Last Call Review of draft-melnikov-smime-msa-to-mda-03
review-melnikov-smime-msa-to-mda-03-genart-lc-gurbani-2014-02-25-00
Request | Review of | draft-melnikov-smime-msa-to-mda |
---|---|---|
Requested revision | No specific revision (document currently at 04) | |
Type | Last Call Review | |
Team | General Area Review Team (Gen-ART) (genart) | |
Deadline | 2014-03-05 | |
Requested | 2014-02-06 | |
Authors | William Ottaway , Alexey Melnikov | |
I-D last updated | 2014-02-25 | |
Completed reviews |
Genart Last Call review of -03
by Vijay K. Gurbani
(diff)
Secdir Last Call review of -02 by Sandra L. Murphy (diff) |
|
Assignment | Reviewer | Vijay K. Gurbani |
State | Completed | |
Request | Last Call review on draft-melnikov-smime-msa-to-mda by General Area Review Team (Gen-ART) Assigned | |
Reviewed revision | 03 (document currently at 04) | |
Result | Ready w/nits | |
Completed | 2014-02-25 |
review-melnikov-smime-msa-to-mda-03-genart-lc-gurbani-2014-02-25-00
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at < http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Please resolve these comments along with any other Last Call comments you may receive. Document: draft-melnikov-smime-msa-to-mda-03 Reviewer: Vijay K. Gurbani Review Date: Feb-25-2014 IETF LC End Date: Mar-05-2014 IESG Telechat date: Unknown I must say that this draft was written with implementors in mind. This is very refreshing. Major: 0 Minor: 0 Nits: 4 This document is ready as a Proposed Standard. Some minor nits follow: Nits: - S2.2, "Organizational policy and good security practice often require that messages be reviewed before they are released to external recipients." Here, I suspect that organizational policy may require such a vetting but I would think that "good security practice" would not. After all, unless a party is forced to do so (the "organizational policy" part), why would one party willingly subject its private communications to a third party before sending it to the recipient? I would not consider that a third party reading my messages a "good security practice". Therefore, I would take the "good security practice" phrase out, unless of course, there is some context to that phrase that I am not privy to. - S3.3, first sentence: "A 'domain signature' is a signature generated on behalf of a set of users in the domain the users are a member of." This sentence appears rather, for the lack of a better word, clunky. How about rewriting this as: "A 'domain signature' is a signature generated on behalf of a set of users who belong to the specific domain." - S5, steps 3-A and 3-B: s/found then/found, then/ There are some more occurences of this, if you feel like it, you may want to change these to have a comma as well. - S7, first paragraph: s/permits masquerade./permits masquerading./ or, s/permits masquerade attacks./ Thanks, - vijay -- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent 1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA) Email: vkg@{bell-labs.com,acm.org} / vijay.gurbani at alcatel-lucent.com Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq