Last Call Review of draft-yevstifeyev-ion-report-
review-yevstifeyev-ion-report-secdir-lc-meadows-2011-08-05-00

Resend of my previous message:  I mistyped the tools email address.

Cathy

I have reviewed this document as part of the security directorate's

ongoing effort to review all IETF documents being processed by the

IESG.  These comments were written primarily for the benefit of the

security area directors.  Document editors and WG chairs should treat

these comments just like any other last call comments.

  This draft reports on the IETF Operational Notes Process (ION) process
  experiment,

which was intended to provide a repository for operational documents that were
intended to stand

somewhere between RFC's and Internet Drafts by being less permanent than RFC's
but easier to reference

than Internet Drafts.  This document describes the RFC's related to this
experiment, and the IONs that were published.

It also formally notes the termination of the experiment, and the reason for
its termination: namely that IESG statements and web pages

already fulfilled the purpose which IONs were designed for.  The document also
gives a description of the subsequent history of the IONs, all except one of
which

were re-published in another form.

This document does not have much to do with security, since it  merely records
the history of the of an experimental method of publishing documents,

and the only issue was that an acceptable method of publishing the documents
already existed.  However, I have a little problem with the statement in the
security

considerations section that

IONs did not include protocol specifications and therefore

   terminating this series is not believed to have any impact on

   security of the Internet.

I can think of plenty of IETF documents that don't have include protocol
specifications but do

have an impact on security, e.g. informational RFC's on best security
practices.  I would recommend

that the authors instead say that since the it was determined that the
information in IONs could be distributed by other means,

terminating this series should not have any impact on security.

Catherine Meadows

Naval Research Laboratory

Code 5543

4555 Overlook Ave., S.W.

Washington DC, 20375

phone: 202-767-3490

fax: 202-404-7942

email:

catherine.meadows at nrl.navy.mil

Begin forwarded message:

From:

Mail Delivery Subsystem <MAILER-DAEMON at fw5540.nrl.navy.mil>

Date:

August 1, 2011 4:57:59 PM EDT

To:

<meadows at itd.nrl.navy.mil>

Subject:

Returned mail: see transcript for details

The original message was received at Mon, 1 Aug 2011 16:57:52 -0400 (EDT)

from sun1.fw5540.net [10.0.0.11]

   ----- The following addresses had permanent fatal errors -----

<draft-yevstifeyev-ion-report.all at tools.org>

    (reason: 550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User
    unknown)

   ----- Transcript of session follows -----

... while talking to mail.medispecialty.com.:

RCPT To:<draft-yevstifeyev-ion-report.all at tools.org>

<<< 550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown

550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown

Reporting-MTA: dns; fw5540.nrl.navy.mil

Received-From-MTA: DNS; sun1.fw5540.net

Arrival-Date: Mon, 1 Aug 2011 16:57:52 -0400 (EDT)

Final-Recipient: RFC822; draft-yevstifeyev-ion-report.all at tools.org

Action: failed

Status: 5.1.1

Remote-MTA: DNS; mail.medispecialty.com

Diagnostic-Code: SMTP; 550 5.1.1 <draft-yevstifeyev-ion-report.all at
tools.org>... User unknown

Last-Attempt-Date: Mon, 1 Aug 2011 16:57:59 -0400 (EDT)

From:

Catherine Meadows <meadows at itd.nrl.navy.mil>

Date:

August 1, 2011 5:07:19 PM EDT

To:

iesg at ietf.org, secdir at ietf.org, draft-yevstifeyev-ion-report.all at
tools.org

Cc:

Catherine Meadows <meadows at itd.nrl.navy.mil>

Subject:

secdir review of draft-yevstifeyev-ion-report-06