Last Call Review of draft-ietf-ippm-stamp-srpm-11
review-ietf-ippm-stamp-srpm-11-secdir-lc-moriarty-2023-05-27-00
Request | Review of | draft-ietf-ippm-stamp-srpm |
---|---|---|
Requested revision | No specific revision (document currently at 18) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2023-05-17 | |
Requested | 2023-05-03 | |
Authors | Rakesh Gandhi , Clarence Filsfils , Mach Chen , Bart Janssens , Richard "Footer" Foote | |
I-D last updated | 2023-05-27 | |
Completed reviews |
Genart Last Call review of -11
by Joel M. Halpern
(diff)
Secdir Last Call review of -11 by Kathleen Moriarty (diff) Opsdir Last Call review of -11 by Gyan Mishra (diff) Intdir Telechat review of -18 by Tim Chown Secdir Telechat review of -14 by Kathleen Moriarty (diff) |
|
Assignment | Reviewer | Kathleen Moriarty |
State | Completed | |
Request | Last Call review on draft-ietf-ippm-stamp-srpm by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/J8Cfa3nCl3AGq5cd24cQq-InmKM | |
Reviewed revision | 11 (document currently at 18) | |
Result | Has nits | |
Completed | 2023-05-27 |
review-ietf-ippm-stamp-srpm-11-secdir-lc-moriarty-2023-05-27-00
The security considerations could be slightly expanded to refer to the "encrypted mode" and "authenticated mode" that is referenced from RFC8545 security considerations. Perhaps a direct reference to where those are specified would be better than the current reference as that just states in the security considerations section that they are recommended, but that document does not define those options. The reader would then be able to jump to those documents/sections rather than having to take multiple steps to see what the additional security options include. The limit on where this protocol used provides good context. It's also good that the integrity protection is built-in. I appreciate the working group and authors efforts to build-in security options. Well done!