Last Call Review of draft-ietf-core-etch-02
review-ietf-core-etch-02-secdir-lc-hallam-baker-2016-09-08-00

Request Review of draft-ietf-core-etch
Requested rev. no specific revision (document currently at 04)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2016-09-07
Requested 2016-08-25
Draft last updated 2016-09-08
Completed reviews Genart Last Call review of -02 by Christer Holmberg (diff)
Secdir Last Call review of -02 by Phillip Hallam-Baker (diff)
Opsdir Last Call review of -02 by Sheng Jiang (diff)
Assignment Reviewer Phillip Hallam-Baker
State Completed
Review review-ietf-core-etch-02-secdir-lc-hallam-baker-2016-09-08
Reviewed rev. 02 (document currently at 04)
Review result Has Issues
Review completed: 2016-09-08

Review
review-ietf-core-etch-02-secdir-lc-hallam-baker-2016-09-08

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.

 

Summary: Ready with one minor issue

The only problem I had was working out what the authors meant by idempotent because the term is unfortunately used to mean different things. So the fact it is being used correctly here doesn't necessarily help the reader.

The term is explained in rfc7252 but doesn't have an entry in the terms and definitions section. Where it is explained (sec 5.4) the explanation is consistent with HTTP practice. But I think it would help a lot if besides saying that the effect of doing the operation repeatedly, it was stated that the effect is that message replay doesn't have effect.

Since it isn't defined in rfc7252 terms and definitions, it needs an entry in this draft and there should probably be an errata on rfc7252 so that it can be fixed on the next rev.

It would be useful to point that out in the security considerations section as well.