[secdir] Secdir review of draft-ietf-geopriv-lis-discovery-13
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Tue, 16 February 2010 07:01 UTC
Return-Path: <jsalowey@cisco.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3816D3A74A6; Mon, 15 Feb 2010 23:01:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.399
X-Spam-Level:
X-Spam-Status: No, score=-10.399 tagged_above=-999 required=5 tests=[AWL=0.200, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HvWibeIH0TI3; Mon, 15 Feb 2010 23:01:00 -0800 (PST)
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com [171.71.176.117]) by core3.amsl.com (Postfix) with ESMTP id 782733A6F89; Mon, 15 Feb 2010 23:01:00 -0800 (PST)
Authentication-Results: sj-iport-6.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAC/SeUurR7H+/2dsb2JhbACbGXSnBZdTgkYBghQEgxSLPg
X-IronPort-AV: E=Sophos;i="4.49,482,1262563200"; d="scan'208";a="483603808"
Received: from sj-core-2.cisco.com ([171.71.177.254]) by sj-iport-6.cisco.com with ESMTP; 16 Feb 2010 07:02:34 +0000
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-2.cisco.com (8.13.8/8.14.3) with ESMTP id o1G72Ytr023306; Tue, 16 Feb 2010 07:02:34 GMT
Received: from xmb-sjc-225.amer.cisco.com ([128.107.191.38]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 15 Feb 2010 23:02:34 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 15 Feb 2010 23:02:32 -0800
Message-ID: <AC1CFD94F59A264488DC2BEC3E890DE5099F6A2A@xmb-sjc-225.amer.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Secdir review of draft-ietf-geopriv-lis-discovery-13
Thread-Index: Acqu1gJ/sSGaB+6SSd6V3dmQGYUzgA==
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: secdir@ietf.org, iesg@ietf.org, draft-ietf-geopriv-lis-discovery.all@tools.ietf.org
X-OriginalArrivalTime: 16 Feb 2010 07:02:34.0173 (UTC) FILETIME=[03B246D0:01CAAED6]
Subject: [secdir] Secdir review of draft-ietf-geopriv-lis-discovery-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Feb 2010 07:01:01 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. I have reviewed the document several times during its lifecycle and I think it is ready for publication. I believe the security considerations discuss the ways the discovery could be attacked and provide some means to mitigate them. The procedures in this document would benefit from a standardized way to identify the access network domain identity from the network authentication, but it does not seem to be there yet.
- [secdir] Secdir review of draft-ietf-geopriv-lis-… Joseph Salowey (jsalowey)