Telechat Review of draft-ietf-regext-epp-fees-18

Request Review of draft-ietf-regext-epp-fees
Requested rev. no specific revision (document currently at 20)
Type Telechat Review
Team Security Area Directorate (secdir)
Deadline 2019-09-17
Requested 2019-09-09
Authors Roger Carney, Gavin Brown, Jothan Frakes
Draft last updated 2019-09-17
Completed reviews Genart Last Call review of -16 by Stewart Bryant (diff)
Opsdir Last Call review of -16 by Carlos Pignataro (diff)
Secdir Last Call review of -16 by Yoav Nir (diff)
Secdir Telechat review of -18 by Yoav Nir (diff)
Genart Telechat review of -18 by Stewart Bryant (diff)
Assignment Reviewer Yoav Nir 
State Completed
Review review-ietf-regext-epp-fees-18-secdir-telechat-nir-2019-09-17
Posted at
Reviewed rev. 18 (document currently at 20)
Review result Has Nits
Review completed: 2019-09-17


The changes in revision -17 are fine.  

I would still like to have it stated that financial information is not at risk of leaking because the account information of a customer is only sent in communications with that customer. The Security Considerations section already says that encryption is used when transmitting financial information. That is necessary but not sufficient. You also need to state that such information is only sent to entities that should have access to that information.