[secdir] Secdir review of draft-ietf-httpbis-legally-restricted-status-04.txt

Tero Kivinen <kivinen@iki.fi> Thu, 26 November 2015 12:37 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 720E71A8A92; Thu, 26 Nov 2015 04:37:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.579
X-Spam-Level: *
X-Spam-Status: No, score=1.579 tagged_above=-999 required=5 tests=[BAYES_50=0.8, SPF_NEUTRAL=0.779] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id xGiQL_NyR4nz; Thu, 26 Nov 2015 04:37:11 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.acr.fi []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 697A51A8969; Thu, 26 Nov 2015 04:37:11 -0800 (PST)
Received: from fireball.acr.fi (localhost []) by mail.kivinen.iki.fi (8.15.1/8.14.8) with ESMTPS id tAQCb8qF015126 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 26 Nov 2015 14:37:08 +0200 (EET)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.1/8.14.8/Submit) id tAQCb8Rh011191; Thu, 26 Nov 2015 14:37:08 +0200 (EET)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <22102.64756.382780.262773@fireball.acr.fi>
Date: Thu, 26 Nov 2015 14:37:08 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-httpbis-legally-restricted-status.all@tools.ietf.org
X-Edit-Time: 9 min
X-Total-Time: 10 min
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/eqMvqGliRVHv2RJjYZ5GecCVAsE>
Subject: [secdir] Secdir review of draft-ietf-httpbis-legally-restricted-status-04.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Nov 2015 12:37:12 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This documents adds new status code 451 which says that document is
unavailable for legal reasons. It correctly points out that some
entities blocking access might not want to tell that they are blocking
this, so clients cannot rely on this, and also points out that users
might be able to bypass the restrictions using VPNs or TORs.

Summary: Ready.

I just wonder why did the example singled out "the People's Front of
Judea", and did not include "the Judean People's Front", "the Judean
Popular People's Front", "the Campaign for a Free Galilee", and "the
Popular Front of Judea".... :-)