[secdir] secdir review of draft-salgueiro-vcarddav-kind-device-06
Samuel Weiler <weiler@watson.org> Tue, 08 January 2013 16:02 UTC
Return-Path: <weiler@watson.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FBD021F8906; Tue, 8 Jan 2013 08:02:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pmUTlBpVlv7n; Tue, 8 Jan 2013 08:02:36 -0800 (PST)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by ietfa.amsl.com (Postfix) with ESMTP id D148421F84EA; Tue, 8 Jan 2013 08:02:35 -0800 (PST)
Received: from fledge.watson.org (localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.14.5/8.14.5) with ESMTP id r08G2YnF081693; Tue, 8 Jan 2013 11:02:34 -0500 (EST) (envelope-from weiler@watson.org)
Received: from localhost (weiler@localhost) by fledge.watson.org (8.14.5/8.14.5/Submit) with ESMTP id r08G2XXP081683; Tue, 8 Jan 2013 11:02:33 -0500 (EST) (envelope-from weiler@watson.org)
X-Authentication-Warning: fledge.watson.org: weiler owned process doing -bs
Date: Tue, 08 Jan 2013 11:02:33 -0500
From: Samuel Weiler <weiler@watson.org>
To: secdir@ietf.org, iesg@ietf.org, draft-salgueiro-vcarddav-kind-device@tools.ietf.org
Message-ID: <alpine.BSF.2.00.1301081057580.42805@fledge.watson.org>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (fledge.watson.org [127.0.0.1]); Tue, 08 Jan 2013 11:02:34 -0500 (EST)
Subject: [secdir] secdir review of draft-salgueiro-vcarddav-kind-device-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jan 2013 16:02:36 -0000
Summary: no objections. There are very real security concerns, but the only surprise is that they're discussed only by reference. The draft refers to the general vCard spec (RFC6350). RFC6350 does an adequate job. One might argue that vCards more devices are more likely to be used in automated and perhaps unfamiliar ways, so the ricks are greater than with vCards for humans. But we let a similar doc (RFC6473) be published a year ago with this same sort of referral, so it's hard to make a case than anything needs to change here. Thanks to the editors for the very readable doc. -- Sam
- [secdir] secdir review of draft-salgueiro-vcardda… Samuel Weiler