Re: [secdir] sec-dir review of draft-ietf-i2nsf-problem-and-use-cases-12

["Susan Hares" <shares@ndzh.com>]

Derek:

I apologize for the delay in responding to you.   I will check to make sure
these are fixed in version 16. 

Sue Hares




-----Original Message-----
From: Derek Atkins [mailto:derek@ihtfp.com] 
Sent: Tuesday, April 25, 2017 1:34 PM
To: iesg@ietf.org; secdir@ietf.org
Cc: i2nsf-chairs@ietf.org; pauljeong@skku.edu; rkkumar@juniper.net;
Christian.jacquenet@orange.com; myo@varmour.com;
diego.r.lopez@telefonica.com; shares@ndzh.com
Subject: sec-dir review of draft-ietf-i2nsf-problem-and-use-cases-12

Hi,

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written with the intent of improving security requirements and
considerations in IETF drafts.  Comments not addressed in last call may be
included in AD reviews during the IESG review.  Document editors and WG
chairs should treat these comments just like any other last call comments.

Summary:

Ready to publish with small edits.

Details:

This document doesn't specify any protocols.

There appears to be a missing word in the end of the Security Considerations
section which says:

   It is important to proper AAA [RFC2904] to authorize access to the
   network and access to the I2NSF management stream.

I'm not sure if this is missing "proper AAA [something] [RFC2904] to
authorize" or if there is a different phrasing.  I'm not sure what is trying
to be said about AAA, but this sentence is clearly missing an article (as
"proper AAA" by itself is not a noun").

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant