[secdir] sec-dir review of draft-ietf-dnsop-edns-chain-query-06
Derek Atkins <derek@ihtfp.com> Wed, 17 February 2016 21:54 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01CB91B2F69; Wed, 17 Feb 2016 13:54:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.389
X-Spam-Level:
X-Spam-Status: No, score=-1.389 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_ORG=0.611] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E-oXJKbRUNcT; Wed, 17 Feb 2016 13:54:07 -0800 (PST)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 288D01B2F5F; Wed, 17 Feb 2016 13:54:07 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id D3DE0E2036; Wed, 17 Feb 2016 16:53:35 -0500 (EST)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 08442-03; Wed, 17 Feb 2016 16:53:32 -0500 (EST)
Received: from securerf.ihtfp.org (IHTFP-DHCP-159.IHTFP.ORG [192.168.248.159]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 22D47E2030; Wed, 17 Feb 2016 16:53:32 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1455746012; bh=WGU0CGGxy//+zcrSRUjJe0GZQDDab17t4CHIUQqJVLY=; h=From:To:Cc:Subject:Date; b=XF9oMEa3D7LiUAv5GzqiIlElyKGKACqnnw7O6rAQMu1ScSM5gaxtcMgC0OipOo9Zx iItlWEcaQRPrHot+1AgIrKJPnwZ+wacQhPkbJ5UQJS1XzP3BCUzbIeFJB1bnkqk90J 2yIRvEm/96N86yeN72EyvFUKx/6bvSHMsbTn+9hg=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.14.8/Submit) id u1HLrVhq012376; Wed, 17 Feb 2016 16:53:31 -0500
From: Derek Atkins <derek@ihtfp.com>
To: iesg@ietf.org, secdir@ietf.org
Date: Wed, 17 Feb 2016 16:53:31 -0500
Message-ID: <sjmziuzypes.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/h05s5SzgWu-y96FH5ywm-ipyIMc>
Cc: pwouters@redhat.com, dnsop-chairs@ietf.org
Subject: [secdir] sec-dir review of draft-ietf-dnsop-edns-chain-query-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Feb 2016 21:54:13 -0000
Hi,
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written with the intent of improving
security requirements and considerations in IETF drafts. Comments
not addressed in last call may be included in AD reviews during the
IESG review. Document editors and WG chairs should treat these
comments just like any other last call comments.
Summary:
Probably ready to publish
Details:
I noticed that this draft has RFC2119 MUST/MUST NOT directives in the
Security Considerations section. However this is not a repetition of
similar language elsewhere in the draft. Is this allowed? There is
also similar 2119 language in the Introduction.
-derek
--
Derek Atkins 617-623-3745
derek@ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
- [secdir] sec-dir review of draft-ietf-dnsop-edns-… Derek Atkins