Last Call Review of draft-ietf-mile-template-

Request Review of draft-ietf-mile-template
Requested rev. no specific revision (document currently at 05)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2012-06-01
Requested 2012-05-18
Authors Brian Trammell
Draft last updated 2012-05-18
Completed reviews Genart Last Call review of -?? by Peter Yee
Genart Telechat review of -?? by Peter Yee
Secdir Last Call review of -?? by Samuel Weiler
Assignment Reviewer Samuel Weiler
State Completed
Review review-ietf-mile-template-secdir-lc-weiler-2012-05-18
Review result Ready
Review completed: 2012-05-18


I have reviewed this document as part of the security directorate's 

ongoing effort to review all IETF documents being processed by the 

IESG.  These comments were written primarily for the benefit of the 

security area directors. Document editors and WG chairs should treat 

these comments just like any other last call comments.

This doc provides a template for other i-d's describing IODEF 

extensions.  The template reminds authors that they need a security 

considerations section and cites 3552.  The surrounding document has 

no security considerations of note.  I'm fine with the doc moving 

forward as-is.


The doc title and abstract use "IODEF" without expansion, but I think 

it's an uncommon enough term that expansion is needed.

This doc's security considerations section says: "This document 

defines a template for extensions to IODEF; the security 

considerations for IODEF [RFC5070] apply."  I might instead say "This 

document raises no security issues.  Extensions defined using the 

template in Appendix A need to provide an analysis of security issues 

they may raise.  See A.5 for more details."