Last Call Review of draft-dukhovni-opportunistic-security-01
review-dukhovni-opportunistic-security-01-secdir-lc-takahashi-2014-07-22-00
| Request | Review of | draft-dukhovni-opportunistic-security |
|---|---|---|
| Requested revision | No specific revision (document currently at 06) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2014-08-05 | |
| Requested | 2014-07-10 | |
| Authors | Viktor Dukhovni | |
| I-D last updated | 2014-07-22 | |
| Completed reviews |
Genart Last Call review of -01
by Martin Thomson
(diff)
Genart Last Call review of -05 by Martin Thomson (diff) Secdir Last Call review of -01 by Takeshi Takahashi (diff) Secdir Telechat review of -04 by Takeshi Takahashi (diff) Opsdir Last Call review of -01 by Ron Bonica (diff) Opsdir Telechat review of -04 by Ron Bonica (diff) |
|
| Assignment | Reviewer | Takeshi Takahashi |
| State | Completed | |
| Request | Last Call review on draft-dukhovni-opportunistic-security by Security Area Directorate Assigned | |
| Reviewed revision | 01 (document currently at 06) | |
| Result | Ready | |
| Completed | 2014-07-22 |
review-dukhovni-opportunistic-security-01-secdir-lc-takahashi-2014-07-22-00
Hello, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document defines the term "opportunistic security" and describes its design philosophy. The document begins with describing the difficulties to realize perfect security and talks about the benefit of having opportunistic security. The term "opportunistic security" is roughly defined at the end of section 1, and section 2 describes the design principles that realize the opportunistic security. Finally, the 2nd last paragraph of the section 2 clearly defines the term "opportunistic security" It is an interesting document, and I think it is ready. Considering the intensive discussions in these months(on the saag mailing list) and the nature of the document (informational), I see no reason to block the document moving forward. Below are minor comments. 1. In addition to defining the term "opportunistic security", this document also describes the design philosophy of opportunistic security (in section 2). The abstract could be changed so that it can say this document also talks about the design philosophy. 2. It is really just a comment. When I was reading this document for the first time, I was feeling a bit uneasy; I was expecting to see the clear definition of the term first, then to see the design philosophy, but this document describes the design philosophy of the opportunistic security before having clear definition of the term(2nd last paragraph of section 2, starting with "In summary"). Having said that, the current structure is also fine, since this document is short and concise. Moreover, readers can have clear picture of the opportunistic security in mind by the time they reach the sentences defining the term. 3. The security consideration is fairly short, but I think it is ok. All it says is that opportunistic security is not the maximal security, but it is much secure than no security. That explanation is fine for me. Kind regards, Take