Last Call Review of draft-salgueiro-vcarddav-kind-device-06
review-salgueiro-vcarddav-kind-device-06-secdir-lc-weiler-2013-01-10-00

Request Review of draft-salgueiro-vcarddav-kind-device
Requested rev. no specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2013-01-08
Requested 2012-11-29
Authors Gonzalo Salgueiro, Joe Clarke, Peter Saint-Andre
Draft last updated 2013-01-10
Completed reviews Genart Last Call review of -06 by Vijay Gurbani (diff)
Genart Telechat review of -06 by Vijay Gurbani (diff)
Secdir Last Call review of -06 by Samuel Weiler (diff)
Assignment Reviewer Samuel Weiler 
State Completed
Review review-salgueiro-vcarddav-kind-device-06-secdir-lc-weiler-2013-01-10
Reviewed rev. 06 (document currently at 07)
Review result Ready
Review completed: 2013-01-10

Review
review-salgueiro-vcarddav-kind-device-06-secdir-lc-weiler-2013-01-10

Summary: no objections.



There are very real security concerns, but the only surprise is that 


they're discussed only by reference.  The draft refers to the general 


vCard spec (RFC6350).  RFC6350 does an adequate job.  One might argue 


that vCards more devices are more likely to be used in automated and 


perhaps unfamiliar ways, so the ricks are greater than with vCards for 


humans.  But we let a similar doc (RFC6473) be published a year ago 


with this same sort of referral, so it's hard to make a case than 


anything needs to change here.




Thanks to the editors for the very readable doc.

-- Sam