Last Call Review of draft-yevstifeyev-ion-report-
review-yevstifeyev-ion-report-secdir-lc-meadows-2011-08-05-00
Request | Review of | draft-yevstifeyev-ion-report |
---|---|---|
Requested revision | No specific revision (document currently at 07) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2011-08-09 | |
Requested | 2011-07-26 | |
Authors | Mykyta Yevstifeyev | |
I-D last updated | 2011-08-05 | |
Completed reviews |
Secdir Last Call review of -??
by Catherine Meadows
|
|
Assignment | Reviewer | Catherine Meadows |
State | Completed | |
Request | Last Call review on draft-yevstifeyev-ion-report by Security Area Directorate Assigned | |
Completed | 2011-08-05 |
review-yevstifeyev-ion-report-secdir-lc-meadows-2011-08-05-00
Resend of my previous message: I mistyped the tools email address. Cathy I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft reports on the IETF Operational Notes Process (ION) process experiment, which was intended to provide a repository for operational documents that were intended to stand somewhere between RFC's and Internet Drafts by being less permanent than RFC's but easier to reference than Internet Drafts. This document describes the RFC's related to this experiment, and the IONs that were published. It also formally notes the termination of the experiment, and the reason for its termination: namely that IESG statements and web pages already fulfilled the purpose which IONs were designed for. The document also gives a description of the subsequent history of the IONs, all except one of which were re-published in another form. This document does not have much to do with security, since it merely records the history of the of an experimental method of publishing documents, and the only issue was that an acceptable method of publishing the documents already existed. However, I have a little problem with the statement in the security considerations section that IONs did not include protocol specifications and therefore terminating this series is not believed to have any impact on security of the Internet. I can think of plenty of IETF documents that don't have include protocol specifications but do have an impact on security, e.g. informational RFC's on best security practices. I would recommend that the authors instead say that since the it was determined that the information in IONs could be distributed by other means, terminating this series should not have any impact on security. Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows at nrl.navy.mil Begin forwarded message: From: Mail Delivery Subsystem <MAILER-DAEMON at fw5540.nrl.navy.mil> Date: August 1, 2011 4:57:59 PM EDT To: <meadows at itd.nrl.navy.mil> Subject: Returned mail: see transcript for details The original message was received at Mon, 1 Aug 2011 16:57:52 -0400 (EDT) from sun1.fw5540.net [10.0.0.11] ----- The following addresses had permanent fatal errors ----- <draft-yevstifeyev-ion-report.all at tools.org> (reason: 550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown) ----- Transcript of session follows ----- ... while talking to mail.medispecialty.com.: RCPT To:<draft-yevstifeyev-ion-report.all at tools.org> <<< 550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown 550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown Reporting-MTA: dns; fw5540.nrl.navy.mil Received-From-MTA: DNS; sun1.fw5540.net Arrival-Date: Mon, 1 Aug 2011 16:57:52 -0400 (EDT) Final-Recipient: RFC822; draft-yevstifeyev-ion-report.all at tools.org Action: failed Status: 5.1.1 Remote-MTA: DNS; mail.medispecialty.com Diagnostic-Code: SMTP; 550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown Last-Attempt-Date: Mon, 1 Aug 2011 16:57:59 -0400 (EDT) From: Catherine Meadows <meadows at itd.nrl.navy.mil> Date: August 1, 2011 5:07:19 PM EDT To: iesg at ietf.org, secdir at ietf.org, draft-yevstifeyev-ion-report.all at tools.org Cc: Catherine Meadows <meadows at itd.nrl.navy.mil> Subject: secdir review of draft-yevstifeyev-ion-report-06