Last Call Review of draft-ietf-mile-template-
review-ietf-mile-template-secdir-lc-weiler-2012-05-18-00

Request Review of draft-ietf-mile-template
Requested rev. no specific revision (document currently at 05)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2012-06-01
Requested 2012-05-18
Other Reviews Genart Last Call review of - by Peter Yee (diff)
Genart Telechat review of - by Peter Yee (diff)
Review State Completed
Reviewer Samuel Weiler
Review review-ietf-mile-template-secdir-lc-weiler-2012-05-18
Posted at http://www.ietf.org/mail-archive/web/secdir/current/msg03311.html
Review result Ready
Draft last updated 2012-05-18
Review completed: 2012-05-18

Review
review-ietf-mile-template-secdir-lc-weiler-2012-05-18

I have reviewed this document as part of the security directorate's 


ongoing effort to review all IETF documents being processed by the 


IESG.  These comments were written primarily for the benefit of the 


security area directors. Document editors and WG chairs should treat 


these comments just like any other last call comments.






This doc provides a template for other i-d's describing IODEF 


extensions.  The template reminds authors that they need a security 


considerations section and cites 3552.  The surrounding document has 


no security considerations of note.  I'm fine with the doc moving 


forward as-is.




Minor:



The doc title and abstract use "IODEF" without expansion, but I think 


it's an uncommon enough term that expansion is needed.






This doc's security considerations section says: "This document 


defines a template for extensions to IODEF; the security 


considerations for IODEF [RFC5070] apply."  I might instead say "This 


document raises no security issues.  Extensions defined using the 


template in Appendix A need to provide an analysis of security issues 


they may raise.  See A.5 for more details."