[secdir] secdir review of draft-ietf-dnsext-axfr-clarify-13
Chris Lonvick <clonvick@cisco.com> Mon, 01 March 2010 21:24 UTC
Return-Path: <clonvick@cisco.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C0EB928C16D; Mon, 1 Mar 2010 13:24:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AmZ5O+9EQz+D; Mon, 1 Mar 2010 13:24:13 -0800 (PST)
Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by core3.amsl.com (Postfix) with ESMTP id 096173A743D; Mon, 1 Mar 2010 13:24:13 -0800 (PST)
Authentication-Results: sj-iport-4.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EAAO/i0urRN+J/2dsb2JhbACPUQGLNXOlWJdqhHsEgxc
X-IronPort-AV: E=Sophos;i="4.49,562,1262563200"; d="scan'208";a="94144560"
Received: from sj-core-3.cisco.com ([171.68.223.137]) by sj-iport-4.cisco.com with ESMTP; 01 Mar 2010 21:24:13 +0000
Received: from sjc-cde-011.cisco.com (sjc-cde-011.cisco.com [171.69.16.68]) by sj-core-3.cisco.com (8.13.8/8.14.3) with ESMTP id o21LODIQ010968; Mon, 1 Mar 2010 21:24:13 GMT
Date: Mon, 01 Mar 2010 13:24:13 -0800
From: Chris Lonvick <clonvick@cisco.com>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-dnsext-axfr-clarify.all@tools.ietf.org
Message-ID: <Pine.GSO.4.63.1002270839580.7577@sjc-cde-011.cisco.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Subject: [secdir] secdir review of draft-ietf-dnsext-axfr-clarify-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Mar 2010 21:24:13 -0000
Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Overall, I found no problems with the document. It is well written and very explanatory. The following notes and suggestions are editorial. It would be nice to reference the security considerations of RFCs 1034 and 1035 just to say that this specification doesn't add any new considerations, however those documents don't have any security considerations sections. Would the authors then consider something like the following (which would be the first paragraph in Section 8): This document is a clarification of a mechanism outlined in RFCs 1034 and 1035 and as such does not add any new security considerations. The security considerations relevent to the deployment of this specification are noted in RFC 4033. In my first reading of the document, I was unfamiliar with the term "mbz". I'd suggest expanding the acronym in one place. Thanks, Chris
- [secdir] secdir review of draft-ietf-dnsext-axfr-… Chris Lonvick
- Re: [secdir] secdir review of draft-ietf-dnsext-a… Chris Lonvick
- Re: [secdir] secdir review of draft-ietf-dnsext-a… Alfred Hönes