[secdir] SecDir Review of draft-ietf-radext-nai-10
Yoav Nir <ynir.ietf@gmail.com> Thu, 13 November 2014 22:20 UTC
Return-Path: <ynir.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 143FE1ADF33; Thu, 13 Nov 2014 14:20:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OSJDYaEpZDCV; Thu, 13 Nov 2014 14:19:58 -0800 (PST)
Received: from mail-wi0-x231.google.com (mail-wi0-x231.google.com [IPv6:2a00:1450:400c:c05::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4EEDE1AD6EC; Thu, 13 Nov 2014 14:19:58 -0800 (PST)
Received: by mail-wi0-f177.google.com with SMTP id l15so988592wiw.16 for <multiple recipients>; Thu, 13 Nov 2014 14:19:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:subject:date:message-id:cc:to:mime-version; bh=0XEqej2vsREgs8x3D5ZicbhS0Port+iU7fFbrJEh1FE=; b=F8Xcf0b8CiAwevxIV6NEaV0DK2W69u/5v4pw2rVtkixK1HRZ6GejkldL28m2Ufj4WT SkJYBzTLZEJqn5fBZQ/UHqc2HIzSjXeZ+E9VwMO6gmuEJWDPCpQoEaAHfampPYOMhfa6 z+Ft4pXvuNcvbSVyKPIivPCBglw0Hf1e1AhPFmvQa1jTu8+HfixQs/ssvh8DIgMk8sbk c51Hci1X60g64rRS5Tv924UMyn/UaT9AhzZCTCdrpMTILIGZc9eHEM8xmJrkEIU3CaEk QVwddfzqawqaovnY/Y1vrDMC1DWkp0boSZObE4JzCNdLKMYwObkQgxfNlsEOEttTyzPA 3DSQ==
X-Received: by 10.194.109.69 with SMTP id hq5mr8392123wjb.86.1415917197062; Thu, 13 Nov 2014 14:19:57 -0800 (PST)
Received: from dhcp-a75f.meeting.ietf.org (dhcp-a75f.meeting.ietf.org. [31.133.167.95]) by mx.google.com with ESMTPSA id gc7sm37209795wjb.16.2014.11.13.14.19.55 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 13 Nov 2014 14:19:56 -0800 (PST)
From: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_E675FBD2-1D56-4DD2-BA8E-34EFE5269B4C"
Date: Thu, 13 Nov 2014 12:19:53 -1000
Message-Id: <7DF70E98-A89F-4401-B704-DC6FED6FFDB0@gmail.com>
To: draft-ietf-radext-nai.all@tools.ietf.org, IESG <iesg@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1990.1\))
X-Mailer: Apple Mail (2.1990.1)
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/sLh0t3ztjikNJzn73X2BryS4q_k
Cc: secdir <secdir@ietf.org>
Subject: [secdir] SecDir Review of draft-ietf-radext-nai-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Nov 2014 22:20:00 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: Document is ready. Some nits: In section 2.6: Conversion to Unicode as well as normalization SHOULD be performed by edge systems such as laptops that take "local" text as input. These edge systems are best suited to determine the users intent, and can best convert from "local" text to a normalized form. I think it’s weird to use “laptop” here, as the luggability plays no part. “PC” would be better. In fact, I don’t think mobile phones are any different in this respect. The same section says that Edge systems should normalize text, so AAA systems should not. It then goes on to say that today edge systems don’t always normalize text, so the AAA systems should. That’s a strange way to move forward, unless we’re sure that double-normalization does not cause problems. The security considerations text is copied from RFC 4282. It still seems sufficient. This is remarkable considering that privacy is a big part of it, and privacy was not a hot topic on everyone’s mind in 2005 when RFC 4282 was written. Yoav