[secdir] Security directorate review of draft-ietf-lwig-terminology-04

Ben Laurie <benl@google.com> Thu, 23 May 2013 11:48 UTC

Return-Path: <benl@google.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84A9521F92EB for <secdir@ietfa.amsl.com>; Thu, 23 May 2013 04:48:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.978
X-Spam-Level:
X-Spam-Status: No, score=-101.978 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2kqUbaecugZC for <secdir@ietfa.amsl.com>; Thu, 23 May 2013 04:48:13 -0700 (PDT)
Received: from mail-ie0-x229.google.com (mail-ie0-x229.google.com [IPv6:2607:f8b0:4001:c03::229]) by ietfa.amsl.com (Postfix) with ESMTP id D7C7721F92CB for <secdir@ietf.org>; Thu, 23 May 2013 04:48:12 -0700 (PDT)
Received: by mail-ie0-f169.google.com with SMTP id u16so8517837iet.0 for <secdir@ietf.org>; Thu, 23 May 2013 04:48:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=4a+EwRvEpWja6Ty/HEEeqW3xjHKxQrsWgpF3Qu1bUP8=; b=LI+DgJbcUtXznfiZUgDAcra1IjM6sFRAZ/EBwDr9+pO6eASzZ3ojWNT842CtHyqozs csO14GDz80eMwqorfD21ifOMsGMghpH1hmbhjzEkmiylA9++z2LJFtyTT25f64Fth2Wv itYI/wBXbc+u+lstkWw445qvmkwVmLab3WnHMsnnTKgSmDZX1krg1UpOf6/oI7VH9GXa w3472/6t7N0Y2GGcfhIrmwvU/BbeS0tgdT+ovk2GwtVzUyCN37oeidbuzf6P/iIgGpMY Cw3BSl4EwCt4qmiwmb3lgzo1dxQoDzIOrmuwrohPw4tu4PaQx39GNOVGIUq41CWQDt58 VUEA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type :x-gm-message-state; bh=4a+EwRvEpWja6Ty/HEEeqW3xjHKxQrsWgpF3Qu1bUP8=; b=VkNTs1nrSAzbpVgWBPPnLajAQDEnvUnssZjJ9sTco7f7Fqj4woSpJPydYwXgCPXyqL dUkSEQmKA32Eo9Wv84Y3P1fygE3lW/TmY9t8/vp6iH8ZI854PUYzMHs8VJ+z0F+YIyNb RjCCxxNm4hY/HlbR8V0fwrrAes1Mf9ufbk2n1rwA4vABDMwj9pOEW5tQjIebWb2sJ64x ly+wgulC8HFEVcz3cdbJHsYulP9ct8DRUDvO6+cK8Dt5Xg0f/n2OLLDv+T4buK9KlOPu hb1Lc4WvXWVs3NQU7WN2da0saB0BrCYaKElsJucNYLCNSxWi8VRms/SLik/+AJrbZ++c 6npw==
MIME-Version: 1.0
X-Received: by 10.50.88.103 with SMTP id bf7mr11679289igb.9.1369309691908; Thu, 23 May 2013 04:48:11 -0700 (PDT)
Received: by 10.64.230.232 with HTTP; Thu, 23 May 2013 04:48:11 -0700 (PDT)
Date: Thu, 23 May 2013 12:48:11 +0100
Message-ID: <CABrd9SQuTy-5dDBfmYa3vJCTi7a-U2nx5-b0Zfa9tKCDHxNV6Q@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-lwig-terminology.all@tools.ietf.org
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: ALoCoQkJ75NOolPQ6Y3gBr9d15mb7nwk3zq7Imrv5kA17lvWpDLvHG0ZeZaCfmoAlvhDo66tViQ6Y6A1PqdqdHKuU6px1I1n18AqtkBh9Xww5/HPBId+25r5dpFOWIj/VHgPoGZNpL+WUIcBYYVcbLlfT2qgUEx6PBCs7xe1JTJYsILArJ/7SGZmJpBAxPNwOX7Qig9mfFLd
Subject: [secdir] Security directorate review of draft-ietf-lwig-terminology-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 May 2013 11:48:13 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

Status: Ready with nits.

This document discusses networks comprised of constrained nodes (i.e.
nodes with limited power, CPU, storage, etc.). It does cover whether
various classes of nodes can participate in secure networks, which is
good, but the Security Considerations section is empty - I would
suggest that this section could usefully contain a summary of the
security implications of the various constraints discussed.