Last Call Review of draft-mm-netconf-time-capability-05

Request Review of draft-mm-netconf-time-capability
Requested rev. no specific revision (document currently at 09)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2015-07-29
Requested 2015-07-02
Authors Tal Mizrahi, Yoram Moses
Draft last updated 2015-07-29
Completed reviews Genart Last Call review of -05 by Robert Sparks (diff)
Genart Telechat review of -08 by Robert Sparks (diff)
Secdir Last Call review of -05 by Ólafur Guðmundsson (diff)
Opsdir Last Call review of -05 by Al Morton (diff)
Assignment Reviewer Ólafur Guðmundsson
State Completed
Review review-mm-netconf-time-capability-05-secdir-lc-gudmundsson-2015-07-29
Reviewed rev. 05 (document currently at 09)
Review result Has Nits
Review completed: 2015-07-29


I have reviewed this document as part of the security directorate's 

ongoing effort to review all IETF documents being processed by the 

IESG.  These comments were written primarily for the benefit of the 

security area directors.  Document editors and WG chairs should treat 

these comments just like any other last call comments.

This document is ready for publication

The document is well written.

The security considerations are clear and accurate. I would like highlight one omission though.  

This capability allows an attacker once it has gained access to schedule events in the future even 

though attackers access has been detected and revoked.