[secdir] SecDir review of draft-bbf-bbf-urn-02

Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 14 October 2016 11:10 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16B341294AB for <secdir@ietfa.amsl.com>; Fri, 14 Oct 2016 04:10:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kTflfoz4vCfW for <secdir@ietfa.amsl.com>; Fri, 14 Oct 2016 04:10:23 -0700 (PDT)
Received: from mail-pa0-x231.google.com (mail-pa0-x231.google.com [IPv6:2607:f8b0:400e:c03::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88198129445 for <secdir@ietf.org>; Fri, 14 Oct 2016 04:10:23 -0700 (PDT)
Received: by mail-pa0-x231.google.com with SMTP id rz1so46772919pab.1 for <secdir@ietf.org>; Fri, 14 Oct 2016 04:10:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=OlAD8qpDWLaYL23O3Cwh3I+lr/hYLh1+DuN9PfVe1aM=; b=zaM+cozAv27pIj9bdBBGvCvZWdQ7Zl+coJqd1RjYVvWN3g0PLSVsX0DLiVtaJp/t2O dMLkNvY7BTeSkEfjhR2mz+wSkpzySbU37/KnSDKEWacEvONY/1MJs3aDs52ruhLP9mJq yNlbTChO1JJ12RJyI9ZFRHFIhx2wfvWtv1ELMJfOybHJ13+M5AoW7CXW1Vokqs118Mbl pliCuFVXVuNy33C90sg6KvbJTPJfPu/jxhY1QIZPBiDB/o9y1WVrJuyhADHZQGmkI+Se N4abmI+wacYC8UNCh/RgkcD7x7KK6esMdVOxW3phQWwDQImvpk048Ut4J10WLVzTlL2i x7JQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=OlAD8qpDWLaYL23O3Cwh3I+lr/hYLh1+DuN9PfVe1aM=; b=EflY3EK7B8/DIXuBuz4/pIvq+16s6/5doDCiJ6csI6pni3lxMoaPaAHvKTQNIgL0b4 ADiWib/MLyEFwNMwEeDkG5Uy9N4hnWGyKciE7eIRxGiD4tESPcpNDant94yhgDQ357GL RXEbrSWFDD82tbKt7SA5eD5gMr88KvZdfa0mwDdlLAl0dS7nu+4Gu6zQ7069yjJ0e8Hf cTCKEjoLaEaKdz1+INS+c10CR+kARnAlkdY/i5aqBZZkLraIWjDoAUgrMc1M8TVhl6kh kDj8khfpSI7WOf3B4qJJPZKO//VXwgnJZAa0RUfXaGjP74xEvK/n8UA/ixeUwwpFFBF4 uySg==
X-Gm-Message-State: AA6/9Rl6QZpGD5ArLCaukj3vfuTi+PRrqAznKC5iVxI1dRMSOYqhxrsTrCaUHulJnpGchQ==
X-Received: by 10.66.50.234 with SMTP id f10mr14404588pao.30.1476443423004; Fri, 14 Oct 2016 04:10:23 -0700 (PDT)
Received: from [172.17.200.19] (meade.intuit.com. [199.16.140.27]) by smtp.gmail.com with ESMTPSA id e6sm26653223pfb.57.2016.10.14.04.10.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 14 Oct 2016 04:10:21 -0700 (PDT)
To: IETF Security Directorate <secdir@ietf.org>, draft-bbf-bbf-urn.all@tools.ietf.org
From: Yaron Sheffer <yaronf.ietf@gmail.com>
Message-ID: <ab28caa2-ed72-7ef4-065a-bf625a16cd20@gmail.com>
Date: Fri, 14 Oct 2016 14:10:16 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/zPJ81_1IzFjkECp54lD3BntWfjU>
Subject: [secdir] SecDir review of draft-bbf-bbf-urn-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Oct 2016 11:10:25 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors.  Document editors and WG chairs should treat these
comments just like any other last call comments.

Summary

This is just a URN registration, with no relevant security considerations.

Details

To prevent "URN squatting", I would recommend to include an explanation 
why a name that's not trivially associated with "Broadband Forum" is 
claimed here, namely "dslforum-org". Although 2 minutes of research 
suffice to find the answer.

Thanks,
	Yaron