Last Call Review of draft-kille-ldap-xmpp-schema-06
review-kille-ldap-xmpp-schema-06-secdir-lc-nir-2017-09-21-00
Request | Review of | draft-kille-ldap-xmpp-schema |
---|---|---|
Requested revision | No specific revision (document currently at 10) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2017-09-27 | |
Requested | 2017-08-30 | |
Authors | Steve Kille | |
I-D last updated | 2017-09-21 | |
Completed reviews |
Genart Last Call review of -06
by Stewart Bryant
(diff)
Secdir Last Call review of -02 by Yoav Nir (diff) Opsdir Last Call review of -06 by Joel Jaeggli (diff) Secdir Last Call review of -06 by Yoav Nir (diff) |
|
Assignment | Reviewer | Yoav Nir |
State | Completed | |
Request | Last Call review on draft-kille-ldap-xmpp-schema by Security Area Directorate Assigned | |
Reviewed revision | 06 (document currently at 10) | |
Result | Ready | |
Completed | 2017-09-21 |
review-kille-ldap-xmpp-schema-06-secdir-lc-nir-2017-09-21-00
The original review is pasted below. I've reviewed version -06 and all my concerns have been addressed. ======================================================= Original review: The document defines a couple of OIDs for associating a Jabber ID with an LDAP object. As such, it is very short and straightforward. I'm not too happy with the Security Considerations section, which I'll quote here in its entirety: "This schema enables publishing for XMPP JIDs, and care should be taken to ensure that this information is not accessed inappropriately." This is rather generic, and it's true for any piece of information stored anywhere. If that is all there is to say, the section might as well read "This document only registers OIDs and has no special security considerations." However, I think there is a point that may need to be mentioned. Using this extension links a JID, which is a personal identifier that often appears on the public Internet (much like an email address), to an LDAP object, which is usually limited to an organization, usually the employer of that person. This linkability only exists for people who have access to the LDAP server, so it's just that users have to take the same care with JIDs that they do with email addresses - if you don't want your XMPP messages linked to your employer, or linked to you by your employer, it is better to use a private JID that is not linked to your employer's LDAP. This advice to users may be out of scope, but I would like to see a mention that JIDs are generally public and pseudonymous, and this links them to a real person within an LDAP domain.