Last Call Review of draft-martin-urn-globus-02
review-martin-urn-globus-02-secdir-lc-meadows-2016-02-25-00
| Request | Review of | draft-martin-urn-globus |
|---|---|---|
| Requested revision | No specific revision (document currently at 03) | |
| Type | IETF Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2016-03-09 | |
| Requested | 2016-02-11 | |
| Authors | Stuart Martin , Steve Tuecke , Brendan McCollam , Mattias Lidman | |
| I-D last updated | 2016-05-25 (Latest revision 2016-03-18) | |
| Completed reviews |
Genart IETF Last Call review of -02
by Joel M. Halpern
(diff)
Secdir IETF Last Call review of -02 by Catherine Meadows (diff) Opsdir IETF Last Call review of -02 by Stefan Winter (diff) |
|
| Assignment | Reviewer | Catherine Meadows |
| State | Completed | |
| Request | IETF Last Call review on draft-martin-urn-globus by Security Area Directorate Assigned | |
| Reviewed revision | 02 (document currently at 03) | |
| Result | Has nits | |
| Completed | 2016-02-25 |
review-martin-urn-globus-02-secdir-lc-meadows-2016-02-25-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draftt describes a Uniform Resource Name (URN) namespace that is used by the Globus software-as-a-service provider for naming persistent resources. The main requirement is that these identifiers which will persist in external systems, and which must be identifiable as references to Globus entities. The draft specifies the syntax, and describes mechanisms for enforcing uniqueness. In particular, URNs may not be reassigned. In the Security Considerations section, the authors refer the reader to RFC’s 1737 and 2141. The security considerations in RFC 1737 refer to authentication mechanisms which are outside the scope of the document. The recommendations of RFC 1737, however, may require more attention. Its Security Considerations section runs as follows: This document specifies the syntax for URNs. While some namespaces resolvers may assign special meaning to certain of the characters of the Namespace Specific String, any security consideration resulting from such assignment are outside the scope of this document. It is strongly recommended that the process of registering a namespace identifier include any such considerations. The draft does not propose any special meanings for characters in the Namespace Specific String, but I think it would be good to add a sentence in the Security Considerations Section mentioning this stipulation, and pointing out that it does not apply in your case because no such spacial meaning is proposed. I consider this document Ready With Nits. Cathy is being proposed, Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows at nrl.navy.mil