Last Call Review of draft-sparks-genarea-mailarch-improvements-02
review-sparks-genarea-mailarch-improvements-02-secdir-lc-kaufman-2016-02-11-00
| Request | Review of | draft-sparks-genarea-mailarch-improvements |
|---|---|---|
| Requested revision | No specific revision (document currently at 02) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2016-02-18 | |
| Requested | 2016-01-28 | |
| Authors | Robert Sparks | |
| I-D last updated | 2016-02-11 | |
| Completed reviews |
Genart Last Call review of -02
by Ralph Droms
Secdir Last Call review of -02 by Charlie Kaufman Opsdir Last Call review of -02 by Jon Mitchell |
|
| Assignment | Reviewer | Charlie Kaufman |
| State | Completed | |
| Request | Last Call review on draft-sparks-genarea-mailarch-improvements by Security Area Directorate Assigned | |
| Reviewed revision | 02 | |
| Result | Ready | |
| Completed | 2016-02-11 |
review-sparks-genarea-mailarch-improvements-02-secdir-lc-kaufman-2016-02-11-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This is an unusual RFC candidate – even as informational – in that it is effectively a wish list for improvements to the IETF’s “mailarch” tool for searching email archives. It’s not quite a requirements document, but rather seems to describe a well developed design, as indicated by stating that the new version should work without requiring _javascript_ on the client, but that in that mode would give up certain enumerated features. Since all of the archives are public, and the search engine should only have the right to read them, the only significant security considerations are with respect to denial of service. That issue is briefly raised in RFC 6778, which this document references. --Charlie