Last Call Review of draft-ietf-softwire-dslite-deployment-
review-ietf-softwire-dslite-deployment-secdir-lc-gondrom-2012-10-18-00
| Request | Review of | draft-ietf-softwire-dslite-deployment |
|---|---|---|
| Requested revision | No specific revision (document currently at 08) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2012-10-23 | |
| Requested | 2012-10-04 | |
| Authors | Yiu Lee , Roberta Maglione , Carl Williams , Christian Jacquenet , Mohamed Boucadair | |
| Draft last updated | 2012-10-18 | |
| Completed reviews |
Genart Last Call review of -06
by
David L. Black
(diff)
Secdir Last Call review of -?? by Tobias Gondrom |
|
| Assignment | Reviewer | Tobias Gondrom |
| State | Completed | |
| Review |
review-ietf-softwire-dslite-deployment-secdir-lc-gondrom-2012-10-18
|
|
| Result | Has Nits | |
| Completed | 2012-10-18 |
review-ietf-softwire-dslite-deployment-secdir-lc-gondrom-2012-10-18-00
I have reviewed this document as part of the
security directorate's ongoing effort to review all IETF documents
being processed by the IESG. These comments were written
primarily for the benefit of the security area directors.
Document editors and WG chairs should treat these comments just
like any other last call comments.
I believe this document (
draft-ietf-softwire-dslite-deployment)
has an adequate security considerations section and the
main security risks are sufficiently described for an
informational "deployment considerations" RFC.
COMMENTS:
section 2.6:
"Internet hosts such as servers must no longer rely solely on IP
address to identify an abused user."
Don't you mean here: "... an abusive user."
and again in the next sentence "...to identify an abused user..."
should be "...to identify an abusive user".
Nits:
- section 1: Overview
third sentence: first mention of "softwire" may require a
reference
- section 2.5, last paragraph:
s/Depedning on the rate of NAT table changes/Depending on the rate
of NAT table changes
Best regards, Tobias