Skip to main content

Last Call Review of draft-sparks-genarea-mailarch-improvements-02

Request Review of draft-sparks-genarea-mailarch-improvements
Requested revision No specific revision (document currently at 02)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2016-02-18
Requested 2016-01-28
Authors Robert Sparks
I-D last updated 2016-02-11
Completed reviews Genart Last Call review of -02 by Ralph Droms
Secdir Last Call review of -02 by Charlie Kaufman
Opsdir Last Call review of -02 by Jon Mitchell
Assignment Reviewer Charlie Kaufman
State Completed
Request Last Call review on draft-sparks-genarea-mailarch-improvements by Security Area Directorate Assigned
Reviewed revision 02
Result Ready
Completed 2016-02-11

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document
 editors and WG chairs should treat these comments just like any other last
 call comments.

This is an unusual RFC candidate – even as informational – in that it is
effectively a wish list for improvements to the IETF’s “mailarch” tool for
searching email archives. It’s not quite a requirements document, but rather
seems to describe
 a well developed design, as indicated by stating that the new version should
 work without requiring _javascript_ on the client, but that in that mode would
 give up certain enumerated features.

Since all of the archives are public, and the search engine should only have
the right to read them, the only significant security considerations are with
respect to denial of service. That issue is briefly raised in RFC 6778, which
 document references.