[secdir] Secdir last call review of draft-ietf-sidr-slurm-06

Daniel Migault <daniel.migault@ericsson.com> Tue, 20 February 2018 15:00 UTC

Return-Path: <daniel.migault@ericsson.com>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 54D3912D873; Tue, 20 Feb 2018 07:00:32 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Daniel Migault <daniel.migault@ericsson.com>
To: <secdir@ietf.org>
Cc: ietf@ietf.org, draft-ietf-sidr-slurm.all@ietf.org, sidr@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.72.2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <151913883228.4660.15594261925083651299@ietfa.amsl.com>
Date: Tue, 20 Feb 2018 07:00:32 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/hSdE6IBP8RGqMFZc2ACmXRaoLAI>
Subject: [secdir] Secdir last call review of draft-ietf-sidr-slurm-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Feb 2018 15:00:32 -0000

Reviewer: Daniel Migault
Review result: Has Nits


I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

The summary of the review is Ready with nits:

•	section 1: Introduction

   However, an RPKI relying party may want to override some of the
   information expressed via putative TAs and the certificates

<mglt>It seems that TA is being used for the first time here. The acronym
should be extended to ease the reading of the document. I am reading it 
as Trust Anchor.</mglt>

•	section 2.  RPKI RPs with SLURM

   SLURM provides a simple way to enable RPs to establish a local,

<mglt>It seems to me the acronym RP is used for the first time. It seems that 
it should be expanded to ease the reading of the document. I am reading it 
as Relaying Party.</mglt>

•	section 6 Security considerations

<mglt>I My reading is that the section catches the criticality of the SLURM 
files and that network operators are already familiar provisioning critical 
data. As such I believe the section is sufficiently clear.</mglt>

•	whole document:

<mglt>It seems that BGPSec, and BGPsec are used together. I believe this 
should be harmonized to BGPsec.</mglt>