[secdir] Secdir last call review of draft-ietf-add-split-horizon-authority-11

Watson Ladd via Datatracker <noreply@ietf.org> Wed, 29 May 2024 19:26 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D88C2C1519AA; Wed, 29 May 2024 12:26:33 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Watson Ladd via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.13.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <171701079387.64031.6262088834086694940@ietfa.amsl.com>
Date: Wed, 29 May 2024 12:26:33 -0700
Message-ID-Hash: TUJBLPKUFSSGIBOHUYXMJPUFQPDU4JY5
X-Message-ID-Hash: TUJBLPKUFSSGIBOHUYXMJPUFQPDU4JY5
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: add@ietf.org, draft-ietf-add-split-horizon-authority.all@ietf.org, last-call@ietf.org
X-Mailman-Version: 3.3.9rc4
Reply-To: Watson Ladd <watsonbladd@gmail.com>
Subject: [secdir] Secdir last call review of draft-ietf-add-split-horizon-authority-11
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/kEgFCBRMo08an8Crm74HktmTGWM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>

Reviewer: Watson Ladd
Review result: Has Nits

Dear IETFers,

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

The summary of the review is Ready With Nits.

I found the document readable and didn't spot any security issues. However,
the security considerations section neglects to explain the importance
of the salt being high entropy and changed when a new authorization record is
created.