draft-ietf-tzdist-service-09

Joseph Salowey <joe@salowey.net> Thu, 02 July 2015 05:19 UTC

Return-Path: <joe@salowey.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id A63561B2ECA for <secdir@ietfa.amsl.com>; Wed, 1 Jul 2015 22:19:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id ZygKULI_7JuN for <secdir@ietfa.amsl.com>; Wed, 1 Jul 2015 22:19:34 -0700 (PDT)
Received: from mail-qg0-f44.google.com (mail-qg0-f44.google.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 108AA1B2EC8 for <secdir@ietf.org>; Wed, 1 Jul 2015 22:19:34 -0700 (PDT)
Received: by qget71 with SMTP id t71so28490658qge.2 for <secdir@ietf.org>; Wed, 01 Jul 2015 22:19:33 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=MBA39cwMFP/qI3dRSF3xsXmLykLmlXD7a7I3u+WCtAI=; b=RJIVt8BYPRAPouTbiTKp4pnDaQ3Edd62ZYGqltbn92If2BxwDnJmbW6tuY+qyJJuWS 1yngPKYAcvlE/LtJyWqGcWshloPz+dtcCwrMHUYVy18YRmvFHc5BybYZEFFeL0WM7c8b 8ZQLLEymQcq/3168IvgK3YnsRvM92BzaW53yLtsd3w7dBg8sYhrhhFmNP/G7v2AZIHn6 pCe8jdKpwFxTQ8SuPVxx68VOU4Jl6b2VSFCQNndmdd9UfWQQydpD0jBh54C2O6IIS0h9 munEXWMwsRH0SBmDzZWp7JTKqi9yW5mJpp0Srj80YBwWIrdtrLZJwi+WXujhWsyIf12S ZFyg==
X-Gm-Message-State: ALoCoQlDqMiL0IS38ZNWD3d1t66PqUd8IZP+nMPEyCV5da/U6eee5BprStlana14ao9GRJ0M9g4G
MIME-Version: 1.0
X-Received: by with SMTP id g68mr40429616qhc.41.1435814373237; Wed, 01 Jul 2015 22:19:33 -0700 (PDT)
Received: by with HTTP; Wed, 1 Jul 2015 22:19:33 -0700 (PDT)
Date: Wed, 1 Jul 2015 22:19:33 -0700
Message-ID: <CAOgPGoAOvUTOPBSWjzt7Boh7Lgos2FgO9BmmwMZyBVQd=aB04w@mail.gmail.com>
From: Joseph Salowey <joe@salowey.net>
To: The IESG <iesg@ietf.org>, secdir <secdir@ietf.org>, draft-ietf-tzdist-service.all@tools.ietf.org
Content-Type: multipart/alternative; boundary=001a1135620eae78140519dd95f3
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/bw5d0OnOKaJSAZzQQGYzfeETVxA>
Subject: [secdir] secdir review of draft-ietf-tzdist-service-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jul 2015 05:19:35 -0000

First, I apologize for the late review. It appears that you may have
already had a secdir review from the revision notes, but I could not find
the review in my archive.

In general it seems the document is in good shape and understandable. I
think the document is ready with nits.  Here are a few minor issues:

1) it might be useful to add something about what is in scope and out of
scope for this document.  What I have in mind is to state the assumption
that the TZ data has been securely transmitted from the contributors to the
publishers to the root provider with its integrity intact and that the
servers are expected to maintain the integrity of the data.

2) It might be useful to qualify the 3rd paragraph as applicable when
discovery is done through DNS SRV records.