Security Events
charter-ietf-secevent-01
Yes
No Objection
(Alia Atlas)
(Ben Campbell)
(Benoît Claise)
(Deborah Brungard)
(Jari Arkko)
(Joel Jaeggli)
(Suresh Krishnan)
Note: This ballot was opened for revision 00-00 and is now closed.
Ballot question: "Is this charter ready for external review?"
Alexey Melnikov Former IESG member
Yes
Yes
(2016-10-13 for -00-00)
Unknown
Kathleen, can you suggest specific change to the charter to address your concern?
Alia Atlas Former IESG member
No Objection
No Objection
(for -00-00)
Unknown
Alissa Cooper Former IESG member
No Objection
No Objection
(2016-09-27 for -00-00)
Unknown
I think this charter is missing a note about other WGs or groups that it is going to coordinate with.
Ben Campbell Former IESG member
No Objection
No Objection
(for -00-00)
Unknown
Benoît Claise Former IESG member
No Objection
No Objection
(for -00-00)
Unknown
Deborah Brungard Former IESG member
No Objection
No Objection
(for -00-00)
Unknown
Jari Arkko Former IESG member
No Objection
No Objection
(for -00-00)
Unknown
Joel Jaeggli Former IESG member
No Objection
No Objection
(for -00-00)
Unknown
Kathleen Moriarty Former IESG member
No Objection
No Objection
(2016-10-13 for -00-00)
Unknown
Shouldn't the method for delivering the event be a secure method? How about adding on a sentence after the following section: The Security Events working group will produce a standards-track Event Token specification that includes: - A JWT extension for expressing security events - A syntax that enables event-specific data to be conveyed This Event Token specification will be event transport independent. Adding: A secure transport will be specified.
Mirja Kühlewind Former IESG member
No Objection
No Objection
(2016-09-23 for -00-00)
Unknown
I find the milestone timeline quite agressive but okay.
Spencer Dawkins Former IESG member
No Objection
No Objection
(2016-09-27 for -00-00)
Unknown
I have the same question Kathleen asked (so I'll watch the discussion in that thread).
Stephen Farrell Former IESG member
No Objection
No Objection
(2016-10-13 for -00-00)
Unknown
I have a few things I'd like to see improved before this WG is approved. It's fine that that's done during external evaluation though. - What is an "identity related protocol"? I think it'd be way better to be as specific as possible about what's meant here. - I'm concerned that this bit is overly generic and will lead to delays. It'd be better if the set of relevant events was better characterised in the charter before we start I think. "The Security Events working group will produce a standards-track Event Token specification that includes: - A JWT extension for expressing security events - A syntax that enables event-specific data to be conveyed" - I agree with Kathleen that only secure transports make sense here and that can and should be in the charter. - I think there's some missing text on privacy - we don't want this work to end up helping e.g. advertisers track people across web sites. And we don't want exchange of event information to lead to two co-operating partners being able to build up databases of each others' employees. I'm not sure what'd be right to put in the charter though.
Suresh Krishnan Former IESG member
No Objection
No Objection
(for -00-00)
Unknown