Last Call Review of draft-yevstifeyev-ion-report-
review-yevstifeyev-ion-report-secdir-lc-meadows-2011-08-05-00

Request Review of draft-yevstifeyev-ion-report
Requested rev. no specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2011-08-09
Requested 2011-07-26
Authors Mykyta Yevstifeyev
Draft last updated 2011-08-05
Completed reviews Secdir Last Call review of -?? by Catherine Meadows
Assignment Reviewer Catherine Meadows
State Completed
Review review-yevstifeyev-ion-report-secdir-lc-meadows-2011-08-05
Review completed: 2011-08-05

Review
review-yevstifeyev-ion-report-secdir-lc-meadows-2011-08-05

Resend of my previous message:  I mistyped the tools email address.

Cathy

I have reviewed this document as part of the security directorate's 

ongoing effort to review all IETF documents being processed by the 

IESG.  These comments were written primarily for the benefit of the 

security area directors.  Document editors and WG chairs should treat 

these comments just like any other last call comments.

  This draft reports on the IETF Operational Notes Process (ION) process experiment,

which was intended to provide a repository for operational documents that were intended to stand

somewhere between RFC's and Internet Drafts by being less permanent than RFC's but easier to reference

than Internet Drafts.  This document describes the RFC's related to this experiment, and the IONs that were published.

It also formally notes the termination of the experiment, and the reason for its termination: namely that IESG statements and web pages

already fulfilled the purpose which IONs were designed for.  The document also gives a description of the subsequent history of the IONs, all except one of which

were re-published in another form.

This document does not have much to do with security, since it  merely records the history of the of an experimental method of publishing documents,

and the only issue was that an acceptable method of publishing the documents already existed.  However, I have a little problem with the statement in the security

considerations section that 

IONs did not include protocol specifications and therefore

   terminating this series is not believed to have any impact on

   security of the Internet.

I can think of plenty of IETF documents that don't have include protocol specifications but do

have an impact on security, e.g. informational RFC's on best security practices.  I would recommend

that the authors instead say that since the it was determined that the information in IONs could be distributed by other means,

terminating this series should not have any impact on security.

Catherine Meadows

Naval Research Laboratory

Code 5543

4555 Overlook Ave., S.W.

Washington DC, 20375

phone: 202-767-3490

fax: 202-404-7942

email: 

catherine.meadows at nrl.navy.mil

Begin forwarded message:

From: 

Mail Delivery Subsystem <MAILER-DAEMON at fw5540.nrl.navy.mil>

Date: 

August 1, 2011 4:57:59 PM EDT

To: 

<meadows at itd.nrl.navy.mil>

Subject: 

Returned mail: see transcript for details

The original message was received at Mon, 1 Aug 2011 16:57:52 -0400 (EDT)

from sun1.fw5540.net [10.0.0.11]

   ----- The following addresses had permanent fatal errors -----

<draft-yevstifeyev-ion-report.all at tools.org>

    (reason: 550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown)

   ----- Transcript of session follows -----

... while talking to mail.medispecialty.com.:

RCPT To:<draft-yevstifeyev-ion-report.all at tools.org>

<<< 550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown

550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown

Reporting-MTA: dns; fw5540.nrl.navy.mil

Received-From-MTA: DNS; sun1.fw5540.net

Arrival-Date: Mon, 1 Aug 2011 16:57:52 -0400 (EDT)

Final-Recipient: RFC822; draft-yevstifeyev-ion-report.all at tools.org

Action: failed

Status: 5.1.1

Remote-MTA: DNS; mail.medispecialty.com

Diagnostic-Code: SMTP; 550 5.1.1 <draft-yevstifeyev-ion-report.all at tools.org>... User unknown

Last-Attempt-Date: Mon, 1 Aug 2011 16:57:59 -0400 (EDT)

From: 

Catherine Meadows <meadows at itd.nrl.navy.mil>

Date: 

August 1, 2011 5:07:19 PM EDT

To: 

iesg at ietf.org, secdir at ietf.org, draft-yevstifeyev-ion-report.all at tools.org

Cc: 

Catherine Meadows <meadows at itd.nrl.navy.mil>

Subject: 

secdir review of draft-yevstifeyev-ion-report-06