Telechat Review of draft-ietf-regext-epp-fees-18
review-ietf-regext-epp-fees-18-secdir-telechat-nir-2019-09-17-00
Request | Review of | draft-ietf-regext-epp-fees |
---|---|---|
Requested revision | No specific revision (document currently at 20) | |
Type | Telechat Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2019-09-17 | |
Requested | 2019-09-09 | |
Authors | Roger Carney , Gavin Brown , Jothan Frakes | |
I-D last updated | 2019-09-17 | |
Completed reviews |
Genart Last Call review of -16
by Stewart Bryant
(diff)
Opsdir Last Call review of -16 by Carlos Pignataro (diff) Secdir Last Call review of -16 by Yoav Nir (diff) Secdir Telechat review of -18 by Yoav Nir (diff) Genart Telechat review of -18 by Stewart Bryant (diff) |
|
Assignment | Reviewer | Yoav Nir |
State | Completed | |
Request | Telechat review on draft-ietf-regext-epp-fees by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/NyWI78IQoOYLkoR3REgYFiVr8R4 | |
Reviewed revision | 18 (document currently at 20) | |
Result | Has nits | |
Completed | 2019-09-17 |
review-ietf-regext-epp-fees-18-secdir-telechat-nir-2019-09-17-00
The changes in revision -17 are fine. I would still like to have it stated that financial information is not at risk of leaking because the account information of a customer is only sent in communications with that customer. The Security Considerations section already says that encryption is used when transmitting financial information. That is necessary but not sufficient. You also need to state that such information is only sent to entities that should have access to that information.