Skip to main content

Early Review of draft-ietf-cellar-ffv1-02

Request Review of draft-ietf-cellar-ffv1
Requested revision No specific revision (document currently at 20)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2018-06-30
Requested 2018-05-29
Requested by Michael Richardson
Authors Michael Niedermayer , Dave Rice , Jérôme Martinez
I-D last updated 2018-06-01
Completed reviews Secdir Early review of -02 by Liang Xia (diff)
Genart Early review of -03 by Matthew A. Miller (diff)
Secdir Last Call review of -16 by Liang Xia (diff)
Genart Last Call review of -16 by Joel M. Halpern (diff)
Opsdir Last Call review of -17 by Qin Wu (diff)
We are going to WGLC on this in a week.
This is an Informational document (status will be fixed in -03), of a file format that is already common.
Another document (draft-ietf-cellar-ffv1-v4) is standards track and is coming soon.
This document is from a group of open source coders, and this is their first IETF experience, so please be extra constructive.
Assignment Reviewer Liang Xia
State Completed
Request Early review on draft-ietf-cellar-ffv1 by Security Area Directorate Assigned
Reviewed revision 02 (document currently at 20)
Result Ready
Completed 2018-06-01
The whole draft is in good shape and well written.
Some nits:
1. every word should start with capital letter for the section title;
2. section 2.2.4: / ceil(a) the largest integer less than or equal to a /
ceil(a) the smallest integer larger than or equal to a / 3. section 3.7.2:
[ISO.15444-1.2016]? 4. section 12.1: [I-D.ietf-cellar-ffv1]? 5. section 12.2:
should all the RFC move to the Normative References (section 12.1)?

Issues for clarification:
In Security Considerations, besides the DoS attacks brought by the malicious
payloads, is there any other kinds of attack possibly? For example, virus or
worm are hidden in the malicious payloads to attack the system for more
damages? Does it make sense and what's the consideration?