Skip to main content

Telechat Review of draft-ietf-appsawg-received-state-
review-ietf-appsawg-received-state-secdir-telechat-hoffman-2012-07-05-00

Request Review of draft-ietf-appsawg-received-state
Requested revision No specific revision (document currently at 04)
Type Telechat Review
Team Security Area Directorate (secdir)
Deadline 2012-07-17
Requested 2012-06-28
Authors Dave Crocker , Murray Kucherawy
I-D last updated 2012-07-05
Completed reviews Secdir Telechat review of -?? by Paul E. Hoffman
Assignment Reviewer Paul E. Hoffman
State Completed
Request Telechat review on draft-ietf-appsawg-received-state by Security Area Directorate Assigned
Result Ready
Completed 2012-07-05
review-ietf-appsawg-received-state-secdir-telechat-hoffman-2012-07-05-00
I have reviewed this document as part of the Security Directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the Security ADs. Document editors
and WG chairs should treat these comments just like any other last call
comments.

This document defines the new "state" clause for trace header fields that are
used in SMTP. The use of these clauses are optional, and are used to indicate
that a message is entering processing queues such as for moderation or
quarantine.

The Security Considerations section is quite short; basically, the section says
"this might leak some local policy information" and "there are more security
considerations for SMTP trace headers in the current SMTP spec". Because the
new clause is completely optional, this adequately describes the relevant
security issues.

--Paul Hoffman