Re: [secdir] review of draft-ietf-ecrit-country-emg-urn-01
Christer Holmberg <christer.holmberg@ericsson.com> Mon, 09 December 2013 09:19 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 399861AE256; Mon, 9 Dec 2013 01:19:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.24
X-Spam-Level:
X-Spam-Status: No, score=-1.24 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, HOST_MISMATCH_NET=0.311, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tCfprMvmrwXT; Mon, 9 Dec 2013 01:19:06 -0800 (PST)
Received: from sessmg21.mgmt.ericsson.se (sessmg21.ericsson.net [193.180.251.40]) by ietfa.amsl.com (Postfix) with ESMTP id 71F251AD9AD; Mon, 9 Dec 2013 01:19:05 -0800 (PST)
X-AuditID: c1b4fb28-b7fb38e000004238-58-52a58b03a1a4
Received: from ESESSHC011.ericsson.se (Unknown_Domain [153.88.253.125]) by sessmg21.mgmt.ericsson.se (Symantec Mail Security) with SMTP id 38.5A.16952.30B85A25; Mon, 9 Dec 2013 10:18:59 +0100 (CET)
Received: from ESESSMB209.ericsson.se ([169.254.9.26]) by ESESSHC011.ericsson.se ([153.88.183.51]) with mapi id 14.02.0347.000; Mon, 9 Dec 2013 10:18:59 +0100
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Leif Johansson <leifj@sunet.se>, "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-ecrit-country-emg-urn.all@tools.ietf.org" <draft-ietf-ecrit-country-emg-urn.all@tools.ietf.org>
Thread-Topic: review of draft-ietf-ecrit-country-emg-urn-01
Thread-Index: AQHO9LicxboO2ApWEUi2pMwHArSoqJpLlfCP
Date: Mon, 09 Dec 2013 09:18:58 +0000
Message-ID: <uu9381cimwgt2dktcna9t626.1386580735418@email.android.com>
References: <52A57F11.40502@sunet.se>
In-Reply-To: <52A57F11.40502@sunet.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrCLMWRmVeSWpSXmKPExsUyM+JvrS5z99Iggx8vDC2WnDnMbDHjz0Rm iwW9W5ktPix8yOLA4rFkyU8mj72b+tg9vlz+zBbAHMVlk5Kak1mWWqRvl8CVMX9mYMF39oq7 k7MaGBewdTFyckgImEjc6X3LCGGLSVy4tx4ozsUhJHCCUeLctcPMEM4iRom3U5aydDFycLAJ WEh0/9MGiYsI3GGUWPVwF1i3sICVRP+idUwgtoiAtUT71bnsELaRxL/JTWDbWARUJBqn3GAB sXkF3CQ2TW0D6xUSUJX49LEFrIZTQE2iq2kRK4jNCHTR91NrwGYyC4hL3HoynwniUgGJJXvO M0PYohIvH/9jhajRk7gxdQobhK0tsWzha2aIXYISJ2c+YZnAKDILyahZSFpmIWmZhaRlASPL KkbJ4tTi4tx0I0O93PTcEr3Uoszk4uL8PL3i1E2MwJg5uOW3xg7G7mv2hxilOViUxHmrZnYG CQmkJ5akZqemFqQWxReV5qQWH2Jk4uCUamD0d931bntQ/oktT/SXXUs5c75vX7fGc4MCkWPq S98c13jYNrt7y+p9f+2PLPWZ57WfTfn/jEPOyX9PRVzPccy9Yzy1bP3Dya1X8qZu04nmuMNg IsZ7+nPgsTCe9eHX/J1e+P68NuPaMeUJqdMOf+bx1f2VvKLZomC3p4SfD8PpFNm93TL9EQ8K lViKMxINtZiLihMB1bMteGcCAAA=
Subject: Re: [secdir] review of draft-ietf-ecrit-country-emg-urn-01
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Dec 2013 09:19:08 -0000
Hi Leif, The 'TBD' shall not be there. The document does not update the security considerations of RFC 5031, so I'll replace it with the sentence you suggested. Thanks! Regards, Christer Sent from my Sony Ericsson Xperia arc S Leif Johansson <leifj@sunet.se> wrote: I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The issue I have with this document is that the Security Considerations section sais "TBD". At least say something like "This document does not update the Security Considerations of RFC 5031". Perhaps it could be argued that ECRIT URNs that are country-specific makes it more likely that they be targeted for local attacks but that may be a stretch. Cheers Leif
- [secdir] review of draft-ietf-ecrit-country-emg-u… Leif Johansson
- Re: [secdir] review of draft-ietf-ecrit-country-e… Christer Holmberg
- Re: [secdir] review of draft-ietf-ecrit-country-e… Leif Johansson