Last Call Review of draft-ietf-dmarc-eaiauth-03

Request Review of draft-ietf-dmarc-eaiauth
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2019-03-14
Requested 2019-02-28
Authors John Levine
Draft last updated 2019-03-25
Completed reviews Genart Last Call review of -03 by Tim Evens (diff)
Secdir Last Call review of -03 by Leif Johansson (diff)
I18ndir Last Call review of -03 by Martin Dürst (diff)
Assignment Reviewer Leif Johansson
State Completed
Review review-ietf-dmarc-eaiauth-03-secdir-lc-johansson-2019-03-25
Reviewed rev. 03 (document currently at 06)
Review result Has Issues
Review completed: 2019-03-25


I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

The document is mostly ready. 

The one issue I have is that the security considerations section claims
that the proposed changes attempts to mitigate some security issues
in email involving SPF, DMARC and/or DKIM but it is not obvious (at
least not to me) exactly what this amounts to. 

Additional text in the document to clarify this point seems like a good idea.

Cheers Leif