Last Call Review of draft-yevstifeyev-ion-report-

Request Review of draft-yevstifeyev-ion-report
Requested rev. no specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2011-08-09
Requested 2011-07-26
Authors Mykyta Yevstifeyev
Draft last updated 2011-08-05
Completed reviews Secdir Last Call review of -?? by Catherine Meadows
Assignment Reviewer Catherine Meadows
State Completed
Review review-yevstifeyev-ion-report-secdir-lc-meadows-2011-08-05
Review completed: 2011-08-05


Resend of my previous message:  I mistyped the tools email address.


I have reviewed this document as part of the security directorate's 

ongoing effort to review all IETF documents being processed by the 

IESG.  These comments were written primarily for the benefit of the 

security area directors.  Document editors and WG chairs should treat 

these comments just like any other last call comments.

  This draft reports on the IETF Operational Notes Process (ION) process experiment,

which was intended to provide a repository for operational documents that were intended to stand

somewhere between RFC's and Internet Drafts by being less permanent than RFC's but easier to reference

than Internet Drafts.  This document describes the RFC's related to this experiment, and the IONs that were published.

It also formally notes the termination of the experiment, and the reason for its termination: namely that IESG statements and web pages

already fulfilled the purpose which IONs were designed for.  The document also gives a description of the subsequent history of the IONs, all except one of which

were re-published in another form.

This document does not have much to do with security, since it  merely records the history of the of an experimental method of publishing documents,

and the only issue was that an acceptable method of publishing the documents already existed.  However, I have a little problem with the statement in the security

considerations section that 

IONs did not include protocol specifications and therefore

   terminating this series is not believed to have any impact on

   security of the Internet.

I can think of plenty of IETF documents that don't have include protocol specifications but do

have an impact on security, e.g. informational RFC's on best security practices.  I would recommend

that the authors instead say that since the it was determined that the information in IONs could be distributed by other means,

terminating this series should not have any impact on security.

Catherine Meadows

Naval Research Laboratory

Code 5543

4555 Overlook Ave., S.W.

Washington DC, 20375

phone: 202-767-3490

fax: 202-404-7942


catherine.meadows at

Begin forwarded message:


Mail Delivery Subsystem <MAILER-DAEMON at>


August 1, 2011 4:57:59 PM EDT


<meadows at>


Returned mail: see transcript for details

The original message was received at Mon, 1 Aug 2011 16:57:52 -0400 (EDT)

from []

   ----- The following addresses had permanent fatal errors -----

<draft-yevstifeyev-ion-report.all at>

    (reason: 550 5.1.1 <draft-yevstifeyev-ion-report.all at>... User unknown)

   ----- Transcript of session follows -----

... while talking to

RCPT To:<draft-yevstifeyev-ion-report.all at>

<<< 550 5.1.1 <draft-yevstifeyev-ion-report.all at>... User unknown

550 5.1.1 <draft-yevstifeyev-ion-report.all at>... User unknown

Reporting-MTA: dns;

Received-From-MTA: DNS;

Arrival-Date: Mon, 1 Aug 2011 16:57:52 -0400 (EDT)

Final-Recipient: RFC822; draft-yevstifeyev-ion-report.all at

Action: failed

Status: 5.1.1

Remote-MTA: DNS;

Diagnostic-Code: SMTP; 550 5.1.1 <draft-yevstifeyev-ion-report.all at>... User unknown

Last-Attempt-Date: Mon, 1 Aug 2011 16:57:59 -0400 (EDT)


Catherine Meadows <meadows at>


August 1, 2011 5:07:19 PM EDT


iesg at, secdir at, draft-yevstifeyev-ion-report.all at


Catherine Meadows <meadows at>


secdir review of draft-yevstifeyev-ion-report-06