Last Call Review of draft-freytag-lager-variant-rules-05
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.
I consider this draft to be ready with nits.
I reviewed versions -02 and -03. In my review of -03, I noted, "RFC 7940
has a short section in its Security Considerations section, noted below,
about how LGRs are only a partial remedy to the problem. The new
Security Considerations section in -03 seems to indicate that the
problem space may be constrained by properly utilizing certain optional
features of 7940. If that is correct, then perhaps the author would
consider revising the last part of the second paragraph to more clearly
The Security Considerations section in -05 has been updated to amply
The few nits there were have been addressed between -03 and -05.
However, I'm not understanding this sentence in the last paragraph of
the Security Considerations section:
Also, the question of whether to define variants are all, or what
labels are to be considered variants...
Perhaps should be:
Also, the question of whether to define variants _at_ all...