Last Call Review of draft-ietf-ipsecme-split-dns-12
review-ietf-ipsecme-split-dns-12-secdir-lc-santesson-2018-08-19-00
| Request | Review of | draft-ietf-ipsecme-split-dns |
|---|---|---|
| Requested revision | No specific revision (document currently at 17) | |
| Type | IETF Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2018-08-24 | |
| Requested | 2018-08-10 | |
| Authors | Tommy Pauly , Paul Wouters | |
| I-D last updated | 2019-05-28 (Latest revision 2019-03-11) | |
| Completed reviews |
Opsdir Telechat review of -16
by Tim Chown
(diff)
Secdir IETF Last Call review of -12 by Stefan Santesson (diff) Genart IETF Last Call review of -12 by Christer Holmberg (diff) Opsdir IETF Last Call review of -12 by Tim Chown (diff) |
|
| Assignment | Reviewer | Stefan Santesson |
| State | Completed | |
| Request | IETF Last Call review on draft-ietf-ipsecme-split-dns by Security Area Directorate Assigned | |
| Reviewed revision | 12 (document currently at 17) | |
| Result | Has nits | |
| Completed | 2018-08-19 |
review-ietf-ipsecme-split-dns-12-secdir-lc-santesson-2018-08-19-00
In agreement with nit comments in the Gen-Art review. 1) Section 2. Background seems to be a duplication with the introduction section and could probably be merged with this section. 2) In general I wander wether the requirement level "SHOULD" is to week in some places. The concern (and question) here is whether this may lead to uncertainty whether a Split-DNS configuration always will provide the expected level of security (or fail), or wether such configuration may lead to successful communication without the expected level of security ( in compliance with this specification).