Last Call Review of draft-ietf-kitten-rfc2853bis-
review-ietf-kitten-rfc2853bis-secdir-lc-kaufman-2009-06-05-00

Request Review of draft-ietf-kitten-rfc2853bis
Requested rev. no specific revision (document currently at 05)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2009-05-28
Requested 2009-05-19
Other Reviews
Review State Completed
Reviewer Charlie Kaufman
Review review-ietf-kitten-rfc2853bis-secdir-lc-kaufman-2009-06-05
Posted at http://www.ietf.org/mail-archive/web/secdir/current/msg00676.html
Draft last updated 2009-06-05
Review completed: 2009-06-05

Review
review-ietf-kitten-rfc2853bis-secdir-lc-kaufman-2009-06-05






I am
reviewing this document as part of the security directorate's ongoing effort to
review all IETF documents being processed by the IESG.  These comments
were written primarily for the benefit of the security area directors. 
Document editors and WG chairs should treat these comments just like any other
last call comments. Feel free to forward to any appropriate forum.




 




This refresh of RFC 2853 (GSSAPI JAVA BINDINGS) is almost
trivial. The only technical changes are the renumbering of error codes and OID
values because the values in RFC 2853 were internally inconsistent, missing, or
(in the case of OIDs) obsolete. There are a handful of other minor corrections
in the document (none technical). The document was also refreshed to use the
now-current copyright notices, etc.




 




Since all of the error codes correspond to fatal errors, it
is unlikely that even interoperation with an implementation with bad codes
could cause security problems (just confusing error messages). The security
considerations seemed reasonable in RFC 2853 and they are unchanged here.




 




                --Charlie