Last Call Review of draft-ietf-sieve-vacation-seconds-
review-ietf-sieve-vacation-seconds-secdir-lc-tsou-2010-11-12-00

Request Review of draft-ietf-sieve-vacation-seconds
Requested rev. no specific revision (document currently at 03)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-11-08
Requested 2010-10-29
Draft last updated 2010-11-12
Completed reviews Secdir Last Call review of -?? by Tina Tsou
Assignment Reviewer Tina Tsou
State Completed
Review review-ietf-sieve-vacation-seconds-secdir-lc-tsou-2010-11-12
Review completed: 2010-11-12

Review
review-ietf-sieve-vacation-seconds-secdir-lc-tsou-2010-11-12

I have reviewed this document as part of the security directorate's

ongoing effort to review all IETF documents being processed by the IESG.

These comments were written primarily for the benefit of the security

area directors.  Document editors and WG chairs should treat these

comments just like any other last call comments.

This document describes a further extension to the Sieve Vacation
   extension, allowing multiple auto-replies to the same sender in a
   single day by adding a ":seconds" parameter.

In section 4, it says

   Security considerations for the Sieve Vacation extension [RFC5230]
   apply equally here.  In addition, implementations SHOULD consider the
   number of auto-replies that might be generated by allowing small
   values of ":seconds" (including 0), and MAY impose additional limits
   on that number.  See the Security Considerations section of RFC 3834
   [RFC3834] for a fuller discussion.

I don't see any other pending issues regarding the security aspect.

 

B. R.

Tina

http://tinatsou.weebly.com