Early Review of draft-ietf-cellar-ffv1-02
review-ietf-cellar-ffv1-02-secdir-early-xia-2018-06-01-00
| Request | Review of | draft-ietf-cellar-ffv1 |
|---|---|---|
| Requested revision | No specific revision (document currently at 20) | |
| Type | Early Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2018-06-30 | |
| Requested | 2018-05-29 | |
| Requested by | Michael Richardson | |
| Authors | Michael Niedermayer , Dave Rice , Jérôme Martinez | |
| I-D last updated | 2018-06-01 | |
| Completed reviews |
Secdir Early review of -02
by Liang Xia
(diff)
Genart Early review of -03 by Matthew A. Miller (diff) Secdir Last Call review of -16 by Liang Xia (diff) Genart Last Call review of -16 by Joel M. Halpern (diff) Opsdir Last Call review of -17 by Qin Wu (diff) |
|
| Comments |
We are going to WGLC on this in a week. This is an Informational document (status will be fixed in -03), of a file format that is already common. Another document (draft-ietf-cellar-ffv1-v4) is standards track and is coming soon. This document is from a group of open source coders, and this is their first IETF experience, so please be extra constructive. |
|
| Assignment | Reviewer | Liang Xia |
| State | Completed | |
| Request | Early review on draft-ietf-cellar-ffv1 by Security Area Directorate Assigned | |
| Reviewed revision | 02 (document currently at 20) | |
| Result | Ready | |
| Completed | 2018-06-01 |
review-ietf-cellar-ffv1-02-secdir-early-xia-2018-06-01-00
The whole draft is in good shape and well written. Some nits: 1. every word should start with capital letter for the section title; 2. section 2.2.4: / ceil(a) the largest integer less than or equal to a / ceil(a) the smallest integer larger than or equal to a / 3. section 3.7.2: [ISO.15444-1.2016]? 4. section 12.1: [I-D.ietf-cellar-ffv1]? 5. section 12.2: should all the RFC move to the Normative References (section 12.1)? Issues for clarification: In Security Considerations, besides the DoS attacks brought by the malicious payloads, is there any other kinds of attack possibly? For example, virus or worm are hidden in the malicious payloads to attack the system for more damages? Does it make sense and what's the consideration?