Last Call Review of draft-hoffman-tao-as-web-page-
review-hoffman-tao-as-web-page-secdir-lc-yu-2012-07-13-00

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

The Security Considerations section says

   The Tao is available over TLS at <

https://www.ietf.org/tao.html

>.

This statement seems to imply that protecting the integrity of the Tao
while transmitting it to a reader is important.  The public nature of
the Tao implies that the confidentiality of this channel is also not a
significant concern.  It seems odd to make a statement about the
integrity of the channel between the reader and the www.ietf.org web
server, while saying nothing about the channel that the Tao editor
uses.  It is likely that an attack on the integrity of the editing
channel will have a far greater impact than an attack on the integrity
of the reading channel.

On the other hand, malicious manipulation of the Tao will probably at
worst mislead newcomers about the workings of the IETF, because the
formal process specifications for the IETF are BCP RFCs.
Additionally, if the editor of the Tao can only edit a proposed text,
rather than the officially published version, the IESG can presumably
discover any malicious alterations of the proposed text prior to
approving it.  It seems reasonable to assume that any process that the
IETF Secretariat uses to publish the proposed text after its IESG
approval is no less secure than the processes for publishing other
official information on the IETF web site.