[Last-Call] Secdir last call review of draft-ietf-dnssd-update-lease-07

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Shivan Sahib
Review result: Has Nits

A few minor issues for the Security Considerations section:

1. RFC 2119 keywords are used for some but not all bounds mentioned in this
section. Is there a reason we don't use SHOULD and RECOMMEND for the maximum
acceptable value for the LEASE values?

2. It would be useful for the document to also RECOMMEND a minimum interval
between updates.

3. More broadly, ISTM that all the recommended values here (minimum interval
between updates, lease renewal min and max) should be moved up into the main
content of the document. A too-short lease, for e.g., has implications not just
for security but operation in general.

4. Is the "public key signing" a reference to SIG(0) [RFC 2931]?

5. Again, the language is in the last para of the Security Considerations
section around auth strategy is not very strong. Perhaps a reference to RFC
3007 would help.

6. "conver" in the last sentence of this section seems like a typo, I'm not
sure what this sentence means.


-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux