Last Call Review of draft-ietf-appsawg-rfc3536bis-
review-ietf-appsawg-rfc3536bis-secdir-lc-meadows-2011-08-01-00

Request Review of draft-ietf-appsawg-rfc3536bis
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2011-07-12
Requested 2011-06-17
Draft last updated 2011-08-01
Completed reviews Secdir Last Call review of -?? by Catherine Meadows
Assignment Reviewer Catherine Meadows
State Completed
Review review-ietf-appsawg-rfc3536bis-secdir-lc-meadows-2011-08-01
Review completed: 2011-08-01

Review
review-ietf-appsawg-rfc3536bis-secdir-lc-meadows-2011-08-01

I have reviewed this document as part of the security directorate's

ongoing effort to review all IETF documents being processed by the

IESG.  These comments were written primarily for the benefit of the

security area directors.  Document editors and WG chairs should treat

these comments just like any other last call comments.

This draft provides definitions for a set of terms commonly used in internationalization in the IETF, that is terms having to do with the representation of text strings that

appear in protocols in different languages, writing systems, and alphabets.  In the security considerations sections the authors point out that since this draft consists of definitions

of terminology having to do with the representation of text strings, it has only an indirect connection with security in some authentication methods may rely on the comparison of

text strings.  However, I don't see anything in the definition of terms here that would negatively impact the ability to discuss or specify such security methods, so I don't see any

security issues here.

One nit, having nothing to do with security:  I found the phrase

"Internet users must be

   able to be enter text in typical input methods and displayed in any

   human language."

in the introduction somewhat hard to parse.  Does it mean that 1) users should be able to use any of a set of typical input methods and

2) it should be possible to display the results in any human language, or that users should be able to enter text from any human

language using typical input methods?




Catherine Meadows

Naval Research Laboratory

Code 5543

4555 Overlook Ave., S.W.

Washington DC, 20375

phone: 202-767-3490

fax: 202-404-7942

email: 

catherine.meadows at nrl.navy.mil