IETF Logo Mail Archive

[secdir] Secdir review of draft-ietf-radext-dynamic-discovery-13

"Brian Weis (bew)" <bew@cisco.com> Wed, 01 April 2015 04:54 UTC

Return-Path: <bew@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 100A01A883D; Tue, 31 Mar 2015 21:54:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BtsxCYjsvrWm; Tue, 31 Mar 2015 21:54:01 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F1A31A8838; Tue, 31 Mar 2015 21:54:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=551; q=dns/txt; s=iport; t=1427864042; x=1429073642; h=from:to:cc:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=uru6G7oRJqqKoaPBNlunvwc70nyhmhHtkc5kkGhsX6M=; b=e97wpI/qUmq6TNgqLTLVCU+/tMQEQd2dlpKnuzOjx3wLq8xG8WDPSwzG G5GL8JBcJW6qhLpAUbziLURQvu5+EEcsNy7OrrDQiIOPd9jrPBfoDO2QF GBJdmawuksUiw9yUygP6/2c4RmNgwvRylnFpQW2Cxr7DPlonIav03aiL7 M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ANBQDFeBtV/5FdJa1cgwaBM8t4gUZMAQEBAQEBfYQbeRIBgQAnBAENiDTODAEBAQEBAQEBAQEBAQEBAQEBAQEZkCGDHoEWAQSQYol1lDsig26CM38BAQE
X-IronPort-AV: E=Sophos;i="5.11,503,1422921600"; d="scan'208";a="408264193"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-5.cisco.com with ESMTP; 01 Apr 2015 04:54:01 +0000
Received: from xhc-aln-x14.cisco.com (xhc-aln-x14.cisco.com [173.36.12.88]) by rcdn-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id t314s0GY021157 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 1 Apr 2015 04:54:00 GMT
Received: from xmb-aln-x04.cisco.com ([169.254.9.86]) by xhc-aln-x14.cisco.com ([173.36.12.88]) with mapi id 14.03.0195.001; Tue, 31 Mar 2015 23:54:00 -0500
From: "Brian Weis (bew)" <bew@cisco.com>
To: The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Thread-Topic: Secdir review of draft-ietf-radext-dynamic-discovery-13
Thread-Index: AQHQbDfeNoJmN5Gq3EulDPmlP6Vogw==
Date: Wed, 01 Apr 2015 04:54:00 +0000
Message-ID: <779642F1-4094-4524-A6B8-EE4E40B1CF8A@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.32.244.211]
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <A2ED409B9E7A7745ADE7E2C79808B1C5@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/zAYtxth-X2HOKjQK1wLDO7X0OFg>
Cc: "draft-ietf-radext-dynamic-discovery.all@tools.ietf.org" <draft-ietf-radext-dynamic-discovery.all@tools.ietf.org>
Subject: [secdir] Secdir review of draft-ietf-radext-dynamic-discovery-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 04:54:03 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. 

Previously I reviewed draft-ietf-radext-dynamic-discovery-12, and while I didn’t have any particular issues with it there were some questions and suggestions for clarifying trust model. The current draft added some really valuable text and figures. I believe it is ready to be published.

Brian

v2.23.0 | Report a Bug | By Email