Early Review of draft-ietf-cellar-ffv1-02
|Requested rev.||no specific revision (document currently at 11)|
|Team||Security Area Directorate (secdir)|
|Requested by||Michael Richardson|
|Authors||Michael Niedermayer, Dave Rice, Jerome Martinez|
|Draft last updated||2018-06-01|
Secdir Early review of -02 by Liang Xia
Genart Early review of -03 by Matthew Miller (diff)
We are going to WGLC on this in a week. This is an Informational document (status will be fixed in -03), of a file format that is already common. Another document (draft-ietf-cellar-ffv1-v4) is standards track and is coming soon. This document is from a group of open source coders, and this is their first IETF experience, so please be extra constructive.
|Reviewed rev.||02 (document currently at 11)|
The whole draft is in good shape and well written. Some nits: 1. every word should start with capital letter for the section title; 2. section 2.2.4: / ceil(a) the largest integer less than or equal to a / ceil(a) the smallest integer larger than or equal to a / 3. section 3.7.2: [ISO.15444-1.2016]? 4. section 12.1: [I-D.ietf-cellar-ffv1]? 5. section 12.2: should all the RFC move to the Normative References (section 12.1)? Issues for clarification: In Security Considerations, besides the DoS attacks brought by the malicious payloads, is there any other kinds of attack possibly? For example, virus or worm are hidden in the malicious payloads to attack the system for more damages? Does it make sense and what's the consideration?