[secdir] secdir review of draft-saintandre-tls-server-id-check-14

Barry Leiba <barryleiba@computer.org> Wed, 19 January 2011 18:08 UTC

Return-Path: <barryleiba@gmail.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 1749328C127; Wed, 19 Jan 2011 10:08:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.771
X-Spam-Status: No, score=-102.771 tagged_above=-999 required=5 tests=[AWL=0.206, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id Zxi4AZDpu4il; Wed, 19 Jan 2011 10:08:13 -0800 (PST)
Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com []) by core3.amsl.com (Postfix) with ESMTP id 27BFE28C0EB; Wed, 19 Jan 2011 10:08:13 -0800 (PST)
Received: by iyi42 with SMTP id 42so1141708iyi.31 for <multiple recipients>; Wed, 19 Jan 2011 10:10:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:date:x-google-sender-auth :message-id:subject:from:to:cc:content-type; bh=hZQRXC0fd+4Mxw8QvHTzmhczGObptFtpM54rm+J62Bc=; b=LDrW/RNfv5NwnbP8OsgOAJUImjkS+q2jsqfS5BJS30zs7HEC1RwZslKUmCrCjv1Evq cmYCQcEZqe/4nuvREWw9Gi4v0+GKx/h30K2E+elV9+J6/umLd2lKQ7O0l6SQI1W+Znp8 P+FcvcGRVWsLHsPLhmp7NvzGNq3rDKioZekJI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:cc:content-type; b=dXrCdzlbFmT8uO8bPt/I9gBX6cwBjVnNFwHmlTc45IFqLRdZPATZNy39nhrTJA1lOo hm/QtXvL7bbq6TTozcgDR+vw8PC3wfMPGxt/jcJGJe/0Szpvgq2LfRmQ+oelPbt4+hR6 dus8AAUD6e6EfVc3lfs1s2ApSOEBXcAxlrkLY=
MIME-Version: 1.0
Received: by with SMTP id f10mr1240107ibe.84.1295460653722; Wed, 19 Jan 2011 10:10:53 -0800 (PST)
Sender: barryleiba@gmail.com
Received: by with HTTP; Wed, 19 Jan 2011 10:10:53 -0800 (PST)
Date: Wed, 19 Jan 2011 13:10:53 -0500
X-Google-Sender-Auth: RfYyMQpTxaugMET_xH4-X4wXaQg
Message-ID: <AANLkTimfX7pCR2jhN956-BeQvqAMT26FroKpExsxSjXk@mail.gmail.com>
From: Barry Leiba <barryleiba@computer.org>
To: secdir@ietf.org
Content-Type: text/plain; charset=ISO-8859-1
Cc: draft-saintandre-tls-server-id-check.all@tools.ietf.org, IESG <iesg@ietf.org>
Subject: [secdir] secdir review of draft-saintandre-tls-server-id-check-14
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jan 2011 18:08:14 -0000

This is a re-review of the latest version, for tomorrow's IESG telechat.

I've been following the discussion of the document since my last
review, and am satisfied with where the document is now.  This version
isn't perfect -- and I still find it a difficult read -- but it pretty
much says the right things and steers people in the right direction.
I have some concern about expecting implementors to read it,
understand it, and understand all the implications.  That said, I
think it's ready to publish, and we should go ahead with it.

I see that it still needs five more ADs to take positions on it.  I
urge those ADs who have not done so to register "no objection"