Skip to main content

Last Call Review of draft-ietf-regext-data-escrow-05
review-ietf-regext-data-escrow-05-opsdir-lc-hares-2020-02-29-00

Request Review of draft-ietf-regext-data-escrow
Requested revision No specific revision (document currently at 10)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2020-02-28
Requested 2020-02-14
Authors Gustavo Lozano Ibarra
Draft last updated 2020-02-29
Completed reviews Opsdir Last Call review of -05 by Susan Hares (diff)
Genart Last Call review of -04 by Stewart Bryant (diff)
Intdir Telechat review of -05 by Carlos J. Bernardos (diff)
Assignment Reviewer Susan Hares
State Completed
Review review-ietf-regext-data-escrow-05-opsdir-lc-hares-2020-02-29
Posted at https://mailarchive.ietf.org/arch/msg/ops-dir/V9R9wBQeCrp_XPs5ow39R23xTQI
Reviewed revision 05 (document currently at 10)
Result Ready
Completed 2020-02-29
review-ietf-regext-data-escrow-05-opsdir-lc-hares-2020-02-29-00
Status:  Ready
comments:  Excellent write-up

Detailed Comment:  I have read and re-read this document to find an error in
the technical text.  Congratulations to the authors.  This is one of the few
documents I cannot find any improvement in the base text.

Did you check the text code snippet with a validator?  If not, it is normally
good form.

My operational comments on this document are "meta-comments" for the Operations
AD below
-------------------

The security section starts out with the phrase:
 "This specification does not define the security mechanism to be used
in the transmission of the dat escrow deposits, since it only
specifies the  minimum necessary to enable the rebuidling of a
registry from the deposits wtihotu intervention from the original registry."

Given this focus, it is difficult to determine if the data deposited is really
the data that was on the original source.   The language among the
depositers is couched in "recommended" and "should".

As a META question, the IESG reviewers should ask is the the "best"
than can be done due to the on the legal constraints in the countries
that the data registries live in.  If so, it would be wise to provide
a second document that provides additional suggestions for
countries in which additional operational security can be mandated.