Skip to main content

Last Call Review of draft-ietf-eai-pop-

Request Review of draft-ietf-eai-pop
Requested revision No specific revision (document currently at 09)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2009-10-20
Requested 2009-10-08
Authors Chris Newman , Randall Gellens
I-D last updated 2009-10-22
Completed reviews Secdir Last Call review of -?? by Catherine Meadows
Assignment Reviewer Catherine Meadows
State Completed
Request Last Call review on draft-ietf-eai-pop by Security Area Directorate Assigned
Completed 2009-10-22
I have reviewed this document as part of the security directorate's

ongoing effort to review all IETF documents being processed by the IESG.

These comments were written primarily for the benefit of the security

area directors.  Document editors and WG chairs should treat these

comments just like any other last call comments.

This document extends the POP3 protocol using the POP3 Extension Mechanism


1) permit un-encoded UTF-8 in headers

2) add a mechanism to support login names outside ASCII character sets

3) add a mechanism to support UTF-8 protocol-level error strings in a language
appropriate for the user

The authors have done a good job of identifying the possible security
implications of this approach and have

also give references to the appropriate documents for the security implications
of using UTF-8 in general.

I don't see any further issues that need to be addressed here.

Catherine Meadows

Naval Research Laboratory

Code 5543

4555 Overlook Ave., S.W.

Washington DC, 20375

phone: 202-767-3490

fax: 202-404-7942


catherine.meadows at