Last Call Review of draft-ietf-asdf-sdf-18
review-ietf-asdf-sdf-18-secdir-lc-nystrom-2024-05-27-00
Request | Review of | draft-ietf-asdf-sdf |
---|---|---|
Requested revision | No specific revision (document currently at 18) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2024-05-22 | |
Requested | 2024-05-08 | |
Authors | Michael Koster , Carsten Bormann , Ari Keränen | |
I-D last updated | 2024-05-27 | |
Completed reviews |
Genart Last Call review of -18
by Mallory Knodel
Secdir Last Call review of -18 by Magnus Nyström Artart Last Call review of -18 by Harald T. Alvestrand Opsdir Last Call review of -18 by Susan Hares |
|
Assignment | Reviewer | Magnus Nyström |
State | Completed | |
Request | Last Call review on draft-ietf-asdf-sdf by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/EN-3aP5-qGr8wzpc7g-_ETOlIFs | |
Reviewed revision | 18 | |
Result | Ready | |
Completed | 2024-05-27 |
review-ietf-asdf-sdf-18-secdir-lc-nystrom-2024-05-27-00
I reviewed this document as part of the Security Directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Security Area Directors. Document authors, document editors, and WG chairs should treat these comments just like any other IETF Last Call comments. This document specifies a format for use in the "creation and maintenance of data and interaction models that describe [physical things possible to connect to]. The Security Considerations section is well written, I have only a couple of questions: - The Security Considerations section mentions the possible need for confidentiality of an SDF model ("There may be confidentiality requirements on SDF models, both on their content and on the fact that a specific model is used in a particular Thing or environment"). Couldn't there also be a need for integrity/authenticity of a given SDF model? The document is silent on this. - Related to the previous point, was it ever discussed to allow for an integrity or authenticity value accompanying or being part of an SDFThing instance?