Skip to main content

Telechat Review of draft-ietf-regext-data-escrow-05

Request Review of draft-ietf-regext-data-escrow
Requested revision No specific revision (document currently at 10)
Type Telechat Review
Team Internet Area Directorate (intdir)
Deadline 2020-04-07
Requested 2020-03-16
Requested by Éric Vyncke
Authors Gustavo Lozano Ibarra
I-D last updated 2020-03-17
Completed reviews Opsdir Last Call review of -05 by Susan Hares (diff)
Genart Last Call review of -04 by Stewart Bryant (diff)
Intdir Telechat review of -05 by Carlos J. Bernardos (diff)
Assignment Reviewer Carlos J. Bernardos
State Completed
Request Telechat review on draft-ietf-regext-data-escrow by Internet Area Directorate Assigned
Posted at
Reviewed revision 05 (document currently at 10)
Result Ready w/nits
Completed 2020-03-17
Reviewer: Carlos J. Bernardos
Review result: Ready with nits

I am an assigned INT directorate reviewer for draft-ietf-regext-data-escrow 
These comments were written primarily for the benefit of the Internet Area
Directors. Document editors and shepherd(s) should treat these comments just
like they would treat comments from any other IETF contributors and resolve
them along with any other Last Call comments that have been received. For more
details on the INT Directorate, see

I hope these comments are clear and useful.

From an INT directorate point of view the document is ready, as it does not
deal with the mechanisms used to actually transfer the data escrow deposits. I
have some comments regarding the security and privacy sections. - In section 10
(Security considerations):

"Depending on local policies, some elements or, most likely, the whole deposit
will be considered confidential. As such, the registry transmitting the data to
the escrow agent should take all the necessary precautions such as encrypting
the data itself and/or the transport channel to avoid inadvertent disclosure of
private data."

I'd assume the should in "escrow agent should take" should be UPPER case, right?

"Authentication of the parties passing data escrow deposit files is also of the
utmost importance. The escrow agent SHOULD properly authenticate the identity
of the registry before accepting data escrow deposits. In a similar manner, the
registry SHOULD authenticate the identity of the escrow agent before submitting
any data.

Additionally, the registry and the escrow agent SHOULD use integrity checking
mechanisms to ensure the data transmitted is what the source intended.
Validation of the contents by the escrow agent is RECOMMENDED to ensure not
only that the file was transmitted correctly from the registry, but also that
the contents are "meaningful"."

In general, I wonder why not all the SHOULDs in this section are not MUST. But
this should be probably better assessed by the SECDIR.

- In section 11 (Privacy considerations):

"This specification defines a format that may be used to escrow personal data.
The process of data escrow is governed by a legal document agreed by the
parties, and such legal document must regulate the particularities regarding
the protection of personal data."

I'd assume the must should be in UPPER case, no?